Trusted Platform Modules: What They Mean for IoT Security

Trusted Platform Modules: 8 More Surprises for IoT Security

TPMs aren’t easy, but they should have a bigger impact in the IoT than they had in PCs.

Written by Ari Singer, CTO, TrustiPhi
13th March 2019

Part 2 of a two-part TPM Surprise Series

In part one of this series, we looked at eight surprises about trusted platform modules, targeting common misconceptions. If you felt we were at times critical of TPMs, you’d be right. But now in part two, we focus on the benefits of TPMs, their important role in the Internet of Things and factors that determine if TPMs can help you.

Surprise 9: TPMs have a vital role to play in the Internet of Things because they make device integrity verifiable and sustainable.

How do you know if your devices, out in the field, are still okay? While most people think of TPMs as embedded security modules that protect cryptographic keys, they also embody a crucial innovation — the notion of device integrity or what you might call “device health.” Prior to TPMs, once the software or firmware of a device was compromised, all bets were off with respect to the security benefits the device could provide. TPMs brought something new to broadly available commercial devices: a mechanism to provide cyber-resiliency by keeping track of ongoing device health and — when the device is compromised — helping the system take action to recover.

Surprise 10: A TPM can help protect your supply chain.

One TPM “downside” is that they must be fundamentally architected into the design of new IoT devices. On the flipside, once a TPM is architected in, it can be your eyes and ears when a device is outside of your control. The TPM can help safeguard the integrity of a device as it passes through supply chains. Device manufacturers can’t always fully trust all entities in their supply chain (offshore assembly plants, for example), but they can’t give up the economic benefits of using lower-cost suppliers and facilities. The TPM can be used in various points along the supply chain to verify that the device has not been improperly modified.

Surprise 11: TPM-based device integrity makes device maintenance easier.

If you don’t know whether a device has been compromised, you can’t manage it properly.

Once you have the TPM benefit of verifiably tracking device integrity, a natural extension is using TPMs to help securely update your device. Keys on the TPM can help protect your software and firmware updates. The TPM can provide remote verification that updates were properly installed. This enables remote update and verification of devices without returning them to the factory.

Surprise 12: If rogue software has been introduced into the device, the TPM can help the system operate in a “protected mode” to minimize damage.

Some systems should never shut down, like those which steer a driverless vehicle around a pedestrian. At the same time, unauthorized software must be blocked from destructive activity. Systems can be designed to require TPM action to fully operate. When a TPM becomes aware of rogue software, it can withhold keys or other critical data that the device needs to carry out specific functions. This effectively puts the device into a “protected mode,” where its operation is restricted until the system is repaired.

Surprise 13: TPM supports only three Roots of Trust, but can cooperate with other Roots of Trust to accomplish many key functions.

Every device has roots of trust, whether or not a user is aware of them. The real question is how secure they are. A root of trust is a fundamental part of your system that you must trust and whose compromise leads to the fundamental breakdown of trust in the overall device.

Unlike tree roots, which all serve similar functions, the various roots of trust do completely different jobs. TPM provides hardware-based roots of trust for reporting, for storage, and for integrity. To perform its fundamental device integrity functions, the TPM can interact with a Root of Trust for Measurement (RTM). The TPM can also support the actions of a Root of Trust for Verification (RTV) after a secure boot.

These five roots of trust satisfy the needs of the vast majority of applications. As new IoT technologies mature, TPMs will also interact with other new roots of trust, such as for update, detection, recovery and resiliency.

Surprise 14: TPMs are far superior at specific tasks

Maybe this isn’t such a big surprise. Nearly all industries that need hardware-level security — and utilize the IoT — require secure boot, secure update, secure communications and strong cryptography. A TPM is strong and efficient at most of these functions, especially in conjunction with the right complementary roots of trust.

As you add security capabilities such as an RTM or an RTV, or a Trusted Execution Environment (TEE), these capabilities become stronger and more comprehensive. Consider this, as you decide which technologies to incorporate in a device.

Surprise 15: Increasingly, there are viable alternatives to TPMs that are well suited to IoT devices

With technology advancing quickly, it is always important to pay attention to new products and solutions in the market. TPMs have been a trailblazer, and was the only game in town for many years, for device integrity and measured boot. Today, thanks in large part to TPMs, there are new technologies that solve some of the same problems TPMs were designed to solve. For instance, Micron Technology recently developed a product line called Authenta, which implements all five of the NIST roots of trust. (Disclosure: my team here at TrustiPhi was deeply involved with Authenta in a consulting role.) There is also a new Trusted Computing Group (TCG) standard called Device Identifier Composition Engine (DICE) that defines a much simpler device integrity technology for devices that don’t have a TPM.

Surprise 16: Implementing TPM for the IoT is different than TPM for PCs – and it will be better, faster, and easier.

The bad news: TPM for the IoT is no copy-paste of TPM for PCs. Not much from TPM for PC implementations can be reused in TPM for IoT. IoT devices use different processors, boot code, operating systems and applications than do PCs.

The good news: Already there are new infrastructure components and new approaches unique to TPM for IoT. TPM 2.0 profiles — such as one for automotive applications — are being created to simplify TPM-based solutions.

Our expectation: TPM for IoT will have a more mature, complete and easier-to-use ecosystem of tools and software to work with, and it won’t take as long as it did with the PC world. As the engineers at my company and others design IoT systems, we’ll all build upon and benefit from the collective experience with TPM for PCs. It’s going to be better the second time around.

What’s Next?

If you have comments about how great (or unsuitable) TPMs are, and their emerging role in your industry, please post them or contact me directly. We’d like to know! Part 1 of this series, if you missed it, is available under the title of “Trusted Platform Modules: 8 Surprises for IoT Security.”

Author

Ari Singer, CTO at TrustiPhi and long-time security architect, is a former chair of both the Trusted Computing Group’s Trusted Platform Module (TPM) workgroup and the TPM Software Stack (TSS) working group. He was a key contributor to the TPM 1.2 and 2.0 specifications – and has led teams that developed multiple TSS and TPM firmware implementations and TPM-enabled applications. With 16 years in trusted computing, Singer was an influencer in other security standards including Efficient Embedded Security Standards (EESS), IETF, IEEE 802.15.3 and IEEE 802.15.4. He was also chair of the IEEE P1363 working group, the leading standard for public key cryptography. Ari can be reached at: [email protected]