GlobalPlatform Unites Industries to Accelerate Momentum Toward Secure SDVs
Francesca Forestieri, Automotive Lead, GlobalPlatform
It’s been a busy few months for the GlobalPlatform Automotive Task Force. Most recently, we welcomed Stellantis as a new member—the automotive giant behind globally recognized brands such as Alfa Romeo, Chrysler, FIAT, Jeep, Opel, Peugeot, and Vauxhall. Stellantis will immediately begin contributing to the Task Force’s mission of bringing proven GlobalPlatform technologies and specifications to the automotive sector.
Having a company of this scale join us is a tremendous endorsement of our work. But our progress is not about one company—it’s about industry-wide collaboration. We’re bringing together a growing community of automakers, cybersecurity firms, silicon vendors, and academic institutions to advance a standardized approach to the complex cybersecurity challenges of today’s software-defined vehicles (SDVs). Recent contributors to the Task Force include AIST, Cariad (Volkswagen), Dekra, ETAS, Linaro, Rambus, Renesas, Stellantis, Uni-sentry, and Woven by Toyota. Each is playing a vital role in shaping the future of automotive security.
Turning Standards Into Action
We’re reaching important milestones too. A key focus area for 2025 has been demonstrating how GlobalPlatform’s Secure Element (SE) and Trusted Execution Environment (SAE) specifications meet SAE requirements for Hardware Protected Secure Environments (SAE J3101). This work has now been completed, resulting in the publication of J3101-5, an addendum that creates the formal means for suppliers of GlobalPlatform solutions to demonstrate automatic compliance with J3101.
This breakthrough effectively transforms J3101 from a list of security requirements into a practical, implementable reference that OEMs and their supply chains can adopt with confidence. For instance, when responding to RFPs, suppliers can now demonstrate compliance with SAE J3101 automatically by adhering to GlobalPlatform solutions. For automakers, this means faster procurement, service agility, and interoperability.
A Scalable Framework for Securing Auto Systems
We’re also making strong progress on the development of a SESIP Protection Profile for SAE ‘s J3101 trusted applications using GlobalPlatform. SESIP—the Security Evaluation Standard for IoT Platforms —provides a multi-level assurance framework for automotive cybersecurity, using direct metrics aligned with ISO 15408 AVA_VAN levels.
By using modular evaluation methods and reusable certificates across the supply chain, SESIP helps reduce costs, preserve the integrity of component-based architectures, and speed the adoption of secure digital services in modern connected vehicles. We are planning for extensions of these automotive SESIP profiles all the way to ECUs.
These latest developments underscore GlobalPlatform’s commitment and speed in advancing practical, scalable solutions that address the auto industry’s growing cybersecurity crisis.
Automotive cybersecurity threats are escalating rapidly: in 2024, more than 500 vulnerabilities were publicly reported, compared with just six a decade earlier. Meanwhile, the estimated costs of SDV cyberattacks have skyrocketed to $22.5 billion, up from $1 billion in 2022. These figures highlight the critical need for collaboration, standardization, and proactive security frameworks.
Get Involved
We invite all stakeholders across the automotive and cybersecurity ecosystems to join us. By contributing to the development of next-generation standards and specifications, you can help ensure interoperability, strengthen regulatory alignment, and deliver trusted digital services at scale. GlobalPlatform welcomes contributions through its Technical Committees, the Automotive Task Force, and the Cybersecurity Vehicle Forum.
To learn more, contact us at automotive@globalplatform.org.
