TCG launches initiative to develop “world’s tiniest TPM”
The first prototype for a “tiny TPM”
Groundbreaking work to assure cybersecurity in
the Internet of Things (IoT) era has been initiated, as the Trusted
Computing Group (TCG) launched a new project to create the “world’s
tiniest Trusted Platform Module (TPM).”
Many manufacturers want to build devices that include Roots of Trust for Measurement
(RTM), Storage (RTS) and Reporting (RTR) so that these devices can work
securely within the TCG Measurement and Attestation framework. Today, TPM chips
are used to implement the RTS and RTR in a highly secure manner.
As IoT adoption continues to grow, a rising number of devices are so small that
the inclusion of a full TPM chip might be impractical due to factors such as
cost, space and power. TCG’s new Measurement and Attestation RootS (MARS)
Subgroup has been formed to develop specifications that will enable
manufacturers to build compliant chips with very little overhead for them and
their customers.
“In a nutshell, we want to specify what the tiniest TPM needs to be so it can
be integrated directly within the host chip,” said Tom Brostrom, Chair of the
MARS Subgroup. “This will ensure that devices that aren’t big enough to
integrate a separate TPM will still be able to retain the required RTS/RTR
capabilities. In turn, this will allow greater reach of trusted computing
technologies over a wider set of devices and use cases.”
The first prototype for such a TPM (known as Radicle) was exhibited during
TCG’s members’ meeting held in Warsaw, Poland, this week during the inaugural
session of the MARS Subgroup. The team also agreed on the scope of its work,
which will focus on the hardware requirements necessary to control and operate
the primitives supporting the RTS and RTR, and the software API to access them.
A number of TCG’s other ongoing projects were also progressed during the
members’ meeting, including work on specifications for secure software and
firmware updates for embedded systems. Security in the Internet of Things
(IoT), including industrial applications and the automotive industry was
another key focus.
“As we put greater trust in things like autonomous cars, smart homes and
healthcare sensors, and connect them to the Internet, we need to take steps to
make sure connected devices are ubiquitously secure to protect them from data
breaches and hackers,” said Dr. Joerg Borchert, President of TCG. “As an
international standard, TCG’s TPM is widely deployed and a proven solution.
This makes our technologies ideally suited to deliver on the new security needs
emerging as we move towards a world where everything is connected. The work undertaken
at our latest members’ meeting will ultimately deliver the specifications
needed to achieve this.”
Source: TCG media announcement
