TCG has been working to provide enabling security solutions for embedded and IoT for some time. The group has work groups working in automotive security (https://trustedcomputinggroup.org/tcg-tpm-2-0-library-profile-automotive-thin/), including using a TPM to ensure over-the-air software upgrades to vehicles, and recently announced it will work on industrial IoT security issues.
TCG members also recently have published guidance for securing network equipment (https://trustedcomputinggroup.org/work-groups/network-equipment/) to help close vulnerabilities in critical systems shuttling network traffic.
TCG also has actively sought input and feedback from not only its membership of more than 100 computing, IoT and embedded systems companies but from the wider industry. With the requirements of many IoT systems different from the traditional PC/server model, TCG members responded to the need for enabling a root of trust and security in IoT and embedded devices constrained by size, power, cost and other factors.
The new work, Device Identifier Composition Engine or DICE ( for short, has published and is being supported already by members Microsoft, STMicroelectronics and Micron. For example, from the work group page, “…DICE Architectures Work Group is exploring new security and privacy technologies applicable to systems and components with or without a TPM. The goal is to develop new approaches to enhancing security and privacy with minimal silicon requirements. Even simple silicon capabilities combined with software techniques can establish a cryptographically strong device identity, attest software and security policy, and assist in safely deploying and verifying software updates.’’
Learn more about what DICE offers and how it’s being implemented here: https://trustedcomputinggroup.org/work-groups/dice-architectures/. TCG members recently presented at an industry event and a summary of the talk can be found here: http://www.electronicdesign.com/automotive/tcg-rolls-dice-automotive-security.
TCG also will host a session on DICE at the Oct. 3, 2017 IoT Solutions World Congress, Barcelona, as part of a special session on industrial IoT security. Experts from GE, Infineon, Microsoft, OnBoard Security and Wibu-Systems will talk about and demonstrate trusted computing for IoT and embedded applications. A complete agenda, expo and conference pass codes and link to registration can be found at https://trustedcomputinggroup.org/press-rooms/events/iot-solutions-world-congress-2/.
Membership in the Trusted Computing Group is your key to participating with fellow industry stakeholders in the quest to develop and promote trusted computing technologies.
Standards-based Trusted Computing technologies developed by TCG members now are deployed in enterprise systems, storage systems, networks, embedded systems, and mobile devices and can help secure cloud computing and virtualized systems.
Trusted Computing Group announced that its TPM 2.0 (Trusted Platform Module) Library Specification was approved as a formal international standard under ISO/IEC (the International Organization for Standardization and the International Electrotechnical Commission). TCG has 90+ specifications and guidance documents to help build a trusted computing environment.