Dependable TCB Based on the Cell Broadband Engine Isolation Facility

A Trusted Computing Base (TCB) such as a Trusted Platform Module (TPM) or a Mobile Trusted Module plays anessential role for security and privacy applications in embedded systems such as cell phones, smart sensors, and actuators. However, existing hardware-based TCBs lack flexibility for function updates, bug fixes, and feature updates. In this paper, we present a dependable TCB on a Cell Broadband Engine TM processor by providing a hardware and software hybrid TPM. Unlike prior approaches, we provide three new features: (1) TPM functions are implemented in software running in memory isolated by hardware, (2) our software TPM is launched and establishes a chain of trust from the hardware using a secure boot method, and (3) anew TPM command provides dynamic patching to the running software TPM and secure code overlays for the efficient use of the limited resources. We show the feasibility of this hybrid implementation of the TPM by assessing its performance and security properties.