TCG Pushes for Security in Embedded, Automotive, and IoT Systems with Complete TPM 2.0 Software Stack

June 23, 2020 Tiera Oliver

The Trusted Computing Group (TCG) released its latest specification for the latest Trusted Platform Module (TPM 2.0) technology, the Feature Application Programming Interface (FAPI) standard.

The completed TCG TSS Stack standard now supports a wide range of devices making it possible to integrate the TPM 2.0 as a turnkey solution and to achieve interoperability for platform security, network communication, and data exchange.

The FAPI specification completes the framework of the TPM Software Stack specifications (TSS 2.0). The framework includes low-level specifications like the System API, which enables the usage of the entire set of TPM 2.0 functionalities in resource constraint devices. The addition of FAPI as a high-level specification enables the application of TPM 2.0 in high-performance systems with cost-effective development and the support of multiple users, parallel services, virtualization, Windows-, and POSIX-based operating systems like Linux.

The range of TPM functionalities such as signing, key storage in hierarchies, authorization, secure time, personalization, lifecycle-management, and certificate management will now be accessible for more devices and use cases with the use of the FAPI. It achieves this by providing an automated processing for key storage, default cryptographic configuration for administrators, provisioning, filesystem integration and process evaluation.

The new JSON Data and Policy Language standard also simplifies the complexity of handling declarative policy language to support the implementation of authorization policy with a TPM. It will enable complex authorization and policy management for keys with low implementation, validation, and management efforts using the standardized JavaScript Object Notation (JSON) data interchange format.

According to the company, both new specifications will help to accelerate the implementation of the TPM for a secure digital ecosystem across IoT devices, industries, and markets.   

The FAPI standard also enables the usage of TPM 2.0 according to the PKCS#11 interface standard, which provides a generic storage and application of cryptographic keys in an even wider range of applications. These applications are typical security software and protocols, such as SSH, user authentication, identity management, e-mail encryption, and signing of documents.

With the addition of FAPI, the now complete TCG Software Stack 2.0 (TSS 2.0) provides a framework with utilities that allows systems and devices across worldwide markets to share the TPM functionalities at both high and low-level. Implementations of the TSS Stack including the FAPI standard are available and are supported by several companies.

For the full set of TSS standards and more information, please visit: https://trustedcomputinggroup.org/

About the Author

Tiera Oliver, edtorial intern for Embedded Computing Design, is responsible for web content edits as well as newsletter updates. She also assists in news content as far as constructing and editing stories. Before interning for ECD, Tiera had recently graduated from Northern Arizona University where she received her B.A. in journalism and political science and worked as a news reporter for the university's student led newspaper, The Lumberjack.

Follow on Twitter Follow on Linkedin Visit Website More Content by Tiera Oliver
Previous Article
Key Areas to Focus While Developing Connected App for IoT Solutions
Key Areas to Focus While Developing Connected App for IoT Solutions

With mobile apps being an integral part of connected solutions, it’s important to design and develop the be...

Next Article
WIN Enterprises Announces IoT Gateway mini-ITX Platform with 9th/8th Gen Intel® Core™ Processor
WIN Enterprises Announces IoT Gateway mini-ITX Platform with 9th/8th Gen Intel® Core™ Processor

WIN Enterprises announces the MB-50050 a mini-ITX SBC to serve as the basis for a flexible, general-purpose...