Trusted Computing Group (TCG) today announced a new work group to focus on cyber resilient technology applicable to a wide array of platform types. TCG technologies will enable the development of platforms that withstand adverse cyber events.
The Cyber Resilient Technology Work Group will focus on three principles for building cyber resilient systems:
- Protection of code and configuration data;
- Detection of unpatched vulnerabilities or corruption of connected or disconnected devices;
- Recovery of components and systems to a known good state even after compromise, including update of code or revision of security settings.
These protection, detection and recovery capabilities, and the ability to attest to the provenance and configuration of IoT devices and hardware components inside a platform, will help find unpatched or misconfigured software and deploy updates whether by enterprise IT, the manufacturer, service provider or user. By enabling platforms to remain secure and operational, businesses and IoT systems maintain mission-critical data and communications.
The work group will develop new technologies, promote best practices and coordinate supporting efforts in TCG. This work builds on the Trusted Platform Module (TPM) and the Device Identifier Composition Engine (DICE), as well as other TCG standards. TCG plans to publish use cases and specifications in 2019.
These TCG activities will complement existing initiatives like the NIST SP 800-193 requirements for platform firmware resiliency, and TCG intends to align with related standards organizations.
In todays threat environment, we need computing hardware that can self-heal from attack at scale and at machine speed. This new TCG effort is an important step for the industry to enable more devices and sub-components of computing devices to be designed that way from the hardware-up “ Boris Balacheff, HP Fellow and Chief Technologist for Security Research and Innovation
Collaboration with TCG partners across the ecosystem will deliver strong resilient technologies with benefits for IoT, cloud and everything in between. – Paul England, Distinguished Engineer, Microsoft
“Only a strong foundation can make a business cyber resilient “ that’s why TCG will develop and standardize resilient platform technologies, from the bottom up”. “ Gordon Muehl, Global Security CTO, Huawei
The work group invites TCG member and non-member manufacturers of IoT devices as well as components for larger platforms to join its effort. For more information on TCG membership, go to trustedcomputinggroup.org/membership
TCG (@TrustedComputin) is a not-for-profit organization formed to develop, define and promote open, vendor-neutral, global industry standards, supportive of a hardware-based root of trust, for interoperable trusted computing platforms. More information about TCG is available at www.trustedcomputinggroup.org/. Follow TCG on Twitter and on LinkedIn. The organization offers a number of resources for developers and designers at develop.trustedcomputinggroup.org.
Brands and trademarks are the property of their respective owners.
Tweet this: Platform #resilienttech critical to business continuity; @TrustedComputin to apply existing & new standards to protect code, detect vulnerabilities & return platforms to known good state #TPM #DICE in new work group. Learn more trustedcomputinggroup.org/work-groups/cyber-resilient-technologies