Inferensys

Glossary

Trusted Computing Base (TCB)

The set of all hardware, firmware, and software components that are critical to a system's security, where a single vulnerability or misconfiguration could compromise the entire system's security guarantees.
Isolated secure server room with network cables physically disconnected, minimal lighting, security-focused environment.
SECURITY ARCHITECTURE

What is Trusted Computing Base (TCB)?

The Trusted Computing Base (TCB) is the totality of hardware, firmware, and software components in a computing system that are critical to enforcing its security policy—a single vulnerability in any TCB component can compromise the entire system's security guarantees.

The Trusted Computing Base (TCB) is the set of all hardware, firmware, and software components whose correct functioning is essential to a system's security. If any element within the TCB fails or is compromised, the entire system's security policy becomes unenforceable. The primary design goal is to minimize TCB size—reducing the attack surface and making formal verification feasible. In confidential computing, the TCB typically includes the CPU package, the Trusted Execution Environment (TEE) firmware, and the application code running inside the enclave.

Critically, the TCB explicitly excludes the host operating system, hypervisor, and cloud provider infrastructure in a properly architected confidential AI deployment. This exclusion is the foundational value proposition of technologies like Intel SGX and AMD SEV. The TCB boundary is verified through remote attestation, which provides a cryptographically signed measurement of all TCB components, allowing a remote party to establish trust in the execution environment before releasing secrets or sensitive data.

SECURITY FOUNDATIONS

Core Characteristics of a TCB

The Trusted Computing Base (TCB) is the minimal set of hardware, firmware, and software components critical to enforcing a system's security policy. A vulnerability in any single TCB component can compromise the entire system.

01

Minimality

The security of a system is inversely proportional to the size and complexity of its TCB. A smaller TCB has a smaller attack surface, fewer lines of code to audit, and a lower probability of containing exploitable vulnerabilities.

  • Goal: Reduce the TCB to the absolute minimum required to enforce the security policy.
  • Exclusion: Components like device drivers, user applications, and the OS kernel (in a TEE model) are explicitly excluded from the TCB.
  • Verification: Formal methods and mathematical proofs become feasible only with a sufficiently small TCB.
02

Non-Bypassability

Every access to a protected resource or object must be mediated by the TCB. There can be no backdoors, undocumented interfaces, or alternative paths that allow an untrusted entity to circumvent the TCB's security checks.

  • Reference Monitor Concept: The TCB must function as a complete and always-invoked reference monitor.
  • Hardware Enforcement: Modern TCBs use hardware features like nested paging and memory encryption to enforce non-bypassability at the silicon level.
  • Example: In Intel SGX, the CPU hardware prevents even the OS or hypervisor from reading enclave memory.
03

Tamper-Proof Integrity

The TCB must be protected from unauthorized modification, both at rest and during execution. Its integrity must be verifiable at load time and continuously monitored at runtime.

  • Secure Boot: A hardware root of trust cryptographically verifies the TCB's firmware and software signatures before execution.
  • Measured Boot: Each component's hash is extended into a Platform Configuration Register (PCR) for remote attestation.
  • Runtime Protection: Hardware isolates TCB memory regions, preventing DMA attacks or privilege escalation from corrupting TCB state.
04

Verifiability

A TCB must be evaluable. Its correctness and trustworthiness must be demonstrable to a remote party through rigorous analysis, formal verification, or cryptographic attestation.

  • Remote Attestation: The TCB generates a signed report quoting its measurement, proving it is genuine and running unmodified code.
  • Open Source: While not strictly required, open-source TCB components allow independent security audits and community scrutiny.
  • Formal Verification: The highest assurance comes from mathematically proving the TCB's implementation matches its specification, a technique used in high-assurance separation kernels like seL4.
05

Correctness of Security Policy

The TCB must correctly enforce the intended security policy. A perfectly isolated and non-bypassable TCB that enforces a flawed policy is still insecure. The policy definition is itself part of the TCB.

  • Policy vs. Mechanism: The TCB provides the mechanism (isolation, access control), but the configured policy defines what is allowed.
  • Example: A TEE might perfectly isolate an enclave, but if the enclave code has a buffer overflow, the security policy is violated.
  • Implication: All code executing within the TCB boundary must be trusted to enforce the correct policy, reinforcing the need for minimality.
06

Trusted Path

The TCB must provide a secure, unspoofable communication channel between itself and the user or a remote relying party. This prevents an untrusted intermediary from intercepting or manipulating sensitive interactions.

  • Local Trusted Path: A secure attention key (e.g., Ctrl+Alt+Del) that guarantees the user is communicating directly with the TCB, not a spoofed login prompt.
  • Remote Trusted Path: Enclave TLS terminates a network connection directly inside a TEE, ensuring data is decrypted only within the protected TCB boundary.
  • Attestation Binding: The trusted path is established only after the remote party has cryptographically verified the TCB's identity via attestation.
TRUSTED COMPUTING BASE

Frequently Asked Questions

Clarifying the foundational security perimeter of a computing system, where a single flaw can undermine all guarantees.

The Trusted Computing Base (TCB) is the totality of hardware, firmware, and software components in a computing system that are critical to enforcing its security policy—a single vulnerability or misconfiguration in any of these components could compromise the entire system's security guarantees. The TCB defines the attack surface that must be trusted implicitly; if the TCB is breached, no higher-level security mechanism can be relied upon. In a confidential computing context, the TCB typically includes the CPU package, the Trusted Execution Environment (TEE) firmware, and the application code running inside the enclave, while explicitly excluding the operating system, hypervisor, and cloud provider infrastructure. The primary design goal is to minimize the TCB to the smallest possible set of components, reducing the potential for bugs and making formal verification feasible.

Prasad Kumkar

About the author

Prasad Kumkar

CEO & MD, Inference Systems

Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.

His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.