Skip to main content
TCB (Trusted Computing Base) status indicates the security posture of the TEE platform. Intel’s DCAP attestation service returns a TCB status value that reflects whether the platform’s firmware, microcode, and configuration are up-to-date with the latest security patches.

Status values

These values are defined by Intel’s DCAP specification:
StatusMeaningProduction use
UpToDatePlatform is fully patched with the latest TCB level released by Intel✅ Always use - this is the recommended production setting
SWHardeningNeededThe platform is up-to-date, but the software (TD/Enclave) requires specific hardening mitigations⚠️ Use only if you have verified that your software stack implements the necessary code-level mitigations to operate safely on this hardware
ConfigurationNeededThe platform is patched, but the BIOS/hardware configuration does not meet the recommended security baseline⚠️ Use only if your specific threat model tolerates the configuration risk
OutOfDatePlatform TCB level is lower than the latest version released by Intel⚠️ Use only if combined with a grace period to allow operations to continue temporarily during patch cycles
RevokedThe processor or signing keys have been compromised and explicitly invalidated by Intel❌ Never use - platform is considered compromised
Never accept Revoked status in production. Revoked platforms have known critical security vulnerabilities or compromised signing keys.

Configuring allowed TCB statuses

Specify which TCB statuses to accept in your policy: 
use atlas_rs::{Policy, DstackTdxPolicy};

// Strict production - UpToDate only
let policy = Policy::DstackTdx(DstackTdxPolicy {
    allowed_tcb_status: vec!["UpToDate".into()],
    ..Default::default()
});

// Development - multiple statuses
let dev_policy = Policy::DstackTdx(DstackTdxPolicy {
    allowed_tcb_status: vec![
        "UpToDate".into(),
        "SWHardeningNeeded".into(),
        "OutOfDate".into(),
    ],
    ..Default::default()
});

Grace periods for OutOfDate platforms

Grace periods allow OutOfDate platforms to operate for a limited time after a new TCB level is released. This accommodates patch deployment cycles while maintaining security.

How grace periods work

  1. Intel releases a new TCB level with security patches
  2. Previously UpToDate platforms become OutOfDate
  3. If a grace period is configured, platforms are accepted if: tcb_date + grace_period >= current_time
  4. After the grace period expires, attestation fails

Example with 30-day grace period

use atlas_rs::{Policy, DstackTdxPolicy};

let policy = Policy::DstackTdx(DstackTdxPolicy {
    allowed_tcb_status: vec!["UpToDate".into(), "OutOfDate".into()],
    grace_period: Some(30 * 24 * 60 * 60), // 30 days in seconds
    ..Default::default()
});
Grace periods must include OutOfDate in allowed_tcb_status. Configuration will fail if you specify a grace period without accepting OutOfDate status.

Grace period best practices

  • Keep it short - 30 days or less is recommended
  • Monitor actively - Track when platforms become OutOfDate and update them promptly
  • Zero grace for critical services - High-security applications should use grace_period: 0 or omit it entirely
  • Coordinate with patching - Align grace periods with your infrastructure patch deployment schedule

No grace period (immediate enforcement)

Set grace_period to 0 to require immediate patching: 
let policy = Policy::DstackTdx(DstackTdxPolicy {
    allowed_tcb_status: vec!["UpToDate".into(), "OutOfDate".into()],
    grace_period: Some(0), // No grace window
    ..Default::default()
});
With grace_period: 0, only UpToDate platforms are accepted in practice, even though OutOfDate is in the allowed list.

Production recommendations

High security environments

For production systems handling sensitive data: 
let policy = Policy::DstackTdx(DstackTdxPolicy {
    allowed_tcb_status: vec!["UpToDate".into()],
    // No grace period - immediate enforcement
    ..Default::default()
});
This configuration:
  • Only accepts fully patched platforms
  • Rejects any platform with known vulnerabilities
  • Provides the strongest security guarantees

Balanced production environments

For systems that need operational flexibility during patch cycles: 
let policy = Policy::DstackTdx(DstackTdxPolicy {
    allowed_tcb_status: vec!["UpToDate".into(), "OutOfDate".into()],
    grace_period: Some(14 * 24 * 60 * 60), // 14 days
    ..Default::default()
});
This configuration:
  • Accepts UpToDate platforms immediately
  • Gives a 14-day window for patching OutOfDate platforms
  • Balances security with operational requirements

Development and testing

For non-production environments: 
let policy = Policy::DstackTdx(DstackTdxPolicy::dev());
// Equivalent to:
// allowed_tcb_status: ["UpToDate", "SWHardeningNeeded", "OutOfDate"]
This configuration:
  • Accepts multiple TCB statuses
  • Disables runtime verification
  • Should never be used in production

Error handling

When a platform’s TCB status is not allowed, verification fails with a specific error: 
use atlas_rs::{atls_connect, AtlsVerificationError};

match atls_connect(tcp, hostname, policy, None).await {
    Err(AtlsVerificationError::TcbStatusNotAllowed { status, allowed }) => {
        eprintln!("Platform TCB status '{}' not in allowed list: {:?}", status, allowed);
    }
    Err(e) => eprintln!("Other error: {}", e),
    Ok((stream, report)) => println!("Verification succeeded"),
}

References

DstackTdx policy

Configure Intel TDX attestation

Computing measurements

Generate bootchain measurements

Build docs developers (and LLMs) love

Get started for freeTalk to us