OPINION:
China is not shy about challenging U.S. tech. Just recently, Beijing accused Nvidia of violating its antitrust laws and opened an investigation into whether the company’s H20 chips pose national security risks. Regulators questioned local companies about their dependence on Nvidia processors, and state media cast doubt on their reliability. The message from Beijing was clear: When foreign technology threatens China’s ambitions, it gets put under a microscope.
To protect our national interests, the U.S. needs to take a page out of China’s playbook and hold open-source chip architecture RISC-V to that same level of scrutiny. Yet the RISC-V Summit will convene this week in Santa Clara, California. Why should an event championing a technology increasingly bankrolled by Beijing be held in the heart of Silicon Valley, all while Chinese regulators continue to slam U.S. chipmakers?
RISC-V was developed at the University of California, Berkeley, in 2010. Unlike licensed, proprietary designs, RISC-V is free to use and modify. That openness has made it popular among academics, researchers and tech startups. It also has given China a way around U.S. export controls. When Washington restricts access to advanced chips, Chinese firms can simply turn to RISC-V designs that lack one specific source.
The U.S. needs to close the loophole now by expending export controls to keep American companies from unintentionally strengthening China’s RISC-V build-out, holding RISC-V hardware used in critical supply chains to the same level of review that Beijing does and investing in secure alternatives. This will ensure that U.S. firms and allies aren’t left dependent on an architecture our rivals can shape and tamper with to their liking.
Why does this all matter? Because RISC-V is no longer just an experiment in open innovation. For China, it promises independence from U.S. technology and a stronger position in the global chip market. For the U.S., it raises critical questions about whether we can trust an open-source design that is increasingly shaped by a geopolitical rival and what vulnerabilities that could introduce into our most critical systems.
The Trump administration recently expanded the Commerce Department’s entity list restrictions to cover subsidiaries of blacklisted firms, a move aimed at preventing Chinese companies from setting up affiliates to skirt sanctions. That progress could be undercut if we leave the door wide open through RISC-V.
China has wasted little time turning RISC-V into a cornerstone of its chip strategy. Chinese state agencies and sanctioned institutes invested at least $50 million in RISC-V projects from 2018 to 2023. Startups piled on, raising more than $1.1 billion. Now, Chinese companies are touting RISC-V chips running self-driving cars, artificial intelligence models and data centers.
This is further evidenced by patent data. Chinese organizations have filed more than 2,500 patents related to RISC-V, far surpassing filings in the U.S. Many of these patents can be traced back to military-linked universities and the People’s Liberation Army’s top research academy, which has already incorporated RISC-V into new chip designs.
What’s worse, U.S. companies are inadvertently accelerating this growth. Nvidia recently announced plans to port its CUDA software platform to RISC-V processors. Although this move broadened the reach of RISC-V, it also boosted the very ecosystem China is building.
The risks aren’t theoretical. A new report found that DeepSeek, a Chinese AI firm, has been responsible for producing malicious code in roughly half the sensitive cybersecurity incidents analyzed on GitHub. If China is willing to leverage open software in ways that harm global security, why would we assume open-source hardware will be treated differently?
A single compromised RISC-V chip in a power grid, data center or weapons system could hand Beijing a quiet path into critical infrastructure. The more these chips spread, the greater the odds a vulnerability becomes a weapon.
So why are we giving RISC-V a free pass? China is quick to paint U.S. chips as security threats, yet Washington has barely acknowledged the risks posed by Chinese-made RISC-V hardware. The double standard is reckless.
Balancing America’s tradition of open innovation with national security may be hard, but ignoring the risks is dangerous. If we treat RISC-V as a harmless academic experiment while Beijing builds an empire around it, we’ll find ourselves outpaced and exposed.
Beijing understands the stakes. It sees chips as economic engines and tools of power, and it is acting accordingly. Washington can’t afford to sit still. It’s time to treat RISC-V with the same scrutiny China just turned on Nvidia before our openness becomes our biggest liability.
• Jared Whitley is a longtime Washington politico, having worked in the White House, Senate and defense industry. He has an MBA from Hult International Business School in Dubai and in 2024 was named best columnist by the Top of the Rockies competition.
Please read our comment policy before commenting.