IBM Corp. — which along with Compaq, Hewlett-Packard, Intel and Microsoft leads the 180-company alliance — said last week that it will ship the first systems using the Trusted Platform Module (TPM), which the group defined in January 2001. Others are expected to follow suit later this year.

But analysts and industry players say the TCPA technologies will be slow to market. And the job of morphing insecure PCs into trusted platforms faces huge technical and business challenges, many of which lie outside the alliance's scope and some of which tug against the core trends in computing today.

Those challenges include plugging dozens of known security holes in the PC; defining just what security means for the PC; igniting demand for security features among cost-conscious PC users; avoiding clashes with government agencies, privacy advocates and consumers who will see some security features as compromising rights; and balancing the drive for greater security with the push to extend PCs to larger, more open business and home nets.

The problems

The PC is riddled with security flaws. Indeed, "the reason the PC has seen such increases in performance and decreases in price is that it's totally open," said John Hull, marketing manager for the advanced PC division at National Semiconductor Corp. The industry, he said, has yet to develop "a precise enough language to talk about security," which may span everything from denying physical access to a notebook computer to creating a secure execution mode for code.

Chip and system makers must define and plug the holes gradually, without adding costs to the platform. Asked what PC users will spend on security, Gartner Dataquest senior analyst Martin Reynolds quipped, "My forecast is about nothing."

"Its always been hard to sell security since it's only honored in the breach," said Roger Kay, who heads PC hardware research at International Data Corp. "Fifty dollars is more than most people want to spend."

As PC makers look to add greater security, they will clash with government and consumer privacy agencies. The U.S. limits encryption exports above the level of 56-bit keys, which will be inadequate by 2008, Reynolds said. And a backlash will rise up from privacy groups and consumers if copyright holders use new PC security functions to, say, bar users from ripping songs off audio CDs.

Architecturally, greater security pulls against the trend to simplify the expansion and management of more diverse systems plugged into corporate and home networks. Many OEMs have made the automation of interactions on business networks their top design priority. In consumer networks, Microsoft Corp. has announced details of its eHome initiative, which aims to make the home PC a hub for networked TVs, stereos and control systems.

"We want to have trusted systems, and the models we all know [for that] are based on [a standalone] platform. On the other hand, we want to have every machine talking to every other machine," said Jean-Jacques Simon, R&D technology program manager for Hewlett-Packard's business desktop division in Grenoble, France. "At this point, I don't think there's any answer about how to do both at the same time."

IBM stepped into the breach last week when it rolled out its Thinkpad T30 high-end notebook, some models of which will use an Atmel processor compliant with the TPCA version 1.1 spec. IBM thus becomes the first of several companies expected over the next few months to launch computers using low-cost TPCA 1.1 silicon, which is also being made by Infineon, National Semiconductor and STMicroelectronics.

The chips, known as trusted platform modules (or TPMs), generally include a 16-bit microprocessor, a random number generator, an encryption accelerator, hashing capabilities and nonvolatile memory. TPMs can generate and securely store on-chip digital certificates and private keys, provide hardware support for multiple authentication schemes and handle encryption and decryption of files on demand.

The T30 marks the first system that complies with the TCPA spec announced in January 2001. To date, IBM has shipped about 3 million systems using an earlier version of the Atmel chip. It is making the new version available as a $25 option on most systems, said Robert Enochs, product manager for T-series notebooks.

'Frustrated by lack of adoption'

Kerry Maletsky, director of Atmel's ASSP division, said that other design wins will be announced this year and that 5 to 10 percent of PCs shipped could be using the TPMs within a year.

But others say uptake of the TPM chips has been slow and may continue to be. "The semiconductor guys have been frustrated by the lack of adoption," said Hull of National, which has yet to announce design wins for its SafeKeeper chip. "The major ramp is really next year. A lot of this depends on how quickly Microsoft brings security into the OS."

That's not expected until late 2004, when Microsoft rolls out the next major Windows version, dubbed Longhorn. Still, the TCPA hopes this year to ratify its version 1.2 spec, which essentially defines how to bring security features common in mainframes to a desktop OS. Version 1.2 defines barriers between an OS and applications and ways of isolating memory and system functions so that unauthorized code, such as a virus, "effectively dies," said Stacy Cannady, product manager for IBM's embedded security subsystem.

Today's modules can be used to ensure at bootup time that system BIOS has not been corrupted by rogue software, but "once the OS is loaded anyone can do anything," said Simon of HP. "What's lacking is something in the OS that takes advantage of this. Windows XP doesn't do it."

The 1.2 spec will provide the OS and network underpinnings to take better advantage of what the TCPA calls attestability, or the ability to query a platform across a network to determine whether it's trustworthy, said Mark Varady, chairman of the TCPA and a marketing manager for Intel Corp.'s desktop products group.

But HP's Simon and some chip makers expect motherboard makers to adopt the TPMs beginning this year. "It's like having a smart card on your motherboard," Simon said.

"It's a pretty good solution, but encryption is just one piece of the security puzzle," said analyst Kay of IDC. "[TCPA] probably will take off but [requires] support from other OEMs beyond IBM."

Alternative scheme

There's at least one alternative to the TCPA approach. Wave Systems Corp. (Lee, Mass.) provides a secure PC solution with a chip that includes similar functions to the TPM along with Wave's own systems software. NEC plans by June to start pilot tests in France of PCs that use the chip and software. Samsung is using the technology in a keyboard.

At WinHEC in mid-April, Microsoft said it is developing "software primitives" for authentication and securing hard-disk drives. But the software giant is still working through the issues surrounding PC security and may not have more substantial efforts to announce for at least two months.

"It will take a while to do the complete [OS] overhaul they are working on," said Reynolds of Dataquest.

Also at WinHEC, Intel president Paul Otellini said the company is building hardware security into future processors and chip sets.

Several years ago, Intel abandoned an effort to use processor serial numbers as keys when that move came under fire from privacy groups. It also scrapped an initiative to put random number generators into chip sets when that failed to gain traction.

"This is just the beginning of a very long road," said Stephen Heil, a Microsoft technology evangelist involved in the TCPA.