Trusted Platform Module for Embedded Systems Security

The Trusted Platform Module is a specific purpose embedded chip built to bridge the gap between a purely software-based security realization and the security that hardware realizations add to any system. The main TPM’s features are the capacity to generate and securely manage asymmetric keys, a secure memory to store system configuration measurements and keys, engines to perform asymmetric cryptographic algorithms and hashing algorithms, hardware block to generate true random number. TPM has been designed to improve systems’ security protecting sensitive data, giving a trustworthy description of the platform configuration, allowing devices to be univocally identified also attesting their configuration. Trusted Platform Module specifications have been developed by the Trusted Computing Group, a non-profit organization born with the aim to define open standards to enable hardware based security. TCG has been formed with the participation of all main hardware and software developer like Dell, Intel, AMD, Microsoft, IBM and many others. The objective of this internship has been to allow the SIE department, and in particular the CMS lab, to get in touch with the TPM. It is the first chip introduced in personal systems for public distribution that enable hardware-based security. To accomplish the objectives some important steps has been performed: · Understanding TCG concepts and TPM and TSS functioning · Porting TSS APIs on a real platform making use of the TPM · Developing Test Scenarios making use of the TPM to evaluate its functionalities and performances · Measuring the aptitude of TPM and TSS actual implementation to be used in embedded systems or with FPGAs · Analyzing and Defining possible System Architecture