TES Committee

The Trusted Environments & Services Committee is chaired by Richard Hayton from Trustonic. Full and participating GlobalPlatform members are eligible to contribute to this group.

Mission

• To create and maintain documentation relating to Isolation Platforms.
• Provide mechanisms enabling access to platform services offered by Isolation Platforms, both from within a device and from platforms external to it.
• To define and maintain the trusted execution environment architecture, including technical specifications compliance and security certification programs.

Objectives

• Industry engagement
  • To gather use-cases and requirements for Isolation Platforms.
  • Liaise, collaborate and/or coordinate TES committee activities with relevant external organizations which perform similar/complementary activities.
  • To participate in the development of educational and promotional materials and events related to technology developed in the TES Committee.
• Standardization
  • To define, maintain and evolve architectures, asset definitions and threat models for Isolation Platforms.
  • To work closely with other bodies which develop and maintain Isolation Platforms, or services using them, to define common terminology and promote interoperability between them.
  • To define, maintain and evolve the GlobalPlatform TEE-related specifications, ensuring consistency.
  • To define, maintain and evolve specifications related to other Isolation Platforms, where it is appropriate for GlobalPlatform to do so.
• Compliance & Certification
  • To advance and maintain the GlobalPlatform TEE Compliance Program, to facilitate portability and interoperability of trusted application deployments on different TEE implementations.
  • To define, develop and progress the GlobalPlatform TEE Security Certification Program, to facilitate the security evaluations of TEE implementations.
  • To work with GlobalPlatform’s Task Forces and other Committees to ensure the alignment of smart device technology within the context of the wider GlobalPlatform infrastructure.

Current priorities

• The TES committee inherits all existing work items from the TEE and TPS Committees. Evolution and maintenance of the TEE specifications previously undertaken by the TEE Specification Working Group will move to the TEE Platforms Working Group, and TPS Service specifications from the API and Low Level API working groups will move to the TES Services Working Group. The TEE MCU Security Working group and subgroups continue as before.
• The Committee is exploring the below key use cases. It is also working on other areas of IoT and Smart Cities, and members are encouraged to bring forward their requirements and use cases.
  • Automotive: There is a huge change in the automotive ecosystem as new legislation, such as UNECE 155/156, comes to bear. Automakers are looking for solutions they can use across their platforms, from embedded, safety critical, MCUs through domain or zonal compute to specialized AI systems.
    • A specific TES work item will look at SAE J3101 standards for key management and propose solutions that can scale between MCU and CPU implementations. There is potential to formalize a protection profile for these solutions, simplifying type approval for vendors.
  • AI Language Models: Current generation isolation platforms are primarily focused on isolating traditional computation, and storage used for security features, from those used for general purpose computing. However there are also emerging security problems within the AI domain. A specific example is the protection of the IP inherent in a large AI model.
    • The TES Committee will look at such issues from a technology neutral perspective, and evaluate the options provided by the various isolation technologies available today, and those that are proposed in future.