A model-based testing framework for trusted platform module

Trusted Computing Group (TCG) provides Trusted Platform Module (TPM) specifications, as the core of Trusted Computing (TC) technology, to industry in order to overcome the failure of protecting sensitive data using software-only security mechanisms. Currently, TPM is implemented as integrated circui...

Full description

Saved in:
Bibliographic Details
Main Author: Farag Elhagari, Usama Tharwat
Format: Thesis
Language:English
Published: 2015
Subjects:
Online Access:http://eprints.utm.my/id/eprint/54753/1/UsamaTharwatFaragElhagariPFC2015.pdf
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Trusted Computing Group (TCG) provides Trusted Platform Module (TPM) specifications, as the core of Trusted Computing (TC) technology, to industry in order to overcome the failure of protecting sensitive data using software-only security mechanisms. Currently, TPM is implemented as integrated circuit mounted in computing platforms. Over 200 million TPM, from different vendors, nowadays are already mounted in computing platforms, such as laptops and desktops. So, there is an urgent need to verify the correctness of these TPM implementations and testing their security functionality. However, research on TPM testing and evaluating TC products is still in the initial stage. As far as our knowledge goes, a TPM Testing Framework (TPM-TF) and Test Automation (TA) have not been well established yet. This research contributes in the TPM testing by designing and developing an enhanced TPM-TF that combines the TPM compliance testing, TPM security testing, and simulation of the TPM allowed behaviour. The proposed TPM-TF is proven to be scalable, where it could conduct three different on-line automatic tests namely function test, command test, and security test for any TPM implementation of certain TPM specifications version. These tests serve four testing quality dimensions which are functionality, reliability, robustness, and security. For these tests, TPM-TF has generated valid and random off-line and on-the-fly test cases using Input-Output Conformance testing theory and its algorithm, without suffering from the state space explosion problem. Additionally it has the capability of automatic and interactive simulating the TPM specifications based on Coloured Petri Nets (CPN) theory. This capability serves not only TPM experts but also users who have abstract background about TPM. The main contribution of this research is TPM-TF can provide TPM testing services to government, organisations and most importantly the Common Criteria facility in Malaysia.