1description: > 2 Implement to represent component integrity information acquired from a 3 secure authentication or measurement of the protected components. A trusted 4 component (e.g., iRoT or TPM) is typically involved to provide the info 5 using a security protocol (e.g., SPDM). 6 7properties: 8 - name: Enabled 9 type: boolean 10 default: false 11 description: > 12 An indication of whether security protocols are enabled for the 13 component. 14 15 - name: Type 16 type: enum[self.SecurityTechnologyType] 17 default: Unknown 18 flags: 19 - readonly 20 description: > 21 The type of security technology for the component. 22 23 - name: TypeVersion 24 type: string 25 flags: 26 - readonly 27 description: > 28 The version of the security technology. Human readable format, e.g. 29 "1.1" for SPDM. 30 31 - name: LastUpdated 32 type: uint64 33 flags: 34 - readonly 35 description: > 36 The date and time when information for the component was last updated. 37 Firmware update, device certificate change or other device state 38 change that leads to component integrity change should update this 39 date. It is represented in milliseconds since the UNIX epoch. 40 41associations: 42 - name: authenticating 43 description: > 44 Objects that implement ComponentIntegrity can implement the 45 "authenticating" association to provide a link to the target component 46 whose integrity this resource authenticates. 47 reverse_name: authenticated_by 48 required_endpoint_interfaces: 49 - xyz.openbmc_project.Inventory.Item 50 51enumerations: 52 - name: SecurityTechnologyType 53 description: > 54 The security technology used for the component. 55 values: 56 - name: OEM 57 description: > 58 OEM-specific. If it is neither SPDM nor TPM, tag it OEM. 59 - name: SPDM 60 description: > 61 Security Protocol and Data Model (SPDM) protocol. 62 - name: TPM 63 description: > 64 Trusted Platform Module (TPM). 65 - name: Unknown 66 description: > 67 Security technology not known yet. 68