GlobalPlatform, Industry Interviews | Trusted Computing Group (TCG)
In 2012, GlobalPlatform and the
Trusted Computing Group (TCG) created a joint work group to enable the
sharing of expertise and collaboration around mobile device industry
standards. In our latest industry interview, John Mersh, editor of the
Mobile Platform Working Group of the TCG, discusses the motivation for
establishing the joint initiative and provides insight into the group's
1. Please tell us about you: your role at TCG and company of
I work for the Secure Services Department at ARM as Lead Software
Architect. My function at ARM is to ensure that the software architecture
supporting TrustZone (R) is maintained and enhanced, and to promote the
adoption of this technology within the computing industry. I work with
partners to help them make the correct technology choices when creating
secure systems and applications.
In addition to my role as editor of the Mobile Platform Working Group
of the TCG,
I also represent ARM within GlobalPlatform, where I am active in the
GlobalPlatform Device Specification Working Group. Due to my engagement
across both associations, I have also been appointed as chair of the joint
work group which coordinates and aligns the collective activity of
GlobalPlatform and TCG.
2. What is the mission of TCG?
The TCG is a not-for-profit organization that develops, defines and
promotes open, vendor-neutral, global industry standards based on a
hardware root of trust, for interoperable trusted computing platforms.
Billions of endpoints use TCG standards to ensure system integrity,
network protection and data security.
3. In June 2012, the TCG published a white paper entitled: TPM Mobile with Trusted Execution
Environment for Comprehensive Mobile Device Security.
What were the key learnings of this document?
This was the first product of the joint GlobalPlatform/TCG work group.
The aim of this document was to highlight that it is possible to implement
a TCG Mobile Trusted Module (TPM) in the environment defined by
GlobalPlatform's Trusted Execution
Environment (TEE) Specifications.
The main lesson learned was the necessity for the two groups to work
together. Achieving a workable solution that will bring benefits to the
industry requires a willingness to amend and adapt existing and future
specifications. We have already witnessed changes in both the TPM activity
of the TCG and revisions to forthcoming versions of the Global Platform
Ongoing communication and collaboration is key to identifying the many
ways in which the two associations can work together to enhance their
respective offerings and, ultimately, support market advancements.
4. What motivated the TCG to engage with GlobalPlatform?
The TCG's TPM is used in the PC and server industry when ensuring the
security and integrity of systems in the form of discrete or integrated
TPM chips. In the mobile industry there is generally not sufficient space
or power available to include this additional chip. This has held back the
adoption of TCG technology in the mobile marketplace.
GlobalPlatform's Device Committee focuses on the TEE for smart devices
enabling trusted applications to run securely in parallel with the normal
By combining these technologies it becomes possible to gain the
advantages of the mature software which supports the TCG's TPM, without
the disadvantage of requiring an additional chip.
5. A TCG / GlobalPlatform joint working group has been created,
what are the initial priorities of this group?
This group has existed for more than a year now and I recently took
over as chair.
The objectives of this group are:
- To encourage the use of GlobalPlatform Specifications as a platform
and toolkit within the TCG.
- To help GlobalPlatform ensure that large secure applications such as
a TPM are viable in the TEE.
- To teach each side about the other's technology to the extent this
is allowed by IP rules.
- To bring together the certification activities in TCG and
6. How do you see this partnership benefiting the mobile device
The mobile device industry gains by having mature technology and
operating system support of the TCG's TPM. This availability addresses the
needs of those who require its reliability. All this can be achieved while
sharing the TEE with solutions in areas such as digital rights (premium
content) management and mobile financial services as well as identity for
government and corporate enterprises, for which trusted applications
running within the TEE are a more appropriate solution.
7. What is your vision for common activities between
GlobalPlatform and TCG in the next three to five years?
I hope that over the coming years the relationship will continue to
strengthen to take full advantage of the specifications offered by both
parties and to provide solutions to real user opportunities and
As current mobile architectures are extended into the server market
then the integration between TCG and GlobalPlatform Specifications will
become essential to secure those systems.
For more information about TCG visit www.trustedcomputinggroup.org<
/a> and on Twitter and LinkedIn.