Trusted Computing Group

The Trusted Platform Module was designed to serve several functions within a larger computing system. These functions are as important to the interaction and operation of embedded systems as they are to the interaction between PCs, servers, and other network devices. For example, when communicating across a network, it is just as important to be able to uniquely identify a sensor as it is to identify a PC. It is also equally important to be able to establish whether the sensor has been compromised or can be trusted to behave as designed. These are the same platform integrity values that Trusted Platform Modules provide in PCs.

The Embedded Systems Work Group is operating on the assumption that the TPM 1.2 implementations now widely deployed will address most of the requirements of embedded systems. Because of the need for different interfaces in typical embedded computing platforms and also some specific functionality requirements, an embedded TPM platform standard will soon be published to cover these requirements.

Initial high-level, universal use cases are clear:

• Provide unique, unspoofable identity to the embedded system that incorporates a TPM.
• Participate in integrity measurement services upon the firmware and software in the embedded system and store the results of measurement for subsequent reporting.
• How will management of TPM-protected secrets be done in the embedded market?

In specific environments, narrower use cases will be considered, for example:

• More complex embedded systems may require trust services based on cryptographic material protected by a TPM.
• Communications among embedded systems may be protected using a VPN, and the TPMs involved in these communications may be used to protect authentication and encryption certificates required by the VPN.
• Privacy requirements due to handling of legally protected personal data, e.g., in medical applications.
• There may be circumstances in which an embedded device protects secrets as a service to a number of other devices.

Other use cases will be considered as well.

 

Yes. There are printers, video game consoles, kiosks and other devices already in the market that contain TPMs. The most common use of the TPM in those devices is validation that the code has not been tampered with. The TPM may also be used to protect a unique identifier as well. These are the two foundation functions of a TPM in any device.

The primary purpose of the Embedded Systems Work Group is to facilitate the continued evolution of Trusted Computing as a source for security in these markets and to help facilitate the ecosystem to support the concepts of a hardware root of trust.

A major difference is less emphasis on the "take ownership" requirements found in PC implementations. In many cases, like set-top boxes and cars, the TPMs could be provisioned once on the manufacturing line and never again for the lifetime of the box. In other cases, provisioning on the manufacturing line might be done in order to make sure that the device has an initial identity. The purchasing device owner might be given a tool for rejecting that identity and then creating a new one.

Beyond initial provisioning, there will be use cases that require key management. There are some examples of fully automated, built-in key management in products today (for example, the Lotus Notes built-in PKI but also free open source PKI modules). This will be one of the bodies of work that the Embedded Systems Work Group will have to address - how will key management be done in either a "hands-free," fully automated fashion or in a low-touch fashion.

 

A core Trusted Computing technology is the TCG Storage Opal 1.0 specification for the self-encrypting hard drives that are now widely available and are expected to ship as standard equipment on many new PCs in the near future. These drives can also provide protected storage for keys as well as generation of new keys.

Many of the devices in the Internet of Things generate data as their primary function. Sensors of all sorts are examples of this sort of device. Often the data collected by sensors is of a sensitive nature and those devices are only connected to the Internet intermittently.

Sensors in vehicles are an important example. Another example is sensors used in collecting terrain and geological information for a company exploring for oil, minerals or metal. This prospecting data may have significant value. It could affect the valuation of a parcel of land. It could affect global commodity markets or even governments in some cases (think of the effect of the discovery of oil deposits in the North Sea). In situations like this, automatic encryption of data at rest is clearly of value.

Another example is that a great deal of personal financial information could end up stored on many embedded systems. Disclosure of this information is hardly likely to shake the pillars of Wall Street, but it certainly could be a disaster for an individual or a company. In today's market, the primary reason people give for not engaging in on-line banking is their concern over the security of their personal financial information. The same concerns apply to the use of embedded systems that may be required to store this same information.

 

At the level of firmware, there is a command set that is available for addressing the TPM directly for service. This command set is used by nearly all business PCs in the market today, every time that the PC is turned on. BIOS execution involves communication with the on-board TPM. There are many embedded devices that operate at a firmware level only when they are turned on.

However, there are also many embedded devices that run some form of embedded operating system. Examples include various Real Time Operating Systems (RTOSs) and the embedded versions of Windows and Linux. In the case of Windows running on an embedded system, it is possible that existing Windows-based support for TPMs (the TCG Software Stack and other operating system-supplied middleware that supports TPMs) could be made available on embedded devices. For the RTOSs, Linux implementations, and other embedded operating systems, there is an opportunity for innovation and new development to provide middleware in these environments that facilitates communication with on-board TPMs.

For high security environments, there are already a number of trusted operating systems for embedded platforms. These trusted operating systems are available as products and apply virtualization technologies to achieve high security. The methods for this virtualization are either based on hypervisor technology or the microkernel architecture. These operating systems already provide extensive support for the trust and security functions of a TPM.

The Embedded Systems Work Group is actively seeking participants who require secure and trustworthy embedded systems. We are interested in your problems and your requirements. We are willing to work with members to determine whether and how Trusted Computing can solve those problems. This is a cooperative, experimental approach seeking the best possible answers to customer problems by using existing security technologies and best practices. A serious effort will be made to succeed with each problem case.

The Embedded Systems Work Group is a hybrid work group. Part of the group's responsibility is to write specifications that apply Trusted Computing technologies to the security problems of embedded systems. The other part is to work directly with customers who depend upon embedded systems in their business and who require those embedded systems to operate in a secure and trustworthy manner.

The TMS WG was formed to provide real-world solutions guidance for adopters and users who are interested in using TCG technologies for mobile devices in enterprise or business-to-consumer environments, with their evolving security challenges (which the TCG is well-equipped to address). The TMS WG is chartered to facilitate the demonstration of trusted mobility solutions which make use of the TCG capabilities developed by different TCG Technical Work Groups and to provide comprehensive guidance on how these TCG technologies can be leveraged in mobile devices and enterprise networks.

With growing enterprise and consumer reliance on mobile platforms, such as smartphones, laptops and tablets, the need for enhanced protection of these devices as well as controlling their access to networks is paramount. Effective use of mobile devices requires the communication of trustworthy information about device identity and device integrity along with the availability of a secure storage. In addition, mobile platforms must be integrated with robust provisioning, access control, and application/data protection mechanisms to enable trusted connections to enterprise networks, mobile payment and financial services, health care, and other sensitive application systems within the mobile devices ecosystem.

In order to deal with the aforementioned issues effectively, it is vital to enable trust models and interoperability of components which support trusted mobile platforms and the remote management of these mobile devices. One of the main goals of the TMS WG is to define an architectural framework, use cases, implementation guidelines, and best practices in order to ensure effective deployment of trusted mobility solutions. The TMS WG will facilitate the practical demonstration of trusted mobility solutions that leverage TCG and other trusted computing specifications to achieve trusted operation, trusted remote manageability and safe collaboration between multiple independent stakeholders (e.g., financial institutions and application developers) and user organizations.

The TMS WG defines a "trusted mobility solution" as one that addresses all of the following features and concepts:

• Mobile endpoints are managed computing resources.
• One or more mobile endpoint management functions are defined and operate as part of the solution.
• Mobile endpoints can connect to a network, preferably using TCG TNC network attachment integrity verification.
• Mobile endpoints can be physically moved by a person with ease, or in conjunction with the movement of a person (e.g., in an automobile).
• Mobile endpoint trustworthiness is enabled and/or supported by one or more capabilities that are conformant to TCG technical specifications (e.g., TPM or MTM).
• Mobile endpoint trusted boot, applications, databases, security policies, etc., can be reliably deployed in order to support a trusted execution environment (e.g., using a TCG Opal SED).

Laptops, tablets, and smartphones are the mobile endpoints that are the primary focus for the TMS WG.  Other portable consumer devices (e.g., radios, cameras, music players, sensors, and analog devices) are out-of-scope in the TMS WG charter.

The TMS WG will define use cases and solution requirements for managing and provisioning trusted mobile, network-connected endpoints, and will document a unifying, integrated architectural framework that will enable the interoperable use of trusted computing standards.  Although, the TMS WG will not develop new TCG technical standards, the work group will define implementation guidance, best practices, and also recommendations for updates to existing relevant TCG standards. Furthermore, new approaches to demonstrate the solution certification and compliance may also be developed.

TCG Work Groups, such as the Mobile Phone Work Group (MPWG), define security-related use cases, requirements and technical specifications For MPWG, the focus is on securely booting mobile and embedded systems that provide TCG TPM-compliant features like remote attestation, key management, and authentication and secure storage for applications and OS services, as well as support for local and remote ownership to address corresponding security requirements.

 

Moreover, the purpose of the TMS WG is to synthesize requirements and technical specifications from multiple TCG technical WGs to provide an integrating framework for mobility solutions architectures.

The objectives of the TMS WG may also expose additional requirements for future TCG specifications or even for new TCG WGs in order to deploy a TMS solution. In these cases, the TMS WG will engage with the respective technical WGs to help refine the requirements.

Also, the trusted platform concepts developed by the TCG will require specific lifecycle management and integration into mobile solution architectures. The TMS WG will aim to assist other TCG work groups in demonstrating how the current and future specifications could contribute in enabling the trust models which make new mobile compute paradigms possible.

Since the activities of the TMS WG are solutions-oriented, several TCG technical specifications may be applicable to our trusted mobile solutions architecture.  The key examples include:

• MTM - Mobile Trusted Module (mobile and embedded subset of TPM)
• TPM - Trusted Platform Module (encryption and other keys, hardware security)
• TNC - Trusted Network Connect (integrity measurement and verification)
• IF-MAP - Metadata Access Point (interworking across security architectures)
• OPAL - Self-Encrypting Drive (secure OS and application data storage)
• TMI - Trusted Multi-Tenant Infrastructure (separation of consumer and business applications)

 

The TMS WG use cases should include a selection of these TCG technical specifications to show how the integration of these capabilities can be deployed, managed, and operated to meet the security objectives of particular reference implementations.  Financial, telecommunications, and government TMS WG members and liaisons should propose and evaluate key TMS use cases. 

Certainly there are many issues that must be considered when provisioning and managing TPM or MTM-enabled devices, and the diversity of devices and interconnection technologies in the mobile world introduces even more complexity.  This realization motivated the formation of the TMS WG to leverage the work of the other TCG WGs and other non-TCG standards groups that address the mobile world and explore the issues that enterprises face when provisioning and managing TCG technologies within mobility-enabled infrastructures.  Using real-world use cases, the TMS WG will apply TCG standards within the mobile world and demonstrate how management challenges and technical risks can be handled in a cohesive and comprehensive manner.  The TMS WG will work with other TCG WGs to resolve difficulties that are identified in the demonstration of these capabilities and propose recommendations for updates to TCG standards.

To date, the MTM has been implemented primarily in company-internal and lab research projects. For example, Nokia Research Center has produced a GPL open source MTM add-on to the TPM emulator by Mario Strasser et al, and a reference implementation of the manufacturer profile of MTM (MRTM) for ARM TrustZone. Also, the Terminal Mode V1.0 standard recommends hardware-assisted MTM security for key storage and usage.

To ease both implementation and adoption, the newest MTM use cases introduce concepts where common interfaces for messaging - protocol data units (PDUs) and application programming interfaces (APIs) - are utilized, primarily between the OS and the trusted execution environment, but also between applications and the OS, to provide added value for service deployment.

The primary focus of the TMS WG is to synthesize TCG-based technical specifications into an architectural framework, set of relevant use cases, demonstrated capabilities, and lessons learned. Other standards groups and forums also are working on secure mobility specifications, projects, and use cases such as the Global Platform, the Mobey Forum, the U.S. Government Mobile Applications Group and National Institute of Standards and Technology (NIST), and the German Federal Ministry of Education and Research through the ESUKOM project.  The TMS WG plans to collaborate with these groups as their efforts relate to trusted computing and where TCG specifications can be applied.

Current members of the TMS WG include a wide variety of participants: handset and other mobile platform providers, system integrators, chip manufacturers, network systems providers, hard drive manufacturers, system and application software vendors, and voices from academia, and government. This diversity of viewpoints and capabilities is essential to the development of robust solutions frameworks.  The TMS WG cordially invites new or existing TCG members to participate in our development of trusted mobile solutions requirements and real-world demonstrations.