0

Many TPM issues are reported by users in various online forums. One issue is the TPM being found in the operating system or BIOS without the TPM being useable (e.g. TPM shows in Windows 10 Pro Device Manager but BitLocker cannot be used).

A fail safe way to identify the presence of a TPM in a computer is to physically identify it on the motherboard but how does one do this?

For some motherboards the TPM is a small chip that is added to a slot and many examples are commercially available.

However, in other motherboards the TPM is an integral part of the motherboard. The question is how are these identified? In the photo we can see the TPM area on a HP 290 G2 SFF motherboard (86E9 Milton). Should there be a chip here? Is the TPM area empty? Or is this in fact what an integrated TPM looks like?

enter image description here

Ramhound
  • 44,080
Ad Astm
  • 322

5 Answers5

3

There is no universal, physical method to check if TPM chip is present. This functionality may be handled by:

  • chips in different cases and with different writings on them (not always mentioning "TPM")
  • physically integrated as part of a "random" chip on motherboard (network controller, southbridge, etc.)
  • software handled by CPU (as part of motherboard firmware)

In every option there is significant risk of omitting presence of a chip on physical inspection (even if you have another example on picture). And last option can be differentiated only in logic way.

Also, whole area is not normalized at all. Ie.: Microsoft didn't made any statements about suggested way TPM should be handled: https://learn.microsoft.com/en-us/windows/security/information-protection/tpm/tpm-recommendations#discrete-integrated-or-firmware-tpm

If you want to know if TPM is available on a motherboard, you have to check for TPM presence in BIOS (and later in system) or ask manufacturer (about this specific S/N, that would also answer a question if TPM should be available). However, presence of empty place for TPM is hard clue that TPM is probably not present (unless BIOS tells you otherwise, in such case, I would trust it ;) ).

As for examples of TPM chips, there is small collage: enter image description here

Aramil
  • 460
  • 3
  • 10
0

Look in Device Manager, Security Devices:

That will tell you if you have TPM, what version it is, and if the TPM chip is working.

If there is no TPM entry under Security Devices, then you do not have one.

I regard this as the best way to determine the presence of TPM.

0

The TPM 2.0 chip should be part of this motherboard, unless you live in a country where it's not allowed, or if this computer was originally sold with FreeDOS, in which case it will not be available.

The article Enabling the Trusted Platform Module has the following method for enabling the TPM in the BIOS. If the described BIOS settings do not exist in your computer, then you have no TPM of any kind (chip or CPU).

  • During the server startup sequence, press the F9 key to access System Utilities.
  • From the System Utilities screen, select System Configuration > BIOS/Platform Configuration (RBSU) > Server Security.
  • Select Trusted Platform Module Options and press the Enter key.
  • Select Enabled to enable the TPM and BIOS secure startup. The TPM is fully functional in this mode.
  • Press the F10 key to save your selection.
  • When prompted to save the change in System Utilities, press the Y key.
  • Press the ESC key to exit System Utilities. Then, press the Enter key when prompted to reboot the server.
harrymc
  • 498,455
0

This answer seeks to bring together some of the information gleaned in the other answers and comments in this post in answering the original question.

  1. A physical examination of a computer’s motherboard is NOT a fail-safe way to determine whether TPM is present, enabled, and recognised in a computer system. TPM functionality may be handled by the CPU and, therefore, not a standalone or “discrete” component capable of being identified by visual examination. However, this does not detract from the presence of a physical TPM component (whether integral, that is, soldered to the motherboard or as an add-on) suggesting that TPM is employed on a computer system.

  2. The photo in the original questions does indeed show an empty area where a TPM chip could have been installed by the manufacturer on the motherboard. However, this does not preclude TPM being installed elsewhere on the motherboard or being employed through the CPU so, again, a physical examination is NOT a fail-safe way to determine whether TPM is present, enabled, and recognised in a computer system.

Additional answers or supplements to this answer may wish to consider the following: supplying a photo of a motherboard with integral TPM present to contrast with the photo in the question.

Ad Astm
  • 322
0

To check presence of Trusted Platform Module (TPM) do the following steps.

  1. Run PowerShell as an Administrator
  2. Type get-tpm
  3. Hit enter

It will display TpmPresent : true or false

Aamer Shahzad
  • 119