Hi [[ session.user.profile.firstName ]]

Race to Root - Platform Integrity and Attestation

As the focus on hardware security increases, many are vying for the top spot in a "Race to Root". TCG has several standards and work groups (Compliance, Cyber Resilience, DICE, etc) to give developers the edge and to provide the basis for a secure ecosystem. This webcast will summarize the work TCG has been doing to advance hardware security and to enable a RoT (Root of Trust) pole position.
Recorded Apr 29 2020 59 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Thorsten Stremlau, Global Commercial CTO, Lenovo, and Dennis Mattoon, Principal Software Development Engineer, Microsoft
Presentation preview: Race to Root - Platform Integrity and Attestation

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Race to Root - Platform Integrity and Attestation Recorded: Apr 29 2020 59 mins
    Thorsten Stremlau, Global Commercial CTO, Lenovo, and Dennis Mattoon, Principal Software Development Engineer, Microsoft
    As the focus on hardware security increases, many are vying for the top spot in a "Race to Root". TCG has several standards and work groups (Compliance, Cyber Resilience, DICE, etc) to give developers the edge and to provide the basis for a secure ecosystem. This webcast will summarize the work TCG has been doing to advance hardware security and to enable a RoT (Root of Trust) pole position.
  • How to Secure Network Equipment Against Attacks Recorded: May 16 2018 55 mins
    Steve Hanna, Infineon
    Much effort has been put into securing data at rest and in transit. But what about the network equipment at the heart of today’s connected enterprises and the huge Internet of Things? Routers, switches and firewalls remain vulnerable to attacks that can compromise these devices.

    In a webcast Wed., May 16, 1:00 p.m. Eastern/10:00 a.m. Pacific, join TCG experts Steve Hanna, Senior Principal, Infineon Technologies, Bill Sulzen,Technical Leader, Cisco Systems, Inc., and Michael Eckel, Security Engineer, Huawei Technologies for a tutorial on how to secure network equipment.

    The webcast will outline key vulnerabilities and specific steps to embed network equipment with foundational security, based on a root of trust. Steve Hanna will advise attendees on key requirements and considerations for designing more secure routers, switches and firewalls and what they need to harden them against attacks, including malware.
  • How to Implement Trusted Platforms and EcoSystems Recorded: Feb 15 2018 56 mins
    Phil Tricca, Intel, and Lee Wilson, OnBoard Security
    Daily reports of attacks and breaches, from servers, PCs and data centers to IoT systems, mean that developers and OEMs must embed security at the foundation of their systems and ecosystem. This new webcast with long-time TPM and Trusted Software Stack expert Lee Wilson, OnBoard Security, and Philip Tricca, Intel Corporation, will review the key attributes of the TPM and how the new TCG TSS can be used for bottoms-up defense using a trust chain and improving overall platform security.

    Attendees will learn about the changes to TSS to make use much easier and more efficient, how to start developing applications and resources. Use cases including key storage and software measurement will be addressed along with strong device identity and authentication. Using the TPM and TSS for health monitoring also will be discussed.

    Wilson is business development engineer at OnBoard Security, where he is responsible for technical support and business development of OnBoard Security's TCG Software Stack 2.0 (TrustSentry 2.0) and OnBoard Security's post-quantum cryptography (NTRU and pqNTRUsign).

    Prior to joining OnBoard Security, Lee had a 35 year career with IBM. He currently chairs the Trusted Software Stack and Virtualized Platform Work Groups for Trusted Computing Group. Lee earned his BSEE work at Northwestern University and his MSEE work at Syracuse University and has been awarded TCG’s Key Contributor Award.

    Tricca is a software architect and engineer working in Intel’s platform security division. His career began with a 7-year stint in a U.S. Air Force research lab working with open source Linux security technology including mandatory access control systems like SELinux and measured boot using the TPM 1.2 devices. Most recently Philip has found his way to Intel where his current responsibilities include transforming Intel’s open source implementation of the TPM2 Software Stack (TSS2) from proof of concept to a vibrant and sustainable OSS project.
  • Securing Network Equipment with Trust and Integrity Recorded: Jul 25 2017 57 mins
    Steve Hanna, Senior Principal at Infineon Technologies and Michael Eckel, Security Technologist at Huawei Technologies
    Interconnected networks are critical to the operation of a broad and growing range of devices and services, from computers and phones to industrial systems and critical infrastructure.

    The integrity and security of routers, switches, and firewalls is essential to network reliability, as well as to the integrity and privacy of data on these networks. As increasingly sophisticated attacks are launched on network equipment, strong protection mechanisms for network equipment, both on the device and service level, is required.

    TCG recently has issued its Guidance for Securing Network Equipment with use-cases and implementation approaches to solve these problems, designed to help system designers and network architects get the best security possible from this powerful technology.
    Join TCG experts to learn about using device identity, securing secrets, protecting configuration data, inventorying software, conducting health checks, using licensed feature authorization and more.


    Steve Hanna, Senior Principal at Infineon Technologies, currently chairs TCG’s Embedded Systems and IoT groups and driving the effort for a new industrial IoT group within the organization. He has been active in the Industrial Internet Consortium and its security efforts as well. He is the author of several IETF and TCG standards and published papers, an inventor or co-inventor on 41 issued U.S. patents; and holds a Bachelor’s degree in Computer Science from Harvard University.

    Michael Eckel is a Security Technologist at Huawei Technologies. Previously, he was a researcher and software developer at Fraunhofer SIT; mobile software developer at boostix and a web and software developer for a number of other companies. He holds a masters degree in computer science. Eckel currently participates in the Trusted Computing Group’s NetEQ subgroup, working to secure vulnerable network equipment.
  • What Embedded and IoT Developers Think About IoT Security: A Look at Survey Data Recorded: Apr 24 2017 60 mins
    Stacy Cannady, Cisco Systems and Richard Nass, Embedded Computing Design/OpenSystemsMedia
    Join Stacy Cannady, Cisco Systems and Richard Nass, Embedded Computing Design/OpenSystemsMedia in a webcast Monday, April 24, 10 a.m. Pacific/ 1:00 p.m. East to talk about the hottest issue today in the IoT and embedded design: security.

    With Embedded Computing Design (ECD), the Trusted Computing Group (TCG) conducted an Internet of Things (IoT) Security Survey January to February 2017 to find if and how designers were addressing these concerns.

    The webcast will look at how designers perceive security, whether they’re including security in their designs, challenges to embedded and IoT security, and their awareness and use of trusted computing.

    Attendees will see survey results and hear from our experts on trending security issues and potential solutions to protecting devices, networks and data.
  • How to Use the Trusted Platform Module (TPM) for Trust and Security Recorded: Jan 31 2017 62 mins
    Monty Wiseman, General Electric Company, and Lee Wilson, Security Innovation
    The rush to connect ever more devices with sensitive data and often insecure connections has created an exponential increase in associated security issues. Every day brings new reports of attacks, hacks, malware and data breaches. Fortunately, there are some widely vetted ways to help prevent many of these incidents: the TPM, or Trusted Platform Module, which can be implemented now in a number of ways.

    This webcast, with TCG TPM experts Lee Wilson, Security Innovation and Monty Wiseman, GE, will review basic trust concepts, key TPM attributes and functions, the new library specification including newly added features, and how the TPM is used in specific applications. The implementation of the TPM in mobile, embedded and IoT devices will be addressed.

    The session also will include a Q&A with attendees, so come prepared with your TPM questions.
  • Save the Data: How to Protect Data Wherever It Lives Recorded: Nov 16 2016 61 mins
    Robert Thibadeau, Drive Trust Alliance
    Data has exploded across devices and anything with memory. No matter where it lives and whatever it is - sensitive personal, medical, financial, business data, photos and music – all such data is highly vulnerable, In fact, breaches occur daily and the growing number of interconnected “things” means that even more data is open to attacks, theft, hacks, and loss. This webcast, featuring a leading expert on encryption and data protection, will examine just why stored-data is not always protected, the role of encryption across devices and storage systems, and how encryption can satisfy compliance regulations. The webcast will look at were to find secure data devices and how they can be deployed in the enterprise and in the IoT, as well as current and emerging standards to support growing demands and requirements for data protection and encryption.

    Join Trusted Computing Group to learn how to protect data now.
  • Securing IoT Endpoints, Networks and the Cloud Recorded: Sep 20 2016 60 mins
    Cisco and GlobalSign
    Using Strong Device Identity, Network Security and Integrity Checks

    Endpoints in the IoT by nature are vulnerable to many kinds of attacks and exploits. Widely vetted security approaches can help close these vulnerabilities while also protecting networks and data that is stored in the cloud. This webcast, hosted by Trusted Computing Group and its members GlobalSign and Cisco, will illustrate key techniques for closing critical IoT security gaps in a number of applications and endpoints.

    Part one of the webcast will examine critical security concerns that an IoT provider needs to address. These include authentication, privacy and integrity. Attendees will learn how to mitigate risks in securing trust credentials using public key infrastructure (PKI) and the international standards-based Trusted Platform Module.

    In part two, TCG experts will look at the example of smart buildings, in which endpoints must be checked for integrity, allowed safely on a network and exchange data with the cloud - all securely and without the introduction of malware or other attacks. In this example, the techniques and technologies can be applied to many endpoints, which will be addressed.

    Attendees will learn key vulnerabilities of IoT endpoints, networks and data and learn how to secure them using widely available tools and technologies.
  • Protecting Intellectual Property in the IoT with Trusted Computing Recorded: Jun 7 2016 49 mins
    Steve Hanna of Infineon and Günther Fischer of WIBU
    Loss of IP Can Cost Companies Millions – or Even the Business. Join this Webcast to Learn How to Protect Data in the Internet of Things

    Attackers often use reverse engineering to locate software vulnerabilities that they then
    can exploit to create counterfeit products, steal sensitive data, or tamper with for sabotage and espionage purposes.

    In IoT and embedded systems, this can lead to serious and dangerous hacks, as recent attacks on safety-critical automotive components have shown. How can developers protect against such attacks?

    This webcast will discuss widely vetted industry standards and solutions to protect software integrity against cyber violations and safeguard the intellectual property. The webcast will provide a brief overview of the TPM and how it is being used to create secured code and licenses. Attendees will learn how these licenses can be bound to a secure element and integrated into existing business processes. Speakers from TCG members Infineon and WIBU also will answer questions about this approach.
  • Securing IoT with Trusted Computing Demonstration Video by Cisco, Infineon, and Recorded: Jun 1 2015 38 mins
    Cisco, Infineon,and Intel
    Securing IoT with Trusted Computing demonstration built by Trusted Computing Group member companies Cisco, Infineon, and Intel with the assistance of Applied Sciences, Rapperswil, presented at RSA 2015 during the the TCG Association Seminar and Demonstration Showcase: Should We Trust Mobile Computing, IoT and the Cloud? No, But There Are Solutions.
  • TCG Technologies for Protecting Internet of Things (IoT) Against Attacks Recorded: Apr 2 2015 58 mins
    Bill Morelli, IHS Technologies with TCG IoT Co-Chair Steve Hanna, Infineon Technologies.
    Join Trusted Computing Group (TCG) and its experts as we look at how to secure the exploding Internet of Things (IoT) and associated endpoints, networks and data, using widely available and supported existing trusted computing solutions for the IoT.

    This webcast will examine how a huge variety of IoT endpoints, resulting in massive amounts of data, can be secured in a way that is consistent with IoT requirements, including cost, footprint and power consumption. The role of trust, including unique identity and integrity, will be discussed.

    Use cases and examples of implementation ideas will be provided for a variety of applications. The webcast will examine emerging standards and requirements and how industry standards will support them.
  • Industrial Control System (ICS) Security Using TNC Technology Webcast Recorded: Sep 18 2014 61 mins
    Steve Venema (Boeing), Eric Byres (Belden), David Mattes (Asguard Networks), Lisa Lorenzin (Juniper)
    Industrial control systems represent one of the largest and potentially damaging attack surfaces in our now-interconnected world. Although gains have been made with awareness of security for ICS and SCADA networks, solutions are still emerging. TCG, with other groups, has been working to develop standards that will enable comprehensive ICS security building on existing standards and for both existing and future industrial network architectures.

    This webcast will address the need for a distributed network approach to ICS security and how TCG standards, complementing those developed by ISA/IEC, can implement the deployment, management and protection of large-scale ICS. The approach is based on a virtual overlay network that tops a standard Internet Protocol network infrastructure.

    Experts from The Boeing Corporation, Asguard Networks and Tofino Security/Belden will address the key concepts of the overlay network, the status of standards for implementation and key strategies for ICS network architects and security professionals.

    Attendees learn how to evaluate and use these standards and critical steps for secure ICS networks.
  • Stop Data Breaches Now: A Webcast on Self-encrypting Drives for Enterprises Recorded: Jul 16 2014 52 mins
    Michael Willett (Samsung Electronics), Andy Avery (Wave Systems), and Darren Leroux (WinMagic)
    Data breaches continue to cost businesses big money - and not just legal costs, fines and lost business. The huge, recent Target incident has proven that a large breach can impact the stock price and ongoing trade over time and endanger the careers of the C-level executives at the helm.

    So, despite available technologies, data continues to be lost. Sometimes it’s a matter of the lost laptop with Social Security numbers or other personally identifiable information. In other cases, we ‘re talking about racks of drives being lost to carefully planned theft, or loads of critical info left on drives that were disposed of improperly.

    But there ARE solutions - solutions that now are widely available, easy to implement and basically foolproof. For many instances of data breach, this solution is the self-encrypting drive, or SED. These drives, based on industries standards developed by TCG and implemented by almost all storage vendors, provide instant, on-the-fly, transparent encryption. Users cannot turn it off, and it does not impact system performance. SEDs are available as traditional hard disk drives, in enterprise and client SSDs and in enterprise-class storage solutions for data centers.

    Join experts from Samsung, Seagate and WinMagic as we look at the key concepts of SEDs, performance and implementation and the role of SEDs in enterprise data protection. See how companies are using them and tips for a successful deployment that can protect data all the time and allow for the instant erasure or re-purposing of drives easily and effectively.
  • Using the TPM to Solve Today’s Most Urgent Cybersecurity Problems Webcast Recorded: May 20 2014 63 mins
    Stacy Cannady, CISSP (Cisco) and Monty Wiseman, Security Architect (Intel)
    With the recent discovery of the flaw in OpenSSL, Heartbleed, even the least computer-savvy among us has seen the potential threat and damage caused by cybersecurity problems. And Heartbleed is just one of many attacks, breaches, viruses, and more that just keep coming. With IT and security pros under siege and various vendors emerging with a dizzying array of potential solutions, how can enterprise users best protect against and mitigate many security issues?

    This webinar will address a fundamental and key aspect to IT security: the root of trust. Embedded into devices, whether PCs, servers, networking gear, mobile platforms or embedded systems of any kind, the root of trust, typically implemented by the Trusted Platform Module (TPM), provides a proven, safe foundation for more secure computing. Learn the key concepts of trusted systems, why they’re critical to establishing security and supporting other solutions and what is new with the TPM. Speakers with extensive experience implementing and developing the TPM will address its use and what to expect with emerging platforms.
  • Industrial Control System (ICS) Security Using TNC Technology Webcast Recorded: Nov 19 2013 43 mins
    Eric Bynes (Tofino Security), Lisa Lorenzin (Juniper Networks), David Mattes ( Asguard Networks)
    Industrial Control Systems (ICSs) are increasingly being connected to the internet and exposed to viruses, malware and attacks that affect other network-connected systems. As a result, many standards organizations including the International Society of Automation America (ISA), International Electrotechnical Commission (IEC) and the Trusted Computing Group (TCG) in cooperation with Internet Engineering Task Force (IETF), The Open Group and others) are developing standards-based approaches for increased control system security.
    TCG standards developed by the Trusted Network Connect (TNC) workgroup (See Sidebar) can be implemented today to provide increased security and protection from unauthorized ICS access. These standards help implement the security defined in ISA/IEC specifications. Specifically, the Interface for a Metadata Access Point (IF-MAP) Metadata for ICS Security specification facilitates the deployment, management, and protection of large-scale industrial control systems by creating virtual overlay networks on top of standard shared internet protocol (IP) network infrastructure.
    In the webcast, ICS experts Eric Byres, CTO for Tofino Security, Belden, and David Mattes, founder and CEO, Asguard Networks, will discuss these standards and how IT and control system executives and architects can implement a standards-based, interoperable approach to ICS security. Attendees will learn critical strategies, steps to success and how one major aviation company has set up its ICS security using the basic standards-based approach.
    Join us on Tues. Nov. 19th, 10 a.m. Pacific/1 p.m. East for this exciting look at securing our critical infrastructure.
  • Cybersecurity: Learn Critical Strategies to Protecting Your Enterprise Recorded: Nov 6 2013 33 mins
    Steve Hanna (Juniper) and Atul Shah (Microsoft)
    Businesses are under attack — and the frequency and severity of the resulting breaches continues to escalate. No one is immune, and the odds of success remain in attackers’ favor. A single employee, clicking on a link in a phishing email, can be all an attacker needs to establish a beachhead inside an enterprise network that can be used to steal secrets or sabotage systems.
    This webcast, based on a new Architect’s Guide, shows enterprise security architects how they can design and deploy successful, highly auto- mated security solutions based on open architecture and standards to solve today’s most pressing cybersecurity challenges.
    Attendees will hear from leading security experts who will address critical strategies they can implement now. Attendees also will learn how to assess their security state and what role standards-based solutions can play in improving security to prevent inevitable attacks.
  • Data Security Using TCG Self-Encrypting Drive Technology Recorded: Jun 11 2013 43 mins
    Tom Coughlin, Coughlin & Associates and Hussein Syed, Barnabas Health and Michael Willett, Samsung
    Now that self-encrypting drives are becoming widely available for client and enterprise storage, how do you deploy them? What are the critical steps to assessing when and how to use SEDs? What about industry best practices and standards? Storage industry expert Tom Coughlin of Coughlin Associates and Hussein Syed, Barnabas Health will address the realities of using SEDs today.

    SEDs, which automatically and transparently encrypt data constantly in the hard drive itself, meet U.S. and international standards for compliance and provide a safe harbor while protecting against data breaches typical to today's enterprise environment. The webinar will address seven steps for IT, legal and security staff to follow to deploy encryption. A quick review of self-encrypting drive capabilities will be provided with discussion of crypto-erase, as recommended by the National Institute of Standards and Technology. The Storage Networking Industry Association (SNIA) checklist for encryption and SED's role will be reviewed along with case studies on SEDs in real enterprises with discussion of deployment challenges and resolving them.
  • Security Automation Recorded: May 15 2013 33 mins
    Steve Hanna, Juniper Networks and David Waltermire, National Institute of Standards and Technology
    Steve Hanna and Dave Waltermire will talk about the war of info security and the battle between attackers and defends. The webinar will describe security automation as a way to automate security tasks and lay out a four-step process to automate more aspects of information security and better protect enterprise systems, networks and assets against today's sophisticated, automated attacks.
The TCG is an international industry standards group.
The Trusted Computing Group (TCG) is incorporated as a not-for-profit industry standards organization focused on developing, defining, and promoting open standards for trusted computing that will benefit users. The organization's structure has been designed to enable broad participation, efficient management, and widespread adoption of the organization's specifications.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Race to Root - Platform Integrity and Attestation
  • Live at: Apr 29 2020 5:00 pm
  • Presented by: Thorsten Stremlau, Global Commercial CTO, Lenovo, and Dennis Mattoon, Principal Software Development Engineer, Microsoft
  • From:
Your email has been sent.
or close