Extensible, Timing-Accurate TPM Simulator

This page is dedicated to the extensible, timing-accurate TPM-simulator that was created as part of our broader trusted computing research project.

The addition of security-oriented hardware devices such as Trusted Platform Modules (TPMs) to computing systems, as promoted by the Trusted Computing Group, leads to many interesting possibilities - many of which we are exploring in the SPAN Lab. Many interesting research questions are of the form "What if the TPM could do x?", but since the functionality of these chips is necessarily fixed it is difficult to explore these questions experimentally and evaluate the performance of proposed solutions.

To support our work, we started with the TPM emulator developed by Mario Strasser and others, and made several modifications: first, we developed a technique for adding plugins to the simulator, which can be loaded or unloaded as needed when the simulator is run, and included ways for plugins to save persistent data (as if it were saved inside the simulated TPM); second, we generalized all uses of cryptographic keys in the simulator so that new key types could be registered by plugins and used by existing or new TPM commands; third, we generalized the method of command dispatch in the simulator so that we could add new command sets to experiment with new functionality; and fourth, we developed a timing model for TPMs so that timings for both existing and new commands (with certain restrictions and assumptions) reflects the time on real TPMs.

Documentation for creating plugins is included in the source bundle as "README-extensions.txt" as well as documentation in the code - this can also be viewed directly from this web page.

The model that we use for timing estimations is based on a series of experiments which produced "performance profiles" for TPMs from different manufacturers, and we validated the resulting models using tests with actual hardware. Our validation process shows that our timing model is very accurate (errors less than 20ms and typically less than 1%) for all but one of the TPMs tested. While the accuracy on the remaining TPM is less than ideal, approaching 25%, we were able to hand-tune this model so that errors in estimated time were reduced to less than 16%.

Full information about the timing models and validation is available from the following publication:

• V. Gunupudi and S. R. Tate, "Timing-Accurate TPM Simulation for What-If Explorations in Trusted Computing", International Symposium on Performance Evaluation of Computer and Telecommunication Systems, pp. 171-178, 07/2010.

Download

• tpmsim-0.5.tgz: Complete extensible TPM-simulator, with the following plugins: base, random oracles, and hashtree
• Documentation for developers wanting to write new plugins

Note that this is a fork of the TPM emulator written and distributed by Mario Strasser. Information on the original emulator can be obtained from this web site:

• Original TPM Emulator (at Berlios)

Plugins

We provide a means for people developing plugins to register plugins in a way that allocates ordinals so that there are no conflicts between plugins. Information on registered plugins can be found at the following link:

• Registered Plugins - list, documentation, and code when available

Credits

The following people have contributed ideas or code to this software: Stephen Tate, Vandana Gunupudi, Alex Kilgore, Sahana Rangaraju, and Roopa Vishwanathan.

SPAN Lab - An Education and Research Lab at the University of North Carolina at Greensboro