Abstract: A software system that transforms an original application into an STPM enabled application and runs the enabled application. At protect time, an anti-tamper tool accepts the original application, uses anti-tamper techniques to create a guarded application, creates a security wrapper according to a policy file, and wraps the guarded application to create the STPM enabled application. A trusted service provider is inserted at the entry point of the enabled application. A set of core services is made accessible to the enabled application through the trusted service provider. At runtime the trusted service provider creates a TSP thread and passes a security file to an STPM device driver implementing TPM functionality and protected by anti-tamper techniques. The TSP thread actively monitors the enabled application and interacts with the STPM device driver through the set of core services.