Explore the reverse engineering process of the TitanM2 security chip firmware found in Google Pixel phones starting from the Pixel 6 series in this 37-minute conference talk from 39C3. Learn about the TitanM2 chip's modified RISC-V architecture with bignum accelerator and Google's non-standard instruction additions to the RISC-V ISA. Discover methods for obtaining the firmware and understand the specific challenges encountered when reverse engineering this particular binary. Master techniques for extending Ghidra with new instructions to achieve complete decompilation of the firmware. Follow along as the presenter demonstrates building a RISC-V simulator in Python specifically designed for running TitanM2 firmware, providing practical insights into both the theoretical and hands-on aspects of security chip analysis and firmware simulation.