SPI TPM Reference Design (AN46): Difference between revisions

Preface

This application note provides the reference design and design notes for SPI TPM used on SMARC carrier boards.

Terminology

SPI TPM Reference Design

The Trusted Platform Module (TPM) is an international standard for security applications maintained by the Trusted Computing Group (TCG). The TCG considers the Intel Low Pin Count (LPC), Serial Peripheral Interface (SPI), and I²C interface for host communication. However, the SMARC 2.1 specification does not feature an Intel LPC interface and only non-x86 based platforms use the I²C interface for the TPM.

The reference design below shows how to design an SPI TPM to a SMARC 2.1 carrier board. The SPI TPM used in this reference design is an Infineon TPM SLB 9670VQ2.0

The SPI TPM is connected to the SMARC SPIO interface.

Figure 1: SPI TPM Reference Design

Design notes

• Typically, the on-module BIOS flash and the optional carrier board BIOS flash device are connected to SMARC SPI0
• SPI0_CS1# (SMARC pin P31) must be used for the active low SPI chip select input of the TPM
• A pull-up resistor R1 is required to ensure the correct voltage level during start-up phase. congatec SMARC modules feature the required series resistors for SPI on the module. However, we recommend to place resistors R2, R3 and R4 on the carrier board for signal tuning purposes. Additionally, we recommend minimizing the routing length on the SMARC carrier board to less than 2500 mil.
• congatec SMARC modules do not support SPI TPM in the default configuration. Therefore, a custom BIOS version (e.g. SA50R916.bin for conga-SA5) must be used in order to enable SPI TPM support and to configure the required SPI clock frequency. Additionally, it is required to disable the Intel Firmware-based TPM (fTPM) in BIOS setup menu.