Hello,
I want to add a TPM on my Jetson TX2.
Are they all compatible ?
I found that the brand is not important and i found these 4 different one :
How do I connect it to the jetson then ?
Hi antonin.baltayan,
We don’t have experience on TPM module with devkit, hope other developers could share information with you.
Cheers
To get root of trust, you’d have to use the TPM in boot.
On Intel CPU PCs, this happens through the UEFI firmware, but because Jetson is ARM, and the boot manager / firmware of the Jetson does not establish a root of trust using TPM, then adding a TPM to a Jetson system seems largely meaningless. I mean, you can plug one in, and check a checkbox that it’s there, if you need to.
You may want to look into ARM TrustZone instead. See this thread for more: https://devtalk.nvidia.com/default/topic/1002938/jetson-tx2/linux-support-of-secure-os/2
The root of Trust functionality is only one of many functionalities of a TPM. Therefore an integration in the boot process is not essentially required.
The TPM can be also used for many other purposes. It stores secret keys in a tamper resistant environment, which is security certified with Common Criteria and the keys never leave the TPM. it also offers protection against side channel attacks and fault inhectioin. There are several scenarios. which can be protected by the TPM, for example the secured storage on external flash with cryptsetup, secured SSL/TLS communication, device authentication, protected remote firmware updates with rollback protection. More examples and open source code examples can be found in this Appnote: https://www.infineon.com/cms/en/product/promopages/tpm-tss-quickstarter/