For inquiries about GlobalPlatform or website assistance, contact secretariat@globalplatform.org.

December 2021 Newsletter

Letter from GlobalPlatform’s Executive Director

There were many engaging discussions at our Fall Meetings in Athens last month, around the technologies shaping our industry and GlobalPlatform’s strategic focuses for 2022.

GSMA’s Secured Application on Mobile (SAM) requirement has been identified as a key priority for our organisation, to support Mobile Network Operators (MNO) to manage the impact on their infrastructure. Open source is another, and GlobalPlatform will launch new projects next year to simplify the development of security services and lower the cost of adoption for the IoT community. This is alongside our ongoing work to promote adoption and recognition of the SESIP methodology across markets and for new use cases, including 5G device security. Further to this, I am pleased to announce GlobalPlatform is taking steps towards launching a SESIP lab training program in Q2 next year.

You can read more on GlobalPlatform’s technical roadmap below. A key benefit of GlobalPlatform membership is contributing to the development of solutions that solve challenges and unlock opportunities for your organisation, and I encourage all members to consider how they can get involved in the work of our committees and task forces.

The Secretariat will also shorty circulate an update on GlobalPlatform certification fees. These fees have remained flat for over a decade. GlobalPlatform has therefore analyzed the certification program in line with inflationary factors and supplier costs.

Finally, given ongoing uncertainty around travel restrictions GlobalPlatform and Winbond have taken the decision to move the ‘IoT Security and Ecosystem Workshop: Certified Trust’ to August. We hope those of you that had planned to attend will still be able to join us. We will be sharing more information on the venue and dates in the coming months.

GlobalPlatform’s technical priorities for 2022

In addition to driving the open-source implementation of TPS APIs to reduce complexity for device makers, the TPS committee plans to publish guidance on vulnerability analysis for software attacks in the next year.

Meanwhile, the TEE committee is supporting chip makers with the evolution of legacy TEEs to MCU technology. This includes a new TEE System Architecture document with support for Hypervisors.

The SE committee is working to define standardized schemes for OS updates. It will publish a complete set of documentation for the Virtual Primary Platform (VPP) and plans to release an extension of the GlobalPlatform SE Protection Profiles for FIDO 2.0 to reduce the cost of certification.

In parallel to the development of a SESIP IoT ecosystem grouping laboratory, vendors and Certification Bodies, the Security task force will continue to explore the impact of post quantum crypto. It will also join the IoTopia task force to address 5G device security.

Along with a focus on 5G, the IoTopia task force will continue to drive industry support, adoption and the continued development of its security framework for device lifecycle management.

The Japan task force will continue to engage regional stakeholders and standards bodies to promote adoption of GlobalPlatform and encourage technical contributions.

Similarly, the China task force is working to define regional data protection and IoT device requirements, with plans to publish a ‘market outlook’ whitepaper in 2022.

We would like to thank our members for their continued dedication.

Read the meeting minutes

Congratulations to our Star Awards winners

The Star Awards program recognizes and awards members for exemplary participation in GlobalPlatform. These individuals are enthusiastic and dedicated to driving GlobalPlatform’s work efforts, and the objectives of the Technical Committee or Task Force that they represent.

At the GlobalPlatform Fall Meetings, we were pleased to award the following members for the significant contributions they have made over the course of the year.

  • Collaboration & teamwork
    - Mike Parsel (T-Mobile)
  • Making it happen
    - Per Ståhl (Ericsson), Rachel Menda-Shabat (Winbond) and Sylvie Wuidart (STMicroelectronics)
  • Leadership - Don Felton (Trustonic)
  • Going the extra mile
    - Jean-Philippe Galvan (Qualcomm) and Carlos Serratos (Brightsight)
Learn more

2021 annual report

Our annual report looks back at key milestones achieved in 2021 and the technical initiatives GlobalPlatform is driving to empower stakeholders to build, certify, deploy and manage secure solutions.

The report also details membership benefits and explains how GlobalPlatform is collaborating with other industry bodies like FIDO, RISC-V, TCG and TCA, to advance standards and technologies that ease the security burden and bring trust to connected industries.

Download

NEWS: GlobalPlatform helps SE ecosystem demonstrate security and compliance

GlobalPlatform has certified its Secure Element Protection Profile with the international standard for computer security certification, Common Criteria (CC).

The new profile offers a simple framework to evaluate the security of different SE use cases and form factors. This will make it quicker and easier for stakeholders across industries to validate and compare security features, protect applications and data against high-profile attacks and comply with IoT and cybersecurity regulations.

Learn more

BLOG: Adding value to certification with ISO 17065

Back in July, GlobalPlatform achieved ISO 17065 accreditation demonstrating it has state-of-the-art certification processes in place for its functional, SE security and TEE security schemes.

In the latest blog from our insight series Technical Director, Gil Bernabeu, explains how the accreditation adds value to device makers and vendors by positioning GlobalPlatform to address future challenges, and evolve its certifications as connected device types and regulatory practices advance.

Read here
Technical Documents

New Document Releases

Specifications Under Review

This update for all GlobalPlatform Card APIs adds support for the new export file format (v2.3) added in Java Card™ v3.1. The APIs now contain export files in both formats. All API features remain unchanged.

This document has been made available for public review. Please provide comments by Friday December 17, 2021.

Download

This document provides guidance on how to combine the TEE PP with TEE PP-modules. It is intended as a technical note to provide advice to any entity considering TEE certification.

This document has been made available for member review. Please provide comments by Thursday December 23, 2021.

Download
Speaking Engagements

GlobalPlatform joins Java Card Forum Webinar series

Technical Director, Gil Bernabeu, joined Java Card Forum’s webinar series last week. Catch up on ‘GlobalPlatform Secure Element (SE) Device Integration’, to learn how we are supporting the evolution of SEs and easing integration with new device types.

Watch

Did you miss our second Java Card Forum webinar?

Gil delivered another webinar explaining how GlobalPlatform-certified SEs address the need for consistent and verifiable security and support FIDO 2.0. Watch the recording on-demand to learn more.

Watch

GlobalPlatform to speak at Embedded World 2022

GlobalPlatform will present ‘Device APIs to Root of Trust: An Open-source Implementation Building Chains of Trust Between IoT Device Makers and Digital Services’ on Thursday, March 17 at 14:15 CET in the Safety & Security Open Source Solutions track.

Register
Membership Offers

Visit the member website to view discount codes for each event

For archived newsletters

GlobalPlatform
Hey There!

It seems you are using an outdated browser, unfortunately this means that our website will not render properly for you. Update your browser to view this website correctly.

GOOGLE CHROME
FIREFOX
MICROSOFT EDGE