congatec XTX Embedded Modules
All applications using public media communication, for example the Internet, have an important need to secure the data being transmitted, and pure software-based solutions often contain potentially fatal weak points. Providing reliable authenticity, integrity and privacy of the transmitted data requires both hardware and BIOS support. Congatec XTX embedded modules are equipped with an additional TPM (Trusted Platform Module) in order to provide the hardware based “root of trust” for embedded computer applications.
An integrated TPM-chip (Trusted Platform Module) located on XTX computer modules provides the ‘root of trust’ for all embedded applications. The open TPM specification was developed by the Trusted Computing Group and is used by computing industry vendors to protect and strengthen the computing platform against software based attacks. When using the hardware TPM functionality, XTX cryptographic operations are routed through the TPM chip, giving a far greater degree of protection.
The Trusted Computing Platform (TPM) hardware on the XTX embedded computer module provides the necessary feature set to create secure embedded applications. Typical of such functions are: storage of keys, digital certificates, passwords and data securely in hardware; network security enhancement, online commerce transaction protection; protection against viruses, worms and other malicious attacks; digital identity protection; authentication between systems and networks; allowance for single signon to systems and enablement of digital signatures for financial and other secure transactions.
Security is only as strong as the weakest link. Trusted software has to rely on the given BIOS of the PC hardware. Congatec’s XTX BIOS is protected and reliable, as the integrity of the BIOS is reported by TPM methods integrated into the XTX’s AMI (AMIBIOS8) BIOS. The TPM support found in the BIOS helps to establish the “root of trust”, which TPM enabled applications use to ensure the data they handle. It is therefore possible to create a complete trusted embedded computer application.