# Software Trusted Platform Module (SWTPM) Resource Sharing Scheme for Embedded Systems

**Authors:** Da-Chuan Chen, Guan-Ruei Chen, Yu-Ping Liao

PMC · DOI: 10.3390/s25123828 · Sensors (Basel, Switzerland) · 2025-06-19

## TL;DR

This paper introduces a cost-effective architecture for embedded systems using software-based TPMs and anomaly detection to ensure trustworthiness and reduce costs.

## Contribution

The novel contribution is a system architecture combining SWTPMs, dTPMs, and anomaly detection agents to maintain trust and reduce deployment costs in embedded systems.

## Key findings

- The proposed architecture uses SWTPMs on most nodes and dTPMs on central nodes to maintain system integrity.
- Anomaly detection agents effectively identify and isolate untrusted nodes and monitor traffic patterns.
- A custom measurement kernel and activation agent enforce a secure boot process for applications.

## Abstract

Embedded system networks are widely deployed across various domains and often perform mission-critical tasks, making it essential for all nodes within the system to be trustworthy. Traditionally, each node is equipped with a discrete Trusted Platform Module (dTPM) to ensure network-wide trustworthiness. However, this study proposes a cost-effective system architecture that deploys software-based TPMs (SWTPMs) on the majority of nodes, while reserving dTPMs for a few central nodes to maintain overall system integrity. The proposed architecture employs IBMACS for system integrity reporting. In addition, a database-based anomaly detection (AD) agent is developed to identify and isolate untrusted nodes. A traffic anomaly detection agent is also introduced to monitor communication between servers and clients, ensuring that traffic patterns remain normal. Finally, a custom measurement kernel is implemented, along with an activation agent, to enforce a measured boot process for custom applications during startup. This architecture is designed to safeguard mission-critical embedded systems from malicious threats while reducing deployment costs.

## Full-text entities

- **Diseases:** DDoS attacks (MESH:D019575), MBC (MESH:D007161), SWTPM (MESH:C538399), BD (MESH:D001528), AD (MESH:D000013), injury to (MESH:D014947)
- **Chemicals:** AD (-)
- **Species:** Homo sapiens (human, species) [taxon 9606]

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/PMC12196841/full.md

## Figures

25 figures with captions in the complete paper: https://tomesphere.com/paper/PMC12196841/full.md

## References

28 references — full list in the complete paper: https://tomesphere.com/paper/PMC12196841/full.md

---
Source: https://tomesphere.com/paper/PMC12196841