Trusted Computing Base (TCB)

The Trusted Computing Base is the collection of hardware, firmware, and software components whose correct operation underpins a system's security guarantees. A vulnerability in the TCB can weaken those guarantees even when the application itself has not changed.

For Intel DCAP attestation, TCB information describes security-relevant versions of platform components such as processor microcode and quoting software. A verifier compares the platform values reported in an attestation quote with current TCB status data.

TCB recovery

Hardware vendors publish updated TCB information as vulnerabilities are addressed or components are retired. Verification policy must decide which statuses are acceptable and when operators need to update their platforms.

The DCAP Dashboard monitors this collateral so teams can detect expiring or outdated trust-chain data before quote verification fails.