Building Trust - Use Cases and Implementation of TPM 2.0 in Embedded Linux Systems

Building Trust - Use Cases and Implementation of TPM 2.0 in Embedded Linux Systems

Artwork by: Sparkelle (Yan) — Licensed under Creative Commons BY-SA 4.0

As embedded systems become increasingly interconnected, the demand for robust platform security and integrity has surged. Trusted Platform Modules (TPM), currently in version 2.0, are becoming increasingly beneficial for enhancing security in embedded systems. TPMs provide hardware-backed mechanisms for critical functions such as random number generation, cryptographic key generation, key binding and data sealing.

This presentation will explore the capabilities of TPM 2.0, focusing on several practical use cases, including:

  • Providing a unique and persistent serial number for device identification.
  • Supporting secure boot mechanisms to establish a reliable chain of trust.
  • Encrypting user data without the need for user passwords.
  • Managing application credentials securely.

Additionally, we will discuss the integration of TPM 2.0 within Yocto-based embedded systems and present strategies for automated provisioning, highlighting how these elements work together to enhance overall system security.

Presented at

  • Embedded Recipes 2025, Nice, France

Download slides

Tags :

Related Posts

LoRaWAN in theory and practice: A trip through Munich

LoRaWAN in theory and practice: A trip through Munich

LoRaWAN (Long Range Wide Area Network) is becoming increasingly popular, thanks in part to public networks such as The Things Network, which allow users to dispense with their own gateways. LoRaWAN also promises potential in terms of range and energy efficiency. But how does the standard perform in practice?

Read Post
Building a Yocto Pipeline with KAS, GitHub Actions and AWS

Building a Yocto Pipeline with KAS, GitHub Actions and AWS

Using KAS makes handling Yocto Projects easy. By shipping its own container with all needed dependencies, building sophisticated CI pipelines becomes pretty easy - in theory, or when using Gitlab. But using GitHub as a code hosting platform with self-managed Action runners on AWS comes with a set of unexpected challenges.
Anna-Lena will talk about her quest through GitHub Actions, the Cloud and how to tame them. The talk aims to point the audience to the obstacles when building CI pipelines for the Yocto Project with KAS, GitHub Actions, and custom action runners on AWS and strategies to handle them.

Read Post
Advanced System Profiling, Tracing and Trace Analysis with Perfetto in Android and Yocto

Advanced System Profiling, Tracing and Trace Analysis with Perfetto in Android and Yocto

Together with my colleague Stefan Lengfeld.

Tracing is a capable mechanism for deep system analysis and profiling with a minimal overhead. By recording defined system events, in Linux but also Android, tracing can be used to analyze concurrency or latency issues, for example. Android’s systrace tool made it easy to analyze and correlate traces and events due to a graphical UI, in order to help developers identify performance bottlenecks. The successor to this advanced and convenient tool is called Perfetto. It’s available for pure Linux too, and part of Yocto (meta-oe) since Langdale now. In the talk, we’ll have a look into

Read Post