Download
Share
Print this page
  1. Manuals
  2. Brands
  3. EMBRON Manuals
  4. Control Unit
  5. HATTELAND TECHNOLOGY TPM
  6. Quick start manual

EMBRON HATTELAND TECHNOLOGY TPM Quick Start Manual

Trusted platform module
Hide thumbs

Advertisement

Quick Links

Download this manual
Additional features overview/details
Trusted Platform Module (TPM)
TPM 2.0 module with support for TPM 1.2 is included.
This is a security device designed to secure the system using integrated cryptographic keys.
Support and requirements:
- Only supported for OS installed as UEFI boot. Legacy boot is not supported.
- Secure Boot must be configured and enabled for full TPM functionality to be available.
- TPM 2.0 is not natively supported by Windows 7, but hotfix to add support for Bitlocker Drive
Encryption with TPM 2.0 is available here:
https://support.microsoft.com/en-us/help/2920188/update-to-add-support-for-tpm-2-0-in-windows-7-and-windows-server-2008
Alternatively search for KB2920188 to find the hotfix using your preferred search engine.
BIOS settings:
TPM settings can be managed in BIOS.
- Enter BIOS by pressing Del key during boot
- Go to Advanced tab and select Trusted Computing
Available options:
BIOS Setting
Security Device Support
SHA-1 PCR Bank
SHA256 PCR Bank
Pending operation
Platform Hierarchy
Storage Hierarchy
Endorsement Hierarchy
TPM2.0 UEFI Spec Version
Physical Presence Spec Version 1.2/1.3
Device Select
To save any changes made and exit BIOS, press F4 button.
For detailed usage info please refer to official documentation for your selected operating system.
Appendix
IND100077-197
Options
Default Description
Disable/Enable
Enable
Disabled/Enabled Enabled
Disabled/Enabled Enabled
None/TPM Clear None
Disabled/Enabled Enabled
Disabled/Enabled Enabled
Disabled/Enabled Enabled
TCG_1_2/TCG_2
TCG_2
1.3
TPM 1.2/TPM
Auto
1.3/Auto
Enable/disable TPM Security Device
Option to schedule an operation.
TPM Clear will clear all information stored on the
Security Device
TCG_1_2: Compatible mode for Win8/Win10
TCG_2: Support new TCG2 protocol and event format
for Win10 or later
Select PPI Spec Version supported by OS.
TPM 1.2 will restrict support to 1.2 devices
TPM 2.0 will restrict support to 2.0 devices
Auto will support both with default set to 2.0.
TPM 1.2 devices will be enumerated-
1

Advertisement

loading
Need help?

Need help?

Do you have a question about the HATTELAND TECHNOLOGY TPM and is the answer not in the manual?

Questions and answers

Summary of Contents for EMBRON HATTELAND TECHNOLOGY TPM

  • Page 1 Additional features overview/details Trusted Platform Module (TPM) TPM 2.0 module with support for TPM 1.2 is included. This is a security device designed to secure the system using integrated cryptographic keys. Support and requirements: - Only supported for OS installed as UEFI boot. Legacy boot is not supported. - Secure Boot must be configured and enabled for full TPM functionality to be available.

  • Page 2: Secure Boot

    Additional features overview/details Secure Boot Secure Boot is a security feature that can protect the system from running unauthorized boot loaders and avoid loading non-signed drivers during boot process. The feature is only supported for boot devices in UEFI mode. CSM Support (BIOS Legacy boot and Option ROM support) is not compatible with this security feature and must be disabled in BIOS before enabling Secure Boot.
  • Page 3 Additional features overview/details Battery Status and Alarm CMOS battery voltage is monitored during each boot and the following warning will show if it’s below set low limit: WARNING!!! The CMOS battery capacity too low. If this error is displayed, it is recommended to schedule service of the unit for replacement of CMOS battery. When the CMOS battery is dead, or voltage is too low, it will not keep track of time/date when power is disconnected.
  • Page 4 Additional features overview/details LAN Teaming The network ports support VLAN and Teaming functionality. For Windows 10, Intel Network Connections version 23.2.x or newer is required. For Linux OS, adapter teaming is implemented using the native Linux Channel bonding module. Latest Intel network driver/software is available at: https://downloadcenter.intel.com/product/64402/Intel-Ethernet-Controller-I210-IT Procedure to set up teaming in Windows 10: - Open Device Manager and expand Network adapters - Right-click on intel port and select properties. - Open the Teaming tab and check “Team this adapter with other adapters” - If Teaming tab is not shown, you need to update Intel network driver/software. - Click on “New Team…” button, specify team name and press Next.
  • Page 5 Additional features overview/details - Select team type from list, then press Next. - Select Next/Finish to confirm and create team. - If notification about jumbo packet limitation is shown, press OK. Appendix IND100077-197...
  • Page 6 Additional features overview/details Reading internal temperature SCOM* command “TMP” can be used to read out internal temperature sensor value. *If you are not familiar with the SCOM protocol, please review the Hatteland Technology’s Serial Remote Control Interface (SCOM) protocol document can be downloaded from: https://www.hattelandtechnology.com/hubfs/pdfget/inb100018-7.htm COM Ports Numbering Default numbering on a factory standard model (example: Microsoft® Windows® 10) are as follow: COM 1 = Internal Port: SCOM (COM) COM 2...
  • Page 7 Additional features overview/details Install Microsoft® Windows® 10 with recovery option 1: Boot to Windows 10 installer 2: Select language settings 3: Click “Repair your computer” 4: Click “Troubleshoot” 5: Click “Command Line” and type the following indicated in a black box below. diskpart type list disk type Take note of which disk number the SSD and eMMC is. This will usually be eMMC=0 and SSD=1 exit type Step 1 - Prepare disks ======================= The contents of the script files will be listed on the end of this section (next page in this manual). Refrence: "Diskpart_Pre-install.txt" and "Diskpart_Post-install.txt" diskpart /s \Diskpart_Pre-install.txt type Step 2 - Apply install image...
  • Page 8 Additional features overview/details Step 6 - Finalize installation ======================= Reboot the computer and complete normal Windows setup Activate Windows Update Windows and install missing drivers Set up Windows and software to default state Step 7 - Set up backup ======================= Aquire Wimlib binaries from https://wimlib.net Windows 64bit: https://wimlib.net/downloads/wimlib-1.13.0-windows-x86_64-bin.zip Copy Wimlib files to D:\...
  • Page 9 Additional features overview/details "DiskPart_Pre-install.txt" script contents REM ====================================================== REM ===== DiskPart_Pre-install.txt ===== REM ===== ===== REM ===== These commands are used with DiskPart ===== REM ===== to create four partitions for a ===== REM ===== UEFI/GPT-based PC. ===== REM ===== ===== REM ===== Adjust the partition sizes to fill =====...
  • Page 10 Additional features overview/details "DiskPart_Post-install.txt" script contents REM ================================================ REM ===== DiskPart_Post-install.txt ===== REM ===== Post install script ===== REM ===== ===== REM ===== This should be run after copying ===== REM ===== WinRE to recovery partition ===== REM ================================================ REM ================================================ REM ===== 1 Setting hidden flag for ===== REM ===== Recovery partition...