Increased demand on TPM 2.0 modules with Windows 11 announcement

Microsoft announced Windows 11 with new system requirements, including hardware with a TPM 2.0 chip. Altho not all computers, laptops, and tablets come with Trusted Platform Module (TPM), which can be a problem, especially if you need version 2.0.

According to a tweet from Shen Ye, Senior Director, Global Head of HTC Hardware Products, the price of TPM 2.0 has quadrupled, so while Windows 11 isn’t officially available yet, Microsoft has it legitimate, and the name is security.

Securing devices with Infineon industrial grade TPM

Infineon Technologies AG has unveiled a new security chip that defines the first TPM (Trusted Platform Module), designed specifically for industrial applications such as industrial computers, servers, industrial controllers and edge gates. The module protects confidential data in connected devices and reduces the risk of leakage of this information due to attacks, e.g. hackers.

The OPTIGA TPM SLM 9670 module protects the integrity of industrial systems and the identity of users using them. The system controls access to sensitive data at key locations in industrial environments, such as an automated factory. It also protects the cloud interface if the network uses one. The security system fully meets the TPM 2.0 standard developed by the Trusted Computing Group and is certified by an independent test laboratory in accordance with the criteria contained in this standard. The new module is meticulously controlled and certified by Infineon. Thanks to its use, it is possible to shorten the time of designing and introducing the device to the market, thanks to the ready security solution in the system.

The TPM system has a lifetime declared as 20 years. It allows programmers to perform firmware updates, which in turn enables them to meet the long-term security requirements in rapidly changing industrial environments. In this way, it can also reduce maintenance costs of industrial equipment thanks to secured remote software updates. The TPM chip will be available in serial production in the second half of 2019.

TPM 2.0 Key Features

  • Random Number Generator (RNG) according to NIST SP800-90A
  • TPM FW update functionality installed
  • 6962 Bytes of free NV memory
  • Full personalization with Endorsement Key (EK) and EK certificate
  • Up to 3 keys in the volatile memory
  • Up to 7 keys in the NV memory
  • Up to 8 NV counters
  • Support of various cryptographic algorithms:
    • RSA-1024 and RSA-2048
    • SHA-1 and SHA-256
    • ECC NIST P256
    • ECC BN256

Security chip implementation in Industrial IoT devices

With knowledge of latest Industrial IoT security measures, the choice of proper end-point conroller or gateway is much easier than you think. Some manufacturers can implement TPM 2.0 security chip in production process, to allow users to generate certification keys after purchase, maximizing security of their installations. TECHBASE offers wide range of solutions, optionally aided with TPM system.

For example, ESP-32 based solution, Moduino X series and eModGATE series products offer the support for such security measures. Read more in Industrial IoT Ecosystem brochure, to understand the importance of reliable and secure hardware for Industrial IoT.

ModBerry 500-CM4 with ESP32 and Arduino for ultimate power management

Sleep functionality for ModBerry 500 CM4 devices

TECHBASE company designed an extended version of Raspberry Pi Compute Module 4 based devices, ModBerry 500-CM4-PM series for better power management in changing conditions of industrial applications. With the use of GPIO the module can manage boot, sleep mode or safe shutdown of the device in terms of unexpected drop in the power network with help of built-in ESP32 module and Arduino environment.

In the last few years developers marketed a wide range of ARM-based development boards, lacking in enhanced power management, especially sleep and wake up modes, commonly used in PC-grade computing. These boards are not adjusted for battery power supply, so it’s natural that sleep/wake functions should be implemented. In connection with the development of solutions based on Linux-SBC, key factor is adding sleep modes to any remote installation

ESP32 based addon module for Raspberry Pi

With built-in algorithms and the possibility to program on your own, the TECHBASE’s sleep/wake addon module can wake the device using a scheduler/timer. The module itself is based on ESP32-WROVER, used in the Moduino X series. ESP32 as a lightweight and low-powered solution is a perfect aid system for Raspberry Pi. Another option is wake on external triggers, e.g. change of input state, etc. All the options for sleep, shutdown and wake can be configured for various scenarios to ensure constant operation of devices, safety of data and continuity of work in case of power failure in any installation.

Sleep mode with additional power backup

Additional power management option for ModBerry devices is sleep functionality enhanced with SuperCap UPS energy backup device. This solution allows programming scenarios including the execution of chosen actions, in order to save data, send a notification and restart/shutdown the controller after completion.

Advanced power management solution

Most advanced configuration includes use of ESP32 module, known from the successful, lightweight Moduino X series, for extra logic for wake up / sleep scripts. This addon will allow the RaspberryPi-based ModBerry device to be woken up by the internal ESP32 controller

Moduino-ModBerry symbiosis allows a wide range of wake-up/sleep schedule customization, in order to perform best and save energy according to power supply state. Arduino and MicroPython environments provide libraries to control different scenarios of data and power management.

ModBerry 500-CM4-PM availability

The preliminary ModBerry 500-CM4-PM devices are available on request and delivery time will be specified by the Sales Dept. depending on the size of the project. Contact via email or Live Chat here: https://iiot-shop.com/