In order to address this challenge, TCG launched two complementary technology workgroups, the DICE Workgroup and the Measurement and Attestation RootS (MARS) Subgroup. MARS is responsible for delivering specifications needed to define what the tiniest TPM needs to be, so silicon vendors can integrate TPM functionality into their hardware. DICE provides an alternative for devices where inclusion of a TPM is impractical or infeasible. DICE allows silicon vendors to leverage existing hardware security functionality to enable foundational security scenarios that rely on device identity and attestation.

Along with other industry specifications and standards including NIST 800-193, TCG is ensuring trusted computing and security is within reach across the broadest range of devices, from high-end servers and storage to the smallest IoT devices.

Painting different parts of the cybersecurity picture

The TPM from Trusted Computing Group (TCG) is the standard hardware RoT, providing secure storage of boot and runtime state as well as cryptographic information such as private encryption keys. Resistant to physical attack, the TPM prevents attackers from recoding the device and accessing stored data by hiding these keys so that the data cannot be read and authorized users cannot be locked out. Combined with the technology of DICE, this provides cost-effective, foundational security for any system or component stemming from its simple and adaptable hardware requirements.

In addition to providing hardware-based identity and attestation, DICE creates a platform for data integrity, device recovery, and system updates. It does so with a layered boot architecture, leveraging Unique Device Secrets and individual fingerprints with each layer and configuration. This means that if different code is ever booted, the deviation from a trustworthy boot will be recognized and different secrets will be generated—preventing attackers from accessing any genuine data should they tamper with the device. If, however, a vulnerability did exist and disclose a secret, the code would automatically patch and re-key the device, making it possible to recover the data while preventing it from being read by an attacker.

Cyber resiliency is key to the protection of devices of all sizes. It is essential for developers to give devices the best chance of remaining safeguarded. This is accomplished through protection of updatable persistent code and configuration data and detection when vulnerabilities are not patched, or when corruption has occurred through the capability to recover reliably to a known good state, even if the platform has been compromised.

Preparing for future uncertainties

Experts agree that there is a void in IoT strategy when it comes to the protection of the resources and mechanisms of attestation. Through its collaboration with industry leaders, the Trusted Computing Group is focusing on their specific needs and use cases to ensure that the developed specifications offer the RoT required to protect critical resources and mechanisms. By doing so, the industry will have the necessary tools to efficiently participate in established trusted computing practices.

IoT device manufacturers of all sizes should review and recommit to developing and executing a sound cybersecurity strategy for all new products. Even those that feel fully prepared should engage with experts and ensure any products are protected against exploitation. As the threat landscape becomes more complex, device manufacturers should leverage Trusted Computing technologies to provide more agility and speed of deployment—to be safe in the knowledge that all layers of security are implemented to protect against the growing sophistication of the threats of the future.