A root-of-trust is a set of unconditionally trusted functions and must be a computing engine, because it must perform actions. It must work properly no matter what software is executing on the platform, in order to be immune to software attacks. Ideally, it should also be immune to physical attack, to avoid the need to trust an owner or user of a platform (who might otherwise physically meddle with it). Otherwise, a third party cannot unreservedly trust a remote platform. Unfortunately, physical immunity is impossible, and we have to settle for mere physical protection. (It's the same for smart cards and crypto-coprocessors.) For most commercial purposes, it's sufficient to have a root-of-trust that's built to resist a modest level of physical attack.
Of course, anything that one person can make, another person can breakgiven enough time, money, and opportunity. The art lies in selecting a root-of-trust price/protection point where the cost of breaking the root-of-trust is more than the value of the information that's revealed. At the end of the day, however, any hardware protection can be broken, so a global secret is just asking for trouble. It follows that each platform should have its own individual secrets in order that a successful attack cannot reveal secrets belonging to any platform other than the cracked platform. If the data in a Trusted Platform is so valuable that embedded forms of physical protection are insufficient, locked rooms and/or human guards must protect the platform from physical interference.
The components that instantiate a root-of-trust should be attached to a platform in a way that enforces a 1:1 relationship between the root-of-trust and the platform. But any attachment method can be overcome, given enough perseverance. The sensible course of action is to use an attachment method that's appropriate for the expected user and usage of a platform. Ordinary soldering of devices on a motherboard (or an equivalent method with at least the same strength of safeguards) is considered sufficient in most commercial cases. But it's critical to understand that subversion of the root-of-trust or its attachment to the platform inevitably destroys many Trusted Platform properties, and the only way to know whether a platform has been physically subverted is to physically check it. A local user can do this, although it might be inconvenient. A remote user can't do this. So the level of remote trust in a platform ultimately depends on a willingness to believe that the person or organization represented by the platform can be trusted not to physically interfere with the root-of-trust in the platform.