Security of TCPA agent

TCPA provides a minimal trusted base and does not protect from the OS from attacks
Only the TPM is protected
Trust in post-OS integrity reports is the responsibility of the recipient, for a specific application context
Reliability of capturing executable content and self-protection of measurement agent
- Buffer overflows
- Direct memory access
- TOCTOA

TCPA provides a minimal trusted base and does not protect from the OS from attacks