There is a new web site with multiple TPM resources, many things to see. And a physical event, if you are based in Germany.
Trusted Computing Group has released the Device Identifier Composition Engine (DICE) Architecture for securing resource-constrained devices that make up the Internet of Things. The DICE Architecture provides critical security and privacy benefits to IoT and embedded systems where traditional Trusted Platform Modules (TPM) may be impractical, while also enabling support for those devices with a TPM for additional security benefits. Security capabilities this new approach enables include strong device identity, attestation of device firmware and security policy, and safe deployment and verification of software updates, which often are a source of malware and other attacks. The DICE Architecture, with its hardware root of trust for measurement, breaks up the boot process into layers, and creates unique secrets and a measure of integrity for each layer. This means if malware is present, the device is automatically re-keyed and secrets are protected. […]
Today the TCG sent out a news announcement about their presence at JRF in Tokyo next month. Email header/footers removed, but body not excerpted, since no URL and only from TCG newsletter.
You’re Invited to Attend the Annual Japan Regional Forum (JRF) Workshop in Tokyo on December 2, 2015.
Date/Time: Wednesday, December 2, 2015 13:30 – 19:30
Venue: Akihabara UDX Next 1 – Tokyo, Japan
The Japan Regional Forum (JRF) will be hosting its annual Open Workshop on Wednesday, December 2, 2015 at Akihabara UDX in Tokyo.
This 7th annual JRF Workshop is open to both members of the Trusted Computing Group (TCG) and non-members who are interested in TCG activities and issues around security.
This event provides an excellent opportunity to learn global trends and challenges in IoT, Automotive, and Embedded System, and get deep understanding through the discussions through the event.
The program includes a keynote address from David Grawrock, Senior Principal Engineer of Intel on TPM core features for Trustworthy in IoT Era. In addition, Koji Ono, Technical Sales, Consumer & Partner Group OEM at Microsoft Japan will lead a session on security feature of Windows 10 for IoT and Mark Schiller, Executive Director of the Trusted Computing Group will introduce TCG efforts for embedded system and IoT as well as benefit of joining TCG.
Other speakers include Shinji Sato, IPA (Information-technology Promotion Agency, Japan), Shinichi Horata, IPCERT/CC (Japan Computer Emergency Response Team Coordination Center), and Ryo Kurachi, TCG Invited Expert from Nagoya University.
The session is followed by reception with food & drink and will provide a great opportunity to network with speakers and members of the TCG. TCG technology demo showcase will also be available for attendees.
If you are interested in attending this event please visit the TCG JRF website (Japanese) at http://www.trustedcomputinggroup.org/jp/jrfworkshop .
Registration will close on Wednesday, November 25, 2015.
TCG’s monthly newsletter came out today. Here are a few highlights:
TCG’s Stefan Thom has an article on the IoT security implications of remote firmware updates:
TCG has announced a new liaison relationship with the Industrial Internet Consortium (IIC), related to Industrial IoT security and trust:
TCG’s TPM 2.0 Library Specification was approved as a formal international standard under ISO/IEC. The specification was submitted to the ISO/IEC JTC 1 by the TCG following the JTC 1 Publicly Available Specification (PAS) Transposition process.
TCG has a few specs for public review:
* TCG PC Client Specific Platform Firmware Profile for TPM 2.0 Systems Revision 1.0 Version 21
* TPM 2.0 Mobile Common Profile Family 2.0 Level 00 Revision 29
* TCG Storage Opal Integration Guidelines, Version 1.00 Revision 1.14
* TCG Trusted Network Communications Server Discovery and Validation Version 1.0, Revision 19