Pavona: Open-Source Silicon to Secure a Post-Quantum World

REDWOOD CITY, CA – May 26, 2026 – As the technology world races toward a future powered by AI and ubiquitous connectivity, a parallel race is underway to secure it from a looming threat: the quantum computer. Today, standards body GlobalPlatform launched a significant new contender in this security race, Pavona, an open-source silicon distribution designed to build a foundation of trust directly into the chips that power our world.

Pavona offers a library of production-quality, certification-ready silicon IP components and reference designs. Critically, it includes the first openly available post-quantum cryptography (PQC) stack for embedded silicon, a move aimed at future-proofing devices against the day when quantum computers can break today's encryption standards.

The Quantum Countdown

The launch arrives at a pivotal moment. The U.S. National Institute of Standards and Technology (NIST) recently finalized the first set of PQC standards—including ML-KEM and ML-DSA—after a multi-year global competition. With government mandates like National Security Memorandum 10 setting a 2035 deadline for federal systems to migrate to quantum-resistant cryptography, the pressure is on for the entire technology ecosystem to adapt.

Pavona is engineered to meet this challenge head-on. By incorporating the newly standardized ML-KEM and ML-DSA algorithms from day one, it provides hardware designers with a direct path to compliance and long-term security. The initiative aims to move beyond theoretical readiness and provide a practical, silicon-proven toolkit for building the next generation of secure devices.

"Open-source silicon has reached an inflection point and is becoming a common way to collaborate across the IoT ecosystem," said Gil Bernabeu, Chief Technology Officer at GlobalPlatform. "Pavona brings that vision to life... much as Linux enabled open-source software to move from research into production environments. We are proud to host this initiative, which will accelerate the development, integration, and adoption of root-of-trust-based open-source silicon."

A New Blueprint for Secure Silicon

Unlike traditional monolithic chip designs, which are often proprietary and inflexible, Pavona introduces a modular, "composable" framework. It functions as a distribution, much like a Linux distribution in the software world, providing a curated IP library and a composition engine. This allows integrators to select, configure, and assemble secure silicon subsystems tailored to their specific needs, whether for massive datacenter AI accelerators, automotive controllers, or tiny, resource-constrained IoT devices.

This approach is intended to democratize access to high-grade security, breaking the reliance on proprietary, single-vendor implementations that can create supply chain bottlenecks and security blind spots. The project's maturity is underscored by the successful fabrication of two reference designs at TSMC's cutting-edge 3nm (N3) process: a standalone chip root of trust and an integrated root of trust for chiplet architectures.

"The world faces a rising tide of cyber insecurity, with mounting costs from devices that are fundamentally untrustworthy," stated Dominic Rizzo, Governing Board Chair of Pavona and CEO of ZeroRISC. "The foundational answer is secure silicon — and silicon itself is becoming critical infrastructure. Trustworthy chip security should be easy to integrate, accessible to all, and independently governed — never locked inside proprietary, single-vendor implementations."

Performance in a Post-Quantum World

A major hurdle for PQC adoption has been the performance overhead of the new, more complex algorithms on embedded systems. Pavona directly addresses this through hardware-software co-design. Research from a multi-year collaboration between ZeroRISC, the Max Planck Institute for Security and Privacy, and Academia Sinica—work that is now part of the Pavona distribution—demonstrated remarkable efficiency gains.

The results, presented at the Real World Crypto 2026 conference, showed 6–9x performance improvements for the ML-KEM and ML-DSA algorithms on embedded silicon. Perhaps more impressively, these gains were achieved with a "near-zero area cost," meaning the enhanced security does not require a significant increase in chip size or cost. This breakthrough is critical for making PQC practical for the billions of small, power-sensitive devices that make up the Internet of Things.

Rizzo, whose company was central to this technical work, emphasized the collaborative and accessible nature of the project. "Pavona was designed for collaboration from day one: clear getting-started guides, hardware-native CI, a Yocto-inspired governance model, and silicon-proven designs. This is the maturation of years of open-source silicon development, built for scale."

A Coalition for Trustworthy Chips

The initiative is launching with a powerful coalition of twelve founding members, signaling broad industry buy-in. The roster includes semiconductor giants like Qualcomm Technologies and Analog Devices, AI leaders Meta and Tenstorrent, memory specialists Winbond, and a host of IP providers and top-tier academic institutions.

The motivations for such a diverse group are clear. For companies like Meta and Qualcomm, integrating PQC-ready, verifiable security at the silicon level is essential for protecting future AI models, user data, and critical infrastructure. For semiconductor manufacturers, Pavona offers a standardized, certification-ready path to meet growing customer demand for secure-by-default components, mitigating supply chain risks and fostering innovation.

The project's governance structure is designed to ensure neutrality and longevity. Hosted by GlobalPlatform, it features a member-funded Governing Board and an independent Technical Steering Committee responsible for the technical roadmap. This model, inspired by successful open-source projects like Yocto and Zephyr, aims to combine community-driven development with the rigorous standards required for commercial adoption and mass-market certification.

Paving the Road to Certification

A key promise of Pavona is that its components are "certification-ready" for standards like FIPS 140-3 and Common Criteria. These certifications are non-negotiable for products sold into government and other high-security markets. Historically, the certification process for hardware has been a complex and expensive barrier, particularly for smaller companies.

By building its IP and reference designs according to these stringent security requirements from the outset, Pavona aims to significantly streamline the path to certification for end products. The transparency of open-source hardware, once viewed with suspicion by security professionals, is now seen as a strength. Public scrutiny by a global community of experts can uncover and fix vulnerabilities more effectively than the "security by obscurity" model of closed, proprietary designs. This follows a trend set by other successful open-source hardware security projects like OpenTitan.

The entire Pavona IP repository, composition engine, and continuous integration dashboards are publicly available today at pavona.org. Developers can access source code, documentation, and examples, with the project promising that a new contributor can build and simulate a reference design in under an hour, lowering the barrier to entry for building the next generation of trustworthy hardware.