Figure 1 Trusted Platform Architecture with MARS
All devices across the IoT or embedded device ecosystems need to benefit from security to create a protected, trusted digital ecosystem. Where space, resources and costs are a barrier to implementing security protocols, the Measurement and Attestation RootS (MARS) specification provides security no matter the size or budget of an IoT device.
The Measurement and Attestation RootS (MARS) specification gives small devices the basic security capabilities of identity, measurement storage, and measurement reporting to attest to the health and trustworthiness of a device in an affordable way.
MARS is an isolated, lightweight pair of hardware roots of trust which can be integrated into all types of device designs including IoT devices, embedded devices, automotive vehicles, satellites, mobile phones as well as smart home devices and more.
“While attaching some security devices to many small, embedded devices such as IoT devices may be impractical, the need remains for a physically isolated set of shielded locations and protected capabilities to support identity, measurement storage, and attestation. The TCG is responding to this need with MARS – Measurement and Attestation RootS. The MARS Work Group is specifying methods by which the needed logic can be implemented directly in hardware as a state machine while remaining isolated from the microprocessor environment.” – Tom Brostrom, Chair of the MARS Work Group.
The full Measurement and Attestation RootS (MARS) Library specification helps to provide guidance on implementing the security protocols. To find out whether the MARS specification can be applied to a specific IoT or embedded device, the MARS Use Case and Considerations document is a helpful start.