Secure Isolation Platforms: The New Frontier in Device & Data Security

By Richard Hayton, Chair of the TES Committee

By all accounts Secure Elements (SEs) and Trusted Execution Environments (TEE) are now a mature technology in our industry. The need to build standardized isolated environments in devices, and simplify access to the secure services they enable, has cemented their role in the application processor space. Multiple industries and devices are using these technologies to keep sensitive data safe from bad actors, by encrypting it in transit and while it is being stored and processed.

Yet in recent years, we have seen the emergence of other secure isolation platforms that serve similar roles but with different trade-offs. We also see how some sectors like automotive, payments and identity have requirements to use a combination of isolated environment technologies across their solutions, and need horizontal services that can be deployed across platforms. As a result, the scope of secure isolation platform technologies is evolving.

What is a secure isolation platform?

Informally, when we talk about ‘secure isolation platforms’ what we mean is platforms or technologies that isolate one piece of computing environment from another – typically for security or trust related reasons. TEEs, SEs and integrated SEs are well-known examples standardized by GlobalPlatform. Other bodies have created other standards for similar concepts, for example Platform Security Architecture (PSA) and Confidential Computing (CC).

These technologies, to varying levels depending on the use case, ensure that sensitive data is stored, processed, and protected in an isolated and trusted environment; offering protection against attacks generated in the rest of the device and even other actors inside the execution environment.

How are data privacy and security needs changing?

Whether driven by security and privacy regulations, the desire to innovate with new technologies or stay on top of the competition, more vertical sectors are working to determine which isolation platform, or platforms, are best to safeguard their devices, data and services.

The automotive sector for example is undergoing huge change as new legislation, such as UNECE 155/156, comes to bear. UNECE establishes a legal framework for manufacturer's cybersecurity management systems, and failure to embrace could result in costly penalties and fines, not to mention the long-lasting damage to reputation. As a result, automakers are looking for solutions they can use across their platforms, from embedded, safety critical, microcontroller units (MCUs) through to domain or zonal compute and specialized AI systems.

AI is another example of where emerging technologies are driving new security requirements. A specific example is the protection of Intellectual Property (IP) that is inherent in any large language model, especially when executing at the edge. Current generation isolation platforms are primarily focused on isolating traditional computation and storage used for security features, from those used for general purpose computing.

Although some of the existing secure isolation technologies could work for AI, the memory size and performance requirements of large language models means we may need to adapt techniques to better support the requirements of new use cases. This is also an emerging need to isolate processing in AI or GPU processors.

How is GlobalPlatform supporting evolving requirements?

As technology advances, new data security and privacy requirements will continue to emerge.

By combining the work already done by the TEE and Trusted Platform Services (TPS) Committees into a new Trusted Environments & Services (TES) Committee, GlobalPlatform is working to address evolving requirements by covering a broader range of secure isolation platforms and providing mechanisms that enable access to their secure services. Technical solutions using multiple physical elements to provide isolation, or solutions isolating specific security services, such as Trusted Platform Modules (TPMs), Measurement and Attestation Roots (MARs) or Hardware Security Modules (HSM) / Secure Hardware Extensions (SHE), are all within our scope.

We want to build trust and adoption of these solutions through education, training, security profiles and certification that maps to market requirements. The goal is to enable providers of existing and new silicon solutions to bring certifiable products with secure isolated environments to market, and ensure end-to-end protection of assets for service providers, whatever those services are, at a substantial level of security.

What does that mean for AI and Automotive?

By casting a wider net, the TES Committee will define services that directly address vertical sector problems and use cases, helping enable robust security across a range of secure platforms.  Automotive and AI are two use cases that we are tackling first.

For Automotive, the TES Committee is analysing the SAE J3101 standards for key management and will propose solutions that to help automakers scale between MCU and central processing unit (CPU) implementations. There is potential to formalize a protection profile for these solutions, simplifying type approval for vendors.

Similarly with AI, we are addressing issues from a technology neutral perspective to evaluate the options provided by the various isolation technologies available today, and those that are proposed in future.

Bring us your requirements!

Full and participating GlobalPlatform members can join the TES Committee and contribute their requirements.

Already a member? Join the TES Committee and working groups in Workspace. Please note that you will need to join the TES Committee group first to be able to access and join the individual working groups.

Interested in getting involved? View our membership options and benefits here, and to discuss further please send an email to: membership@globalplatform.org