In the "Signing Executables for Use in the Integrity Managed File System" page of the WRL 8 documentation, it is briefly mentioned that "If the target system does not include TPM, the evmctl ima_sign command will return an *ioctl()* error.". This is not explicit enough since IMA does not work without the hardware TPM chip. It should also be stated clearly in the "Integrity Managed Platform Overview" document. Signing Executables for Use in the Integrity Managed File System: [https://docs.windriver.com/bundle/Wind_River_Linux_Security_Profile_Developers_Guide_8.0_1/page/qrb1463420298469.html] Integrity Managed Platform Overview: [https://docs.windriver.com/bundle/Wind_River_Linux_Security_Profile_Developers_Guide_8.0_1/page/bfu1463420283483.html]