Actually I may have been too quick to reply. This might be accomplishable with remote attestation (Intel TXT). I think Intel chips can setup trusted execution areas and provide a hash of the code running. Now, input and output are gonna be tough. You could do encryption to and from the device but then you're essentially running another computer.

It might be easier on a simple DOS like OS, where IO is m can be straightforward and handled by the hardware pretty much.