March 2021 Newsletter

Letter from GlobalPlatform’s Executive Director

It has been a productive start to 2021, and March is shaping up to be another busy month for GlobalPlatform.

We are now finalizing arrangements for our virtual IoT events, including the ‘IoT Device Secure Onboarding Solutions’ workshop on March 17 and ‘SE for IoT’ in April. View the agendas below and if you have not already, secure your place by registering here.

GlobalPlatform has also announced its Board of Directors for 2021. On behalf of the organization, I would like to welcome our new Chair Stéphanie El Rhomri of Fime, as well as two new Board representatives from Trustonic and Thales. See the full list of Board representatives below or read the press release on our website.

Finally, a reminder that GlobalPlatform will host its virtual All-Member meeting on Thursday, 18 March and Spring meetings from March 22 to March 26. View the scheduled meetings and access the joining details via the GlobalPlatform events calendar here.

IoT Device Secure Onboarding Solutions Workshop

This live workshop will provide insight on industry approaches and define priorities for the deployment of secure services in components and devices. Attendees will also receive guidance on the management infrastructure of the associated protocols related to device onboarding.

Key contributions and topics include:

  • Gonda Lamberink (UL) with introductions.
  • Elliot Lear (Cisco) on GlobalPlatform’s role in device onboarding, and Device Provisioning Protocol (DPP).
  • Tim Polk (NIST) offering a perspective on the enterprise side of onboarding.
  • Peter Steinhäuser (EmbeDD) providing insights into the consumer side of onboarding.
  • Steve Hanna (Infineon) exploring connected home over IP.
  • Geoffrey Cooper (Intel) presenting FIDO Device Onboard.
  • Michael Richardson (consultant) discussing Bootstrapping Remote Secure Key Infrastructure (BRSKI).
  • Henk Birkholz (Standards Expert) moderating a roundtable discussion.
  • Gil Bernabeu (GlobalPlatform) explaining GlobalPlatform’s role in enabling secure IoT device onboarding.

Through the workshop, GlobalPlatform aims to promote an open, standards-based approach to scalable, autonomous device onboarding. We hope you will attend the workshop, and join us in this common effort.  The workshop is open to GlobalPlatform members and non-members.

Register here

Save the date: ‘SE for IoT’ Workshop

Taking place April 13-15, this workshop will educate delegates and offer live use cases and demonstrations to explain how Secure Elements (SEs) can overcome IoT implementation, business, security, regulatory and data protection challenges. The workshop is free-to-attend and open to both GlobalPlatform members and non-members.

Key topics covered include:

  • An introduction to GlobalPlatform SEs.
  • Multi-cloud authentication and communication using Java Card.
  • Onboarding technologies – DLOA and MUD files.
  • Device connectivity based on SIM application engine.
  • GSMA’s IoT SAFE – Robust and effective IoT security at scale.
  • Multiple independent OS on tamper-resistant platform.
  • Attestation.

We would like to thank our speakers, as well as Prime Sponsor Oracle and Supporting Sponsors STMicroelectronics and Able Device, for helping to make the workshop possible.

Registration will open soon, stay tuned!

GlobalPlatform welcomes new Chair and board members

We are pleased to announce that Stéphanie El Rhomri of Fime has been elected as GlobalPlatform Board Chair. Olivier Van Nieuwenhuyze of STMicroelectronics will take over the role of Treasurer and Secretary from Stephanie, and Rob Coombs of Arm retains his position as Vice Chair.

The other seats on GlobalPlatform’s Board for 2021 include:

  • Claus Dietze – Giesecke + Devrient Mobile Security.
  • Eikazu Niwano – NTT Corporation.
  • Jeremy O’Donoghue – Qualcomm.
  • Mark Lipford – T-Mobile USA.
  • Jan Nemec – Thales.
  • Richard Hayton – Trustonic
  • Marc Kekicheff – Visa.
  • Sebastian Hans – Oracle

Together, the group will drive GlobalPlatform’s work to enable innovative digital services and devices, while enhancing end-to-end security, privacy, simplicity and convenience for users.

BLOG: PSA Certified available with GlobalPlatform’s SESIP Methodology

The huge diversity found in IoT chips, software and products has long been an obstacle to creating secure by design connected products. The latest blog from GlobalPlatform’s Vice Chair, Rob Coombs, discusses Platform Security Architecture Root of Trust (PSA-RoT) technology, and how it creates a Secure Processing Environment within a chip that acts as the trust anchor for the device and services that depend upon it.

Applus+ Laboratories becomes SESIP certified

GlobalPlatform member, Applus+, has successfully met all of the security criteria required by GlobalPlatform and TrustCB to become a SESIP-certified evaluation laboratory. For the IoT, certification is essential to facilitating trust and confidence, and SESIP offers an optimized approach for certifying connected products against a broad range of regulatory and security frameworks. We look forward to seeing how Applus+ will leverage SESIP to further foster IoT market stability and growth.

Technical Documents

New Document Releases

This document specifies a low-level API for the minimum UICC functionality needed in low-cost constrained IoT devices. This includes functions for network attachment and functions for cellular subscription profile download and management.

It is available for free download from the GlobalPlatform website.

Download

This maintenance release adds reference to GlobalPlatform recommendations regarding security protocols and cryptography.

It is available for free download from the GlobalPlatform website.

Download

This maintenance release of Annex C adds reference to GlobalPlatform recommendations regarding security protocols and cryptography.

It is available for free download from the GlobalPlatform website.

Download

Specifications Under Review

This second version of the SESIP methodology integrates two main parts:

  • Additional information about composition possibilities in the core document, plus guidelines in a new annex.
  • Introduction of the concepts of SESIP Profiles and SESIP mappings.

This document has been made available for member review. Please provide comments by Wednesday, March 10, 2021.

Download

This paper introduces the concepts of composition and reuse, and how they can greatly reduce cost, effort and duration of evaluation of Information and Communications Technology (ICT) products. It then shows how SESIP efficiently addresses such needs, proposing a methodology allowing the reuse of evaluation results across products integrating the evaluated components, and the evaluation of any type of composition between components.

This document has been made available to solicit comments from the Security Task Force of GlobalPlatform. Please note that we expect all comments by Wednesday, March 10, 2021.

Download

This is a new version of the GlobalPlatform Card Specification Amendment B. It introduces support for two new features: TLS 1.3 and DNS Resolution.

Usage of the TLS 1.3 protocol enhances the overall security of the Remote Administration Session, while usage of DNS Resolution allows reliance on multiple Remote Administration Servers, improving success rate and performance of remote administration.

This document has been made available for member review. Please provide comments by Wednesday, March 10, 2021.

Download

This is an update of the GlobalPlatform Card Specification Amendment F: Secure Channel Protocol 11. It contains an alignment with the recently published SCP03 on longer checksums plus additional clarifications.

This document has been made available for public review. Please provide comments by Thursday, March 25, 2021.

Download

The Virtual Primary Platform (VPP) encapsulates a technology dependent part of a Tamper Resistant Element (TRE) named the Primary Platform, offering the lowest level of virtualization of critical resources via an API for managing firmware. The VPP specifications define an interface management system that facilitates communication between VPP apps, the VPP itself, the other components present within the device, and the outside world.

GlobalPlatform is updating its existing VPP specifications to include corrections and clarifications, as well as changes resulting from requests and discussions with ETSI TC SCP.

This document has been made available for public review. Please provide comments by Friday, April 23, 2021.

Download

This document specifies the VPP Firmware Format, which enables the Primary Platform Maker to reach the needed interoperability with other Firmware Makers as defined in [OFL].

It is the second out of the four VPP specifications that GlobalPlatform is updating, and making available for public review. Please provide comments by Friday, April 23, 2021.

Download
Speaking Engagements

Embedded World DIGITAL

Don’t miss Technical Director, Gil Bernabeu, at Embedded World DIGITAL this week. Join Gil on March 04 at 05:30 PT / 14:30 CET for the presentation ‘Standardizing the TEE – The IoT Opportunity.’

Register to attend

Embedded World DIGITAL

Gil also attended the event on Wednesday to explain how the SESIP methodology simplifies security evaluation and enables trusted IoT devices. Presentations are available on-demand to conference attendees via the website.

Watch on-demand

Embedded IoT World

GlobalPlatform will join the speaker line up at this year’s virtual event to deliver the presentation ‘Building IoTopia – GlobalPlatform’s initiative to standardize security for IoT devices & services.’ Stay tuned for further details to be announced soon.

Stay up to date
Membership Offers

For archived newsletters

GlobalPlatform
Hey There!

It seems you are using an outdated browser, unfortunately this means that our website will not render properly for you. Update your browser to view this website correctly.

GOOGLE CHROME
FIREFOX
MICROSOFT EDGE