Warsaw, Poland, June 13, 2019 – Groundbreaking work to assure cybersecurity in the Internet of Things (IoT) era has been initiated, as the Trusted Computing Group (TCG)launched a new project to create the “world’s tiniest Trusted Platform Module (TPM)”.
Many manufacturers want to build devices that include Roots of Trust for Measurement (RTM), Storage (RTS) and Reporting (RTR) so that these devices can work securely within the TCG Measurement and Attestation framework. Today, TPM chips are used to implement the RTS and RTR in a highly secure manner.
As IoT adoption continues to grow, a rising number of devices are so small that the inclusion of a full TPM chip might be impractical due to factors such as cost, space and power. TCG’s new Measurement and Attestation RootS (MARS) Subgroup has been formed to develop specifications that will enable manufacturers to build compliant chips with very little overhead for them and their customers.
“In a nutshell, we want to specify what the tiniest TPM needs to be so it can be integrated directly within the host chip,” said Tom Brostrom, Chair of the MARS Subgroup. “This will ensure that devices that aren’t big enough to integrate a separate TPM will still be able to retain the required RTS/RTR capabilities. In turn, this will allow greater reach of trusted computing technologies over a wider set of devices and use cases.”
The first prototype for such a TPM (known as Radicle) was exhibited during TCG’s members’ meeting held in Warsaw, Poland, this week during the inaugural session of the MARS Subgroup. The team also agreed on the scope of its work, which will focus on the hardware requirements necessary to control and operate the primitives supporting the RTS and RTR, and the software API to access them.
A number of TCG’s other ongoing projects were also progressed during the members’ meeting, including work on specifications for secure software and firmware updates for embedded systems. Security in the Internet of Things (IoT), including industrial applications and the automotive industry was another key focus.
“As we put greater trust in things like autonomous cars, smart homes and healthcare sensors, and connect them to the Internet, we need to take steps to make sure connected devices are ubiquitously secure to protect them from data breaches and hackers,” said Dr. Joerg Borchert, President of TCG. “As an international standard, TCG’s TPM is widely deployed and a proven solution. This makes our technologies ideally suited to deliver on the new security needs emerging as we move towards a world where everything is connected. The work undertaken at our latest members’ meeting will ultimately deliver the specifications needed to achieve this.”
About TCG
TCG is a not-for-profit organization formed to develop, define and promote open, vendor-neutral, global industry specifications and standards, supportive of a hardware-based root of trust, for interoperable trusted computing platforms. More information is available at the TCG website, www.trustedcomputinggroup.org. Follow TCG on Twitter and on LinkedIn. The organization offers a number of resources for developers and designers at develop.trustedcomputinggroup.org.
