The world’s tiniest TPM

1 July 2019 Infrastructure, Industrial (Industry)

Work to assure cybersecurity in the Internet of Things (IoT) era has been initiated, as the Trusted Computing Group (TCG) launched a new project to create the ‘world’s tiniest Trusted Platform Module (TPM)’.

Many manufacturers want to build devices that include Roots of Trust for Measurement (RTM), Storage (RTS) and Reporting (RTR) so that these devices can work securely within the TCG Measurement and Attestation framework. Today, TPM chips are used to implement the RTS and RTR in a highly secure manner.

As IoT adoption continues to grow, a rising number of devices are so small that the inclusion of a full TPM chip might be impractical due to factors such as cost, space and power. TCG’s new Measurement and Attestation RootS (MARS) Subgroup has been formed to develop specifications that will enable manufacturers to build compliant chips with very little overhead for them and their customers.

“In a nutshell, we want to specify what the tiniest TPM needs to be so it can be integrated directly within the host chip,” said Tom Brostrom, chair of the MARS Subgroup. “This will ensure that devices that aren’t big enough to integrate a separate TPM will still be able to retain the required RTS/RTR capabilities. In turn, this will allow greater reach of trusted computing technologies over a wider set of devices and use cases.”

The first prototype for such a TPM (known as Radicle) was exhibited during TCG’s members’ meeting recently held in Warsaw, Poland, during the inaugural session of the MARS Subgroup. The team also agreed on the scope of its work, which will focus on the hardware requirements necessary to control and operate the primitives supporting the RTS and RTR, and the software API to access them.

A number of TCG’s other ongoing projects were also progressed during the members’ meeting, including work on specifications for secure software and firmware updates for embedded systems. Security in the Internet of Things (IoT), including industrial applications and the automotive industry was another key focus.

“As we put greater trust in things like autonomous cars, smart homes and healthcare sensors, and connect them to the Internet, we need to take steps to make sure connected devices are ubiquitously secure to protect them from data breaches and hackers,” said Dr. Joerg Borchert, president of TCG. “As an international standard, TCG’s TPM is widely deployed and a proven solution. This makes our technologies ideally suited to deliver on the new security needs emerging as we move towards a world where everything is connected. The work undertaken at our latest members’ meeting will ultimately deliver the specifications needed to achieve this.”

Find our more at develop.trustedcomputinggroup.org





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

The TCO of cloud surveillance
DeepAlert Verifier Technews Publishing Surveillance Infrastructure
SMART Security Solutions asked two successful, home-grown cloud surveillance operators for their take on the benefits of cloud surveillance to the local market. Does cloud do everything, or are there areas where onsite solutions are preferable?

Read more...
Cyber resilience – protect, defend, recover
Infrastructure
The challenge with AI is that threats are getting harder to detect. As a result, plans in 2024 are not just about detection and prevention, but about recovery.

Read more...
Powering business resilience and field operations
Infrastructure Products & Solutions
[Sponsored] The Anker 757 Portable Power Station emerges as a strategic asset for businesses looking to overcome power instability and the demand for operational efficiency in remote and field-based environments.

Read more...
Top bets for backup and business continuity
Infrastructure
Become your organisation’s data pioneer and spearhead data governance and protection of critical data. Challenge why best practices are not adopted or in place, while highlighting the inherent risks this poses.

Read more...
Next-gen solar-powered switches
Infrastructure
Duxbury Networking has introduced its range of solar unmanaged switches, which are ideal for any environment requiring reliable Power-over-Ethernet (PoE) capabilities, such as IP phones, cameras, and access points.

Read more...
Navigating South Africa's cybersecurity regulations
Sophos Information Security Infrastructure
[Sponsored] Data privacy and compliance are not just buzzwords; they are essential components of a robust cybersecurity strategy that cannot be ignored. Understanding and adhering to local data protection laws and regulations becomes paramount.

Read more...
Creating a cybersecurity strategy in a world where threats never sleep
Information Security Infrastructure
[Sponsored Content] The boom of Internet of Things (IoT) technology and the chaos that surrounded the sudden shift to work-from-home models in 2020 kick-started the age of cybercrime. In that period, incidents rose by 600%, affecting every industry and showing no signs of slowing down.

Read more...
Gallagher Security’s achieves SOC2 Type 2 recertification
Gallagher News & Events Integrated Solutions Infrastructure
Gallagher has achieved System and Organization Controls (SOC2 Type 2) recertification after a fresh audit of the cloud-hosted services of its integrated security solution, Command Centre. The recertification was achieved on 21 December 2023.

Read more...
Cyberattacks the #1 cause of business outages
Editor's Choice Information Security Infrastructure
The latest survey by Veeam Software shows that 92% of organizations will increase their spending on data protection by 2024 to achieve cyber resilience due to continued threats of ransomware and cyberattacks.

Read more...
Nology races to end 2023
Editor's Choice News & Events Infrastructure
Nology ended 2023 with an event highlighting its various products and services to the local market, followed by a few laps around the Kyalami Indoor Karting track.

Read more...