μTSS - A simplified trusted software stack

Abstract

The TCG Software Stack (TSS) specifies the software layer for application developers to use functions provided by a Trusted Platform Module (TPM). However, the current TSS interface is highly complex, which makes its usage very difficult and error-prone, and the high complexity makes it unsuitable for embedded devices or security kernels. We present a simplified TSS design and implementation (μTSS) providing a lightweight and intuitive programming interface for developers based on the TPM main specification. The major principles of the μTSSdesign are a reduced complexity, obtaining type safety, object encapsulation, and a simple error handling. These principles ensure that the resulting μTSSis maintainable and easy to use. Moreover, the modular architecture of the μTSSallows using only a subset of the provided functionality as it is required, e.g., for embedded systems, mobile devices, or in the context of a security kernel. This paper discusses experiences with the μTSS, based on several projects such as the TCG TPM compliance test suite and a Mobile Trusted Module (MTM) implementation. © 2010 Springer-Verlag.