SESIP: The Benefits of IoT Security Evaluation Reuse
Gil Bernabeu, Technical Director, GlobalPlatform
How does GlobalPlatform’s Security Evaluation Standard for IoT Platforms (SESIP) methodology address the scale and complexity of security evaluation in the IoT ecosystem? Gil Bernabeu, Technical Director, speaks to Embedded.com about the benefits that SESIP brings to the industry…
The Internet of Things (IoT) is evolving at a dizzying pace. By 2025, users will deploy nearly 75.5 billion IoT devices worldwide. Yet many of these devices have little to no security capability, leaving the ecosystem of connected devices and services incredibly vulnerable to attack.
As the IoT continues to expand, it’s imperative that both existing and new types of connected devices and products undergo the security certification process, which impact stakeholders from different corners of the ecosystem in different ways.
Certification bodies play a central role by maintaining the quality of security evaluations and raising the overall levels of security assurance across the ecosystem. Under current frameworks for certification, a certification body must evaluate the ability of different components within a device to provide security assurances. However, the growing number of actors, the variety of device types and limited cyber security expertise in the consumer market presents a significant challenge, requiring certification bodies to create new requirements and schemes that adequately address emerging products.
Testing laboratories face a similar challenge, having to constantly ensure processes are robust, yet flexible enough to meet the needs of different device types and different market requirements. This can be both costly and time-consuming, requiring vertical-specific knowledge and tailored processes.
The impact on costs and lead times are often passed onto the product vendor or manufacturer looking to certify products, affecting their bottom lines, and increasing time to market. This is a deterrent to product certification, and in turn, security assurance. To address this, connected stakeholders must come together to decide on a unified approach to certification, to increase efficiencies and ensure testing and evaluation is accessible.
The SESIP methodology offers an alternative approach that greatly reduces the complexity of certification. The methodology enables certification by components that will be combined to create a variety of devices to address different markets. This, in turn, allows certification bodies to develop schemes that recognize and reuse the security capabilities of different components regardless of device type. SESIP empowers stakeholders to leverage the concepts of composition and reuse – by which previously certified components can be used to build a device with in-built security assurances, without having to repeat a complete evaluation of the same component in each and every targeted market. SESIP drives greater efficiency, security, innovation, and cost-savings across the certification process.
Mapping of standards to provide a holistic view of IoT schemes
Evaluating the trustworthiness of IoT devices requires more human resource than is currently available worldwide. To evaluate the number of devices projected to be deployed by 2030 at the rate of one per second would take thousands of years to complete. Further compounding this challenge, the IoT market is completely fragmented, with different security requirements applying to different verticals and regions.
SESIP addresses these challenges by aligning certification schemes to ensure comparable evaluations across the entire IoT ecosystem. By mapping to other standards, from bodies such as ETSI, ISO/IEC and NIST, SESIP provides a common and optimized approach for evaluating the security of connected products across a broad range of regulatory and security frameworks, as well as specific vertical regulations.
Not only does this reduce complexity within the ecosystem, it also supports certification bodies in creating enhanced schemes, by reusing SESIP optimized and pre-defined evaluations of IoT components that answer their specific security level and requirements. This allows laboratories, to optimize resources and increase the number and type of devices they can efficiently and effectively evaluate without needing to increase the number of processes or amount of industry-specific expertise they have.
Furthermore, SESIP streamlines the device security certification process by supporting composition of certified components and reuse of certifications across different evaluations. Reuse allows certification of products based on previously certified secure components, reducing the testing burden on laboratories. Reusing previously evaluated components also offers the benefit of making the certification process more cost effective. If IoT developers and Original Equipment Manufacturers (OEMs) can realize more value and a greater ROI from the certification of a single component, they are more likely to bring more components to certification bodies for evaluation, offering increased trust to connected devices and services, regardless of vertical.
On the surface, it may seem like savings on certification efforts may result in a loss for the certification bodies and laboratories, however the opposite is true. As certification is becoming faster and more cost effective, the number of products to evaluate will increase, generating more work for evaluators.
Building a complete environment for consistent application
Ultimately, the varied and constantly evolving nature of the IoT prevents the creation of a single scheme that serves the security needs of all connected devices. Instead, GlobalPlatform envisions an environment in which SESIP is consistently applied across all connected verticals, geographies and their relevant certification schemes.
Without SESIP, the ecosystem becomes fragmented as each industry defines its own security requirements using different language and defines sector specific evaluation methodologies that vendors and laboratories must understand and apply later on. SESIP serves as a unifying and equalizing force for security certification standards, preventing some industries from becoming more vulnerable than others due to discrepancies in policy making and security expertise.
Along these same lines, SESIP facilitates simple and coherent governance across geographies and industries and standardizes the evaluation methodology for security products and capabilities across the value chain. Certification bodies and laboratories can improve their own internal processes by leveraging previously defined test plans and strategies, limiting the need for constant input and expertise from developers working in specific areas of IoT, and reusing sections of reports from previously evaluated components.
Strengthening the IoT ecosystem through certification and education
SESIP provides certification bodies with a tool kit to conduct effective, efficient, and cost-effective security evaluations and accelerate the go-to-market of certified products for vendors. By enabling certification bodies and laboratories to evaluate composite products made of certified elements and reuse evaluation results across schemes, SESIP empowers product vendors to strengthen security assurances for consumers.
Want to learn more about SESIP? Don’t miss GlobalPlatform’s seminar to learn about implementations of the methodology from IoT leaders including Amazon, Arm, ENISA, ETSI, Microsoft, and NXP. The seminar takes place in Barcelona and is also available virtually, register here.