Over the last year or so, computer science research on code attestation has increased considerably. I have blogged about current research to overcome the policy problems created by TCG's remote attestation before (e.g., here and here). Recently, researchers from Carnegie Mellon & IBM Watson have published an interesting paper about a fine-grained attestation service called "BIND" (not to be confused with the DNS-related bind program maintained by Paul Vixie). While other approaches attempt to solve the policy problems by attesting a program's behavior or properties (rather than its identity) to a third party, this paper proposes a fine-grained attestation mechanism in which only those parts of a program are attested to a remote challenger that are really crucial for the remote challenger.
It should be noted, however, that this is only one of the problems the paper deals with. In addition, the paper uses a sand-boxing mechanism in order to narrow the gap between the time a piece of code is attested and the time it is used. Furthermore, the paper offers transitive integrity verification. While these are very interesting and highly complex features from a computer science perspective, they seem less interesting from a policy perspective.
Update [2006-04-19]: see also the blog entry at Jesus Molina's TC blog.