![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(230.39999999999998, 52%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EC%3C/text%3E%3C/svg%3E)
Windows for IoT
A family of Microsoft operating systems designed for use in Internet of Things (IoT) devices.
382 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(35.2, 9%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EWL%3C/text%3E%3C/svg%3E)
Hello Sure, I can provide some guidance on your questions: fTPM or dTPM scheme: The choice between firmware TPM (fTPM) and discrete TPM (dTPM) depends on your specific application and security requirements. Both provide a level of hardware-based security, but dTPM is a separate chip on your motherboard, while fTPM is a firmware-based solution. dTPM is generally considered more secure as it is physically isolated, but fTPM can be a good choice for systems where hardware space is at a premium. Setting configurations in UEFI: The i.MX8M Plus EVK boots the system via the U-Boot, not UEFI. Therefore, setting configurations in UEFI might not be applicable in this case. However, you can set environment variables in U-Boot for specific use cases. dTPM method without UEFI configuration: If the TPM is a TPM 2.0 and isn’t detected by Windows, verify that your computer hardware contains a Unified Extensible Firmware Interface (UEFI) that is Trusted Computing Group-compliant. Also, ensure that in the UEFI settings, the TPM hasn’t been disabled or hidden from the operating system. Since your system starts via U-Boot and not UEFI, this could be the reason for the “security device” error in the device manager. To enable TPM 2.0 in Windows 10 IoT Enterprise, you can follow these steps: Run Settings > Update & Security > Windows Security > Device Security If you do not see a Security processor section on this screen your PC may have a TPM that is disabled. To enable the TPM, check your PC manufacturer’s support information for instructions. If you are able to enable a TPM, complete the next step to verify that it is a TPM 2.0. If you see an option for Security processor details under Security processor, select that and verify that your Specification version is 2.0. If it is less than 2.0, your device does not meet the Windows 11 requirements. Best Regards, Wesley Li
If the Answer is helpful, please click "Accept Answer" and upvote it.