Advances in embedded systems have enabled many new network-centric applications in defense and commercial domains. Large-scale deployment of embedded systems requires using Commercial-Off-The-Shelf (COTS) embedded platforms. The complexity and public accessibility of these embedded platforms makes them vulnerable to system break-ins and malicious code attacks. IAI and its collaborators from North Carolina State University (NCSU) are developing an effective Trusted Computing Framework for Embedded Systems (TCES). The key innovation is a hybrid approach consisting of hardware and software components to provide both high security assurance and high flexibility for an end-to-end trusted embedded system. The trustworthiness of this approach arises from integrating ARM TrustZone technology, the security extension of ARM processors and architecture for embedded systems, to provide hardware-based security assurance against malicious attacks. The hardware-based trust computing guarantee of TCES cannot be achieved by a pure software-based solution, and the trusted software architecture of TCES provides high flexibility that cannot be attained by a pure hardware-based approach. TCES establishes a secure boot loader to protect the static integrity of software binary, and leverages NCSU's Hypervisor-based Integrity Measurement Agent (HIMA) for distributed systems, to ensure the integrity of dynamic software execution. TCES leverages IAI's efforts in secure network communication, to ensure a trusted communication path between distributed embedded nodes and trusted and reliable communication for remote attestation. A preliminary prototype has been implemented and its feasibility to protect embedded systems has been demonstrated. TCES will be extended to support multicore platforms and more advanced target OS, and to further fortify security. This technology has applications for intelligence, communications, and homeland security, and for industrial process control, remote patient monitoring, and mobile social services.