Exploring and Conceptualising Attestation.

When formalising the rules of trust in the remote attestation of TPM-based computer systems it is paramount that the rules are precisely understood, supporting unambiguous communication of information about system requirements between engineers. We present a diagrammatic approach to modelling rules of trust using an extended version of concept diagrams. Within the context of our proof-of-concept Network Function Virtualisation and Attestation environment, these rules allow different level of trust to be explored and, importantly, allow us to identify when a computer system should not be trusted. To ensure that the modelling approach can be applied to general systems, we include generic patterns for extending our domain model and rules of trust. Consequently, through the use of a formal, yet accessible, diagrammatic notation, domain experts can define rules of trust for their systems.