IBM has started adding new security hardware in its desktop PCs in an effort to fend off viruses and hackers.

National Semiconductor's SafeKeeper Trusted I/O devices add to its existing chip design a "trusted platform module" (TPM), a micro-controller that stores passwords, digital certificates and encryption keys. The devices conform to the TPM specifications developed by the Trusted Computing Group, a two-year-old standards body for hardware-based security technologies backed by IBM, Intel, AMD, Microsoft and HP.

The idea behind hardware-based security is that information stored in a PC's firmware is less vulnerable to attack than data protected only by software. TPM-stored data can, for instance, be used to authenticate a computer on a network, providing identity information in a way that's harder to forge.

National Semiconductor's desktop SafeKeeper device is priced at $5 each for volume orders. Toward the end of the year, the company will release a notebook version expected to sell for $7.

IBM, which has used TPMs in its PCs for the past five years, said the devices are being used in ThinkCentre models featuring its IBM Embedded Security Subsystem.