Building Trust - Use Cases and Implementation of TPM 2.0 in Embedded Linux Systems
- Anna-Lena Marx
- Embedded , Conferences
- May 16, 2025
Artwork by: Sparkelle (Yan) — Licensed under Creative Commons BY-SA 4.0
As embedded systems become increasingly interconnected, the demand for robust platform security and integrity has surged. Trusted Platform Modules (TPM), currently in version 2.0, are becoming increasingly beneficial for enhancing security in embedded systems. TPMs provide hardware-backed mechanisms for critical functions such as random number generation, cryptographic key generation, key binding and data sealing.
This presentation will explore the capabilities of TPM 2.0, focusing on several practical use cases, including:
- Providing a unique and persistent serial number for device identification.
- Supporting secure boot mechanisms to establish a reliable chain of trust.
- Encrypting user data without the need for user passwords.
- Managing application credentials securely.
Additionally, we will discuss the integration of TPM 2.0 within Yocto-based embedded systems and present strategies for automated provisioning, highlighting how these elements work together to enhance overall system security.
Presented at
- Embedded Recipes 2025, Nice, France
Related Posts
Building Embedded Systems with AOSP
- Anna-Lena Marx
- June 30, 2023
- Embedded , Conferences
In our community, building embedded systems based on Linux, e.g. with Yocto or buildroot, is standard and well known. Considering Android, respectively the AOSP as a base system feels strange at the beginning as it is a huge ecosystem that implies high system requirements. Of course, embedded Android is not a solution for each issue. Nevertheless, the AOSP provides a sophisticated base platform which is packed with a
- modern UI stack
- robust media and camera implementation
- modern AI runtime
- well known abstraction between system and app development
- energy optimization
and lots of other helpful infrastructure.
This makes AOSP an interesting approach for building more complex embedded systems.
How a modern Yocto setup could look like
- Anna-Lena Marx
- November 20, 2022
- Embedded , Conferences
In 2015, we built a sophisticated meeting room information system based on Android Things as a student project. As Android Things was deprecated in 2021, we started to use our Yocto Project experience to develop a maintainable, future proof embedded system.
When setting up a new project from scratch, we focused on proper solutions for
- a maintainable, well supported and patchable build environment for the embedded systems
- version control, reproducible builds and continuous integration
- license management
- a secure and stable update mechanism on image base and
- managing releases The talk aims to show how we build a system that matches our requirements using the Yocto Project, KAS, Gitlab CI, and Mender.io. Besides, we will have a short outlook to the application built in Flutter.
Presented at
- Yocto Project Summit 2022.11, virtual, 2022
- buildingIoT, Munich, 2023
Download original slides (Yocto Project Summit) Download updated slides (buildingIoT)
Read Post
Raspberry Pi für die professionelle Produktentwicklung - Eine gute Idee?
- Anna-Lena Marx
- May 10, 2022
- Embedded , Conferences
Maschinen und Geräte durch Vernetzung und Software aufzuwerten ist ein Kerngedanke des IoT. So werden die resultierenden Projekte häufig aus der Fachdomäne mit dem Wunsch nach schnellen und einfachen Erfolgen gestartet. Die Idee liegt dann nahe den beliebten Raspberry Pi als Basis zu nutzen. Das Gerät ist ja bekannt, fast alles wurde schon einmal von irgendwem gemacht und ins Netz gestellt. Klingt fast zu schön, um wahr zu sein - ist es auch aus professioneller Sicht. Die Gründe hierfür und welche Faktoren bei der Entscheidung für eine Hard- und Software-Plattform als Basis für ein IoT Produkt berücksichtigen werden sollten, sind Inhalt des Vortrags.
Read Post