A computer apparatus for creating a trusted environment comprising a
trusted device arranged to acquire a first integrity metric to allow
determination as to whether the computer apparatus is operating in a
trusted manner; a processor arranged to allow execution of a first trust
routine and associated first operating environment, and means for
restricting the first operating environment access to resources available
to the trust routine, wherein the trust routine being arranged to acquire
the first integrity metric and a second integrity metric to allow
determination as to whether the first operating environment is operating
in a trusted manner.