Using Trusted Computing for enhancing Embedded Computing Platforms

Overview: The Trusted Computing (TC) technology is today already widely applied on Personal Computer (PC) oriented platforms. Typical use scenarios are measuring system integrity for Trusted Operating Systems, secure storage for key material and certificates, identification of platforms and together with other technology like smartcards and biometrics also the authentication and identification of computer users. Parallel to the PC world there is an additional computing universe, the world of embedded computing. An embedded computing system is a special-purpose system in which the computer is completely encapsulated by the device it controls. Physically, embedded systems range from portable devices such as MP3 players, to large stationary installations like traffic lights or factory controllers. Embedded systems are designed to do some specific task, rather than be a general-purpose computer for multiple tasks. Some also have real-time performance constraints that must be met, for reason such as safety and usability; others may have low or no performance requirements, allowing the system hardware to be simplified to reduce costs. Due to the upcoming broad use and importance of these application in daily life, similar trust and security requirements are coming up, where the application of TC or at least the integration of a Trusted Platform Module (TPM) could increase system security and performance. Especially Trusted Operating Systems based on virtualization and compartment technology can not only increase trust and security but also the reliability and safety by protecting computing processes as well as application kernels against negative influence or erroneous states from other parts of the total system or from external networks. This broad use of TC will allow protecting the upcoming generation of embedded systems against the whole variation of security incidents well known from the PC world. Based on the public available standards of the Trusted Computing Group it will be shown how software modules and operating systems for all areas of trusted and secure computing in the embedded regime like mobile phones, trusted networking, and secure content management for Digital Rights Management (DRM), industrial control, automotive and a lot of similar applications will benefit from the integration of protective security and trust requirements.