Bios Authorized ICE session
Original Publication Date: 2001-Aug-11
Included in the Prior Art Database: 2003-Jun-20
The TCPA specification Version 1.0 defines an architecture for System Integrity Measurements. Trusted code(called the Root of Trust Measurement (RTM)) is responsible for measuring the integrity of BIOS, option ROMs, IDL code, etc. The RTM stores these measurements in the TPMs PCR (Platform Configuration Register) registers. These registers can later be used to verify all of the code that was loaded in the boot process. A platform with a secure boot will generate a unique signature in the PCR's. In this way, a challenger can verify the integrity of the platform. A person attempting to subvert this process could block all TPM accesses via an In Circuit Emulator (ICE) and later place any value into these registers. This would allow this person to load code which could attack a systems integrity. This attack is conceded by the current TCPA spec. There are no safeguards specified to fight this type of attack. All hardware ICE tools use the IEEE 1149 protocol to communicate with the CPU. This is commonly known as the JTAG or ITP port. The following proposal would addresses this issue. The system owner would initialize each TPM with a password which controls access to the JTAG port. This password would be required to be entered before a debug or ice session could be enabled on the system. The password could be entered during the Bios Setup screen. Until the password is sent to the TPM , the TDO and TDI lines of the JTAG interface would be held 'low'. This would disable the use of the ICE. Once the proper password was entered, the TDI and TDO lines would be tri-stated, allowing the ICE to take control of the CPU. This method allows both the use of an ICE if required by the user as well as blocks it's use when the system is in use. The TPM would control the use of the ICE so that only through a secure method could the ICE be enabled. With this methodology, a system can be secured from an ICE attack.