The　integrity　measurement　of　TCG　can　only　insure　that　the　components　of　a　computing　platform　are　tamper-proofed,　which　is　not　enough　for　avoiding　the　interference　between　components　at　runtime　for　building　the　trust　chain.　The　interference　of　other　components　results　in　the　unexpected　information　flow.　The　trust　model　of　Trusted　Computing　Platform　is　analyzed　in　this　paper.　Based　on　the　intransitive　noninterference　model,　a　formal　method　of　analyzing　the　trust　chain　transfer　is　proposed.　It　formalized　specifies　the　security　policy　isolating　the　interference　between　components　that　can　make　the　trust　chain　valid　after　integrity　measurement.