From aa7d49d8000820309138ae2d1266800e1c925338 Mon Sep 17 00:00:00 2001 From: Rob Craig Date: Fri, 10 May 2024 13:46:56 -0400 Subject: [PATCH] Create 2024-05-03.md Adds meeting minutes/agenda SPDX Hardware Team Meeting 2024-05-03 --- hardware/2024-05-03.md | 52 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 52 insertions(+) create mode 100644 hardware/2024-05-03.md diff --git a/hardware/2024-05-03.md b/hardware/2024-05-03.md new file mode 100644 index 000000000..3a1296798 --- /dev/null +++ b/hardware/2024-05-03.md @@ -0,0 +1,52 @@ +# SPDX Hardware Team Meeting 2024-05-03 + +## Attendees +- Alfred Strauch +- Steven Carbno +- Monty Wiseman +- Kate Stewart +- Klaas Wijbrans (Philips) +- Rai Thakur +- Henk Birkholz + + +## Agenda +* Monty to do presentation on May 3 related to hw certificates (Trusted Computing) + +## Notes +* Klaas - Philipps Medical - hardware and software need to interact. + * Use Case of Hardware and Software - Klaas to write up this example. +* Modeling in SPDX with +* Modeling tools: ?http://www.modelio.org +https://docs.google.com/document/d/1OdUDRcLFxXz3bskuvCOmji710dS6b6HMLuWMYBoF1Cc/edit + +* Monty provided presentation on TPM + * TPM specification - Part 1 is the cliff's note. + * Spec doesn't define how to get things included. + * Secure Boot vs. Trusted Boot -- From paper in 1996. Could be considered Actually Existential Boot. + * https://csrc.nist.gov/glossary/term/attestation. - Monty refers to the first definition, NOT the 2nd (e.g., the Secure Software Development Attestation Form) + * What do if fails? remediation is an issue in Critical systems. In TPM world, create identy of component, usually hash. Don't make evaluation along the way, put into a PCR (Platform Configuration Register). + * No write operation to PCR, only an extend. Starts at "0". Send to TPM in Extend operation, and appends, hashes, and building chains. Replaces the existing values. So fixed. Can have unlimited number of exensions. + * Keep in clear log of measurement components. Look at PCR value to verify what is in the clear. "Quote" signed by internal TPM. + * There are up to 24 PCRs. (This is an example of based on the TPM for the PC Client) + * Write up this as In IETF RATS (RFC 9334) as "Evidence" - evidence they are related, but connected together. + * SBOMs can included hashes for file systems; firmware; etc. Source of reference value. Reference Integrity manifests, show which hashes in execution environments. + * The Endorsement Key (EK) is a Unique key is persistant and permanent - function of manufacturer & device physical property. + * BOM - also recording the endorsement key. Platform certificate follows 5280-ASN1 & 5755; signed by platform manufacturer (not the TPM IP owner). + * Since 2016 Intel selling these with Platform Certificates. Other manufactures do as well. + * OpenSSL didn't handle 5755 initially, and since 3.0.2 will be supporting these attributes certificates. + * Everything in TPM is "Crypto Agile". + * Would this be possible to check the hardware integrity in the field? Yes, for example a Register to read dip switches and chain - tamper evidence switch... left in PCR. + +## Decisions +* + +## Action Items +* May 17 Henk Birkholz will present reference integrity manifest +* SPDX specific relationship case studies need to be considered +* Henk will outline execution for repo +* Start to diagram out how SBOM deploy images in a trusted boot environment. +Information also provided presentations at RSA Conferences: + https://www.rsaconference.com/experts/monty-wiseman + +## Next SPDX Hardware Team Meeting 2024-05-17