Methods, software/firmware and apparatus for implementing a tamper-aware virtual trusted platform module (TPM). Under the method, respective threads comprising a virtual TPM thread and a security-patrol threads are executed on a host processor. In one embodiment, the host processor is a multi-threaded processor having multiple logical processors, and the respective threads are executed on different logical processors. While the virtual TPM thread is used to perform various TPM functions, the security-patrol thread monitors for physical attacks on the processor by implementing various numerical calculation loops, wherein an erroneous calculation is indicative of a physical attack. In response to detection of such an attack, various actions can be taken in view of one or more predefined security policies, such as logging the event, shutting down the platform and/or informing a remote management entity.