Scribd Logo
Upload

Welcome to Scribd!

  • 62 views

    TSB81036Y0000R01 Infineon TPMFirmwareUpdateGuide R07 DBE PDF

    Uploaded by

    Taj Arleen

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd

    TSB81036Y0000R01 Infineon TPMFirmwareUpdateGuide R07 DBE PDF

    Uploaded by

    Taj Arleen
    62 views22 pages

    Original Title

    TSB81036Y0000R01_Infineon_TPMFirmwareUpdateGuide_R07_DBE.pdf

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    62 views22 pages

    TSB81036Y0000R01 Infineon TPMFirmwareUpdateGuide R07 DBE PDF

    Uploaded by

    Taj Arleen

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    of 22

    TPM 1.

    2 Firmware Update Guidance

    for Infineon SLB9655 and SLB9660


    Rev. 05

    © Dynabook Europe GmbH Document Number: 3600_R7


    1. Introduction
    This guidance described about in-field firmware update method for Infineon Trusted Platform Module (TPM)
    version 1.2

    2. Target TPM Device and Firmware Update Tool


    The following table shows target TPM device of this document, and related Firmware Update Tool.
    Each Manufacturer Name, Manufacturer Version, and Specification Version column corresponds to text shown
    in Windows utility “Trusted Platform Module (TPM) Management”.

    Table 1
    Manufacturer Manufacturer Specification Firmware Update Tool
    Name Version Version
    IFX 4.32 1.2 IFXTPMUpdate_TPM12_v0434.exe
    IFX 4.40 1.2 IFXTPMUpdate_TPM12_v0443.exe

    2 3600_R7
    3. Preconditions
    To run the update tool, administrative privilege is required.

    During the update tool executing, you may need the TPM Owner Password. If the operating system does not
    store the Owner Password or Owner Password Backup File, you may need to clear the TPM.

    WARNING
     Before starting update, it is strongly recommended to backup the computer.

     In case your drive was encrypted by BitLocker, it blocks the TPM firmware update. Before
    starting the firmware update, “Suspend protection” of BitLocker.

     In case clearing the TPM, it resets the TPM to factory defaults. It will lose every created keys
    and data protected by those keys. Clearing the TPM may cause you to be prompted for your
    BitLocker recovery key, or re-setting PIN, in case using these features.

    4. How to Update the TPM Firmware


    To run the update tool, administrative privilege is required.

    4.1. Windows 7
    1. Run “tpm.msc” from Start Menu. (Type “tpm.msc” at “Search programs and files”.) “Trusted Platform
    Module (TPM) Management on Local Computer” appears.

    3600_R7 3
    2. To confirm whether the TPM firmware is subject to update, clarify “Manufacturer Name” and “Specification
    Version” are “IFX” and “1.2”, and “Manufacturer Version” are shown in Table 1.

    3. In case you have the TPM Owner Password or the TPM Owner Password Backup File, proceed to 10.
    In case both the TPM Owner Password and the TPM Owner Password Backup File are not found, you
    need to clear the TPM.

    WARNING
     Before starting update, it is strongly recommended to backup the computer.

     In case your drive was encrypted by BitLocker, it blocks the TPM firmware update. Before
    starting the firmware update, “Suspend protection” of BitLocker.

     In case clearing the TPM, it resets the TPM to factory defaults. It will lose every created keys
    and data protected by those keys. Clearing the TPM may cause you to be prompted for your
    BitLocker recovery key, or re-setting PIN, in case using these features.

    4. On“Trusted Platform Module (TPM) Management on Local Computer”, choose “Initialize TPM…” from
    “Actions”.

    4 3600_R7
    The following screen appears. Choose “I do not have the TPM owner password”.

    5. The following screen appears. Choose “Restart” to restart the computer.

    After restart, BIOS warning message may appear. Press [F11] to clear TPM and proceed.

    3600_R7 5
    After restart, the following screen appears. Choose “Restart” to restart the computer.

    6. The following screen appears. Choose how to create the TPM Owner Password. Usually, choose
    “Automatically create the password (recommended)”.

    7. Choose “Save the password...” and choose location to save the TPM Owner Password. USB memory is
    recommended.

    6 3600_R7
    8. After saving or printing the password, “Initialize” button becomes active. Choose “Initialize” to start TPM
    initialization.

    9. After initialization completed, the following screen appears.

    10. Right click Firmware Update Tool in Table 1 corresponds to Manufacturer Version, choose “Run as
    administrator”.

    3600_R7 7
    The following screen appears.

    11. Check “Accept the terms of this license agreement”, and choose “Next”.
    In case AC adapter is not plugged, the following screen appears. Plug the AC adapter and choose “Back”
    to return previous screen once.

    8 3600_R7
    12. The following screen appears. Check platform details and choose “Next”.

    WARNING
     In case Manufacturer Version is 3.17 or 3.19, it is not a subject to firmware update, the following
    screen can appear. In the case, choose “Cancel” to cancel firmware update. Even if you
    choose “Next”, firmware update is not executed.

    13. Provide the Owner Password. In case having the Owner Password as the Owner Password Backup File,
    choose “I have the Owner Password Backup File” and specify the file location by pressing “Browse...”.

    3600_R7 9
    14. Choose “Update” to start firmware update.

    WARNING
     On Windows 7, the firmware update may take up to 10 minutes. Do NOT turn off the computer
    until the update completes.

    4.2. Windows 8.1, Windows 10 version 1507 and 1511


    1. Right click Start Menu and choose “Run”. Run “tpm.msc” from “Run”. (Type “tpm.msc” at “Open”.)
    “Trusted Platform Module (TPM) Management on Local Computer” appears.

    10 3600_R7
    2. To confirm whether the TPM firmware is subject to update, clarify “Manufacturer Name” and “Specification
    Version” are “IFX” and “1.2”, and “Manufacturer Version” are shown in Table 1.

    3600_R7 11
    3. In case you have the TPM Owner Password or the TPM Owner Password Backup File, proceed to 7.
    In case both the TPM Owner Password and the TPM Owner Password Backup File are not found, you
    need to clear the TPM.

    WARNING
     Before starting update, it is strongly recommended to backup the computer.

     In case your drive was encrypted by BitLocker, it blocks the TPM firmware update. Before
    starting the firmware update, “Suspend protection” of BitLocker.

     In case clearing the TPM, it resets the TPM to factory defaults. It will lose every created keys
    and data protected by those keys. Clearing the TPM may cause you to be prompted for your
    BitLocker recovery key, or re-setting PIN, in case using these features.

    4. On “Trusted Platform Module (TPM) Management on Local Computer”, choose “Clear TPM…” from
    “Actions”.

    12 3600_R7
    5. The following screen appears. Choose “Restart” to restart the computer.

    After restart, BIOS warning message may appear. Press [F11] to clear TPM and proceed.

    6. After restart, the following screen appears. Choose “Remember my TPM owner password”, and choose
    location to save the TPM Owner Password. USB memory is recommended.

    After saving the password, choose “Close” on “Manage the TPM security hardware”.

    7. Right click Firmware Update Tool in Table 1 corresponds to Manufacturer Version, choose “Run as
    administrator”.

    3600_R7 13
    The following screen appears.

    8. Check “Accept the terms of this license agreement”, and choose “Next”.
    In case AC adapter is not plugged, the following screen appears. Plug the AC adapter and choose “Back”
    to return previous screen once.

    14 3600_R7
    9. The following screen appears. Check platform details and choose “Next”.

    TPM Owner Password is not queried.

    WARNING
     In case Manufacturer Version is 3.17 or 3.19, it is not a subject to firmware update, the following
    screen can appear. In the case, choose “Cancel” to cancel firmware update. Even if you
    choose “Next”, firmware update is not executed.

    10. Choose “Update” to start firmware update.

    3600_R7 15
    4.3. Windows 10 version 1607 (Anniversary Update) and after
    1. Run “tpm.msc” from Start Menu. (Type “tpm.msc” at “Search programs and files”.) “Trusted Platform
    Module (TPM) Management on Local Computer” appears.

    2. To confirm whether the TPM firmware is subject to update, clarify “Manufacturer Name” and “Specification
    Version” are “IFX” and “1.2”, and “Manufacturer Version” are shown in Table 1.

    16 3600_R7
    3. In case you have the TPM Owner Password or the TPM Owner Password Backup File, proceed to 10.
    In case both the TPM Owner Password and the TPM Owner Password Backup File are not found, you
    need to clear the TPM.

    WARNING
     Before starting update, it is strongly recommended to backup the computer.

     In case your drive was encrypted by BitLocker, it blocks the TPM firmware update. Before
    starting the firmware update, “Suspend protection” of BitLocker.

     In case clearing the TPM, it resets the TPM to factory defaults It will lose every created keys
    and data protected by those keys. Clearing the TPM may cause you to be prompted for your
    BitLocker recovery key, or re-setting PIN, in case using these features.

    4. Run “regedit” from Start Menu. (Type “regedit” at “Search programs and files”.) “Registry Editor” appears.

    5. Clarify registry key [HKEY_LOCAL_MACHINE¥SOFTWARE¥Policies¥Microsoft¥TPM]


    OSManagedAuthLevel, and record original key data. Choose “Edit” – “Find…”.

    Type “OSManagedAuthLevel” at “Find what”, then press “Find Next”. The following screen appears after
    a while.

    Clarify upper text shows “HKEY_LOCAL_MACHINE¥SOFTWARE¥Policies¥Microsoft¥TPM”, and lower

    3600_R7 17
    left text shows “OSManagedAuthLevel”, and take a note for the data. (In this screenshot case, “5”.)
    After updating the firmware, this register key shall be restored, so do not miss to take a note.

    6. Double click “OSManagedAuthLevel”. The following screen appears.

    7. Change “Value data” as 4, and press “OK”.

    8. Run “tpm.msc” from Start Menu, and choose “Clear TPM…” from “Actions”.

    WARNING
     Before starting update, it is strongly recommended to backup the computer.

     In case your drive was encrypted by BitLocker, it blocks the TPM firmware update. Before
    starting the firmware update, “Suspend protection” of BitLocker.

     In case clearing the TPM, it resets the TPM to factory defaults. It will lose every created keys
    and data protected by those keys. Clearing the TPM may cause you to be prompted for your
    BitLocker recovery key, or re-setting PIN, in case using these features.

    18 3600_R7
    9. The following screen appears. Choose “Restart” to restart the computer.

    After restart, BIOS warning message may appear. Press [F11] to clear TPM and proceed.

    10. Right click Firmware Update Tool in Table 1 corresponds to Manufacturer Version, choose “Run as
    administrator”. The following screen appears.

    11. Check “Accept the terms of this license agreement”, and choose “Next”.
    In case AC adapter is not plugged, the following screen appears. Plug the AC adapter and choose “Back”
    to return previous screen once.

    In case the following screen appears (Preconditions shows “BitLocker Drive Encryption blocks firmware
    update”), BitLocker is turned on. Press “Cancel” to cancel the firmware update, and “Suspend protection
    of” BitLocker, then go back to 10.

    3600_R7 19
    12. The following screen appears. Check platform details and choose “Next”.

    WARNING
     In case Manufacturer Version is 3.17 or 3.19, it is not a subject to firmware update, the following
    screen can appear. In the case, choose “Cancel” to cancel firmware update. Even if you choose
    “Next”, firmware update is not executed.

    20 3600_R7
    13. In case the following screen appears, provide the Owner Password. In case does not appears, skip to 14.
    In case having the Owner Password as the Owner Password Backup File, choose “I have the Owner
    Password Backup File” and specify the file location by pressing “Browse...”.

    14. Choose “Update” to start firmware update.

    15. Run “regedit” from Start Menu. (Type “regedit” at “Search programs and files”.) “Registry Editor”
    appears.

    3600_R7 21
    16. Search registry key [HKEY_LOCAL_MACHINE¥SOFTWARE¥Policies¥Microsoft¥TPM]
    OSManagedAuthLevel. Choose “Edit” – “Find…”.

    Type “OSManagedAuthLevel” at “Find what”, then press “Find Next”. The following screen appears after
    a while.

    Clarify upper text shows “HKEY_LOCAL_MACHINE¥SOFTWARE¥Policies¥Microsoft¥TPM”, and lower


    left text shows “OSManagedAuthLevel”.

    17. Double click “OSManagedAuthLevel”. The following screen appears.

    18. Change “Value data” as data noted at 5, and press “OK”.

    (End of Document)

    22 3600_R7

    You might also like