" Workaround: As an immediate solution, affected customers dependent on fTPM functionality for Trusted Platform Module support may instead use a hardware TPM (“dTPM”) device for trusted computing. Platform dTPM modules utilize onboard non-volatile memory (NVRAM) that supersedes the TPM/SPIROM interaction described in this article."
I don’t think it makes a lot of sense due to the big attack surface (man-in-the-middle attacks) [0.1].
In my opinion it makes the most sense to combine a TPM2 with hardware intrusion detection. Note that the frameworks intrusion detection is flawed, since you can reset it when removing the battery and the CMOS battery.