SANS Rocky Mountain Fall is Live Online! Join us Nov 2-7 MT for 17 interactive courses + NetWars. Save $300 thru 10/7.


Subscribe to SANS Newsletters

Join the SANS Community to receive the latest curated cyber security news, vulnerabilities and mitigations, training opportunities, and our webcast schedule.

Implementing Hardware Roots of Trust: A New Guide to Hardware Security Developed by the SANS Institute

Learn How to Implement a Ubiquitous Technology Already Embedded in Enterprise Endpoints

  • Bethesda, MD
  • June 24, 2013

SANS Institute has developed a first-of-its-kind guide to update organizations on exciting new uses for implementing hardware roots of trust, enabled by the Trusted Platform Module (TPM). The guide will be available at

In this seminal document SANS looks at the broad industry support for TPM, the standards behind it. The report also provides updates on how TPMs are widely used in many computing devices, from mobile phones to low-cost Chromebook computers to high-end servers. Operating system support, including Windows, is also reviewed with discussion of the TPM's security capabilities in Windows 8 and the upcoming Windows 8.1. The report also examines how self-encrypting drives, or SEDs can be used for additional enterprise security and data protection.

"In researching the progress TCG has made with the TPM, I was surprised to find just how much more widespread and mature these technologies are than even just two or three years ago," says Gal Shpantzer, security analyst and SANS instructor who authored the paper. "We're really seeing the diversity of platforms and use cases for the hardware root of trust that TCG has been promoting and coordinating for a full decade now."

This paper details how the TPM measures and verifies the state of a system to ensure it has not been tampered with or injected with malware. Among other things, readers will learn:

  • How the standards-based TPM root of trust is gaining traction in formal security leadership in the government (through NIST SP 800-164 and NSA HAP, or High Assurance program and other programs, for example)
  • Where and how TPM is embedded in hardware, as demonstrated in case studies from $250 Chromebooks with TPM for boot integrity on the consumer-grade devices to enterprise Windows 12 Servers
  • Case studies on how TPM is implemented at pre-boot to protect against tampering and bootkits (formerly known as rootkits)
  • Examples of TPM use for classified, multi-level desktop virtualization in the Air Force Research Labs (AFRL) SecureView program

"We're big believers in Trusted Computing Group and its mission as is evidenced by the strong dependencies that Windows has taken on TCG technologies such as UEFI [Unified Extensible Firmware Interface], TPM and SEDs," says Microsoft's Chris Hallum. "We'll continue to look for new way to improve Windows security by taking greater advantage the work and standards coming out of the TCG."

The paper is associated with an archived informational webcast featuring Gal Shpantzer and John Pescatore from the SANS Institute. Joining them are Cisco's Stacy Cannady, TPM expert, and Chris Hallum, Microsoft's product manager for Windows Security Solutions and expert on roots of trust.

To learn more about how TPM can best be implemented visit the recorded webcast at no charge and click the register button here:

Trusted Computing Group:

Anne Price, PR Works, Inc.

About TCG

The Trusted Computing Group (TCG) is a not-for-profit organization that develops, defines and promotes open, vendor-neutral, global industry standards based on a hardware root of trust, for interoperable trusted computing platforms. Billions of endpoints use TCG standards to ensure system integrity, protect networks and secure data. For more information, see and on Twitter and LinkedIn.

SANS Media Contact

About SANS Institute

The SANS Institute was established in 1989 as a cooperative research and education organization. Today, SANS is the most trusted and, by far, the largest provider of cyber security training and certification to professionals in government and commercial institutions worldwide. Renowned SANS instructors teach more than 60 courses at In-Person and Live Online cyber security training events, and more than 50 courses are available anytime, anywhere with our OnDemand platform. GIAC, an affiliate of the SANS Institute, validates practitioner skills through more than 35 hands-on, technical certifications in cyber security. The SANS Technology Institute, a regionally accredited independent subsidiary, offers a master’s degree, graduate certificates, and an undergraduate certificate in cyber security. SANS Security Awareness, a division of SANS, provides organizations with a complete and comprehensive security awareness solution, enabling them to easily and effectively manage their ‘human’ cybersecurity risk. SANS also delivers a wide variety of free resources to the InfoSec community including consensus projects, research reports, webcasts, podcasts, and newsletters; it also operates the Internet's early warning system – the Internet Storm Center. At the heart of SANS are the many security practitioners, representing varied global organizations from corporations to universities, working together to support and educate the global information security community. (