For inquiries about GlobalPlatform or website assistance, contact secretariat@globalplatform.org.

Solving IoT device security at scale

IoT security vulnerabilities continue to pose a risk to people, organizations and society. In response, new cybersecurity regulations and requirements are mandating stronger protection for IoT devices.

This is needed but also creates challenges as, to comply, device makers and non-security experts must identify and understand relevant security requirements, implement appropriate technology, and demonstrate the security features of their IoT devices.

The problem

For an OEM, undertaking multiple security evaluations for a single IoT device increases costs, time to market and effort. This approach is unsustainable. In turn, it increases the risk that devices will be deployed without the appropriate levels of security.

The solution

We need to make IoT device security economically viable for the entire value chain. The best way to achieve this is to address risks at the core by building IoT devices with platforms and components that have already been security certified.

The result

By using certified components with in-built security assurances, device makers can integrate, manage and demonstrate security without incurring additional cost, effort, or time-to-market. This drives down the total cost of ownership, and provides assurance that devices are secure by default.

The Security Evaluation Standard for IoT Platforms

What is SESIP?

The Security Evaluation Standard for IoT Platforms (SESIP) is a methodology that reduces the cost, complexity and effort of security evaluation and certification.

It utilizes the concepts of composition and reuse, so that previously certified components can be used to build a device with in-built security assurances, without having to repeat the same evaluations in every targeted market.

The methodology maps to other standards and requirements from bodies including ETSI, ISO/IEC and NIST, which demonstrates a risk-based design approach and helps lower barriers to entry.

Why SESIP?

Reduce costs

Save money by not having to pay for the same evaluation multiple times. SESIP certificates can be re-used to provide security evidence and meet multiple requirements.

Minimize time & effort

Implement and demonstrate security that is fit-for-purpose without having to become a security expert. SESIP-certified components provide in-built security assurances.

Grow your business

Seize market opportunities. SESIP lowers barriers to entry by simplifying compliance with regional and market requirements including, RED, CRA, US Trust Mark, Singapore CSA CLS, IEC 62443, ISO 21434.

Manage risk

Demonstrate that a risk-based design approach has been taken when developing your IoT device. SESIP enables the identification, understanding and implementation of certified security requirements.

Demonstrate value

Use security features to differentiate your products and empower your customers to make better, more informed decisions. SESIP provides evidence of security-by-default.

Quantifying the benefits of SESIP

How can we measure the value of SESIP? Read our whitepaper to learn how the benefits of SESIP can be quantified in terms of the cost, effort, and duration of evaluations.

Read here
An internationally-recognized standard for IoT security compliance
  • SESIP has been adopted by CEN and CENELEC as a European Standard (EN 17927)
  • Over 28 SESIP-certified products
  • 6 licensed laboratories
  • 1 Certification Body (and 3 more joining soon)
  • Recognized and referenced by bodies including PSA Certified, National Institute of Standards & Technology (NIST) and Car Connectivity Consortium (CCC).
Addressing the entire IoT evaluation and certification process
  • Device makers – enhance the visibility of device security and ensure readiness to achieve certification in line with any schemes using SESIP.
  • Solution vendors – demonstrate alignment with market requirements, use cases and regulations.
  • Laboratories – become a SESIP-certified lab to provide your customers with an efficient and swift solution for IoT device certification.
  • Certification Bodies – adopt the SESIP methodology and work with other Certification Bodies to ensure consistency of evaluations.
  • Governments & Regulators – use the SESIP security evaluation methodology for public and private schemes to build trust in our digital economy.

Already adopting SESIP?
For companies that are not GlobalPlatform members but that would like to be kept informed about the latest GlobalPlatform SESIP developments and technical documents, and showcase their certified products in line with the SESIP trademark license agreement, GlobalPlatform has created a ‘SESIP Adopters’ community. View the agreement and apply here.

Technical documents
Download the SESIP evaluation methodology, Governance document, and access a growing library of SESIP mappings and protection profiles.

This document specifies requirements for the security evaluation of IoT platforms and parts thereof, including in particular a set of Security Functional Requirements, and the definition of Security Assurance Requirements packages that define five assurance levels. These requirements are based on the Common Criteria standard (ISO154080, v3.1), which it refines for the specific purpose of the evaluation of IoT platforms and parts thereof. The set of documents also includes the definition of a scheme based on these requirements, which defines managements rules such as the management of certificates and the accreditation of Certification Bodies and Laboratories.

<a href="https://globalplatform.org/specs-library/sesip-methodology/">Download here</a>.

  • SESIP Profile for DTSec Connected Diabetes Device Platforms v1.0
    • This document is the SESIP Profile for DTSec Connected Diabetes Device Platforms, designed for the security evaluation of such platforms using SESIP methodology.
    • Download here.
  • SESIP Profile for Secure External Memories v1.0
    • This document is the SESIP Profile for Secure External Memories, designed for the security evaluation of external memory components using the SESIP methodology.
    • Download here.
  • SESIP Profile for Secure MCUs and MPUs v1.0
    • This document is the SESIP Profile for Secure MCUs and MPUs, designed for the security evaluation of MCUs and MPUs using the SESIP methodology.
    • Download here.

SESIP Mappings enable the reuse of SESIP evaluation results; helping device makers to demonstrate that a SESIP certificate answers to a specific regional or market scheme, regulation or requirement.

GlobalPlatform is managing the governance of the SESIP methodology, to ensure SESIP evaluations are carried out consistently, that there is alignment between Laboratories and Certification Bodies, and to facilitate the harmonization of SESIP standards and procedures.

The SESIP Governance document describes the governance process for the methodology. The document specifies the competencies and accreditations required for the Certification Bodies and for the Laboratories performing evaluation activities, and the process that a Certification Body (CB) shall follow to issue a certificate of compliance.

Download here.

Learn more and get involved

Education

Access a library of free educational videos and whitepapers, to learn how SESIP can be used and the benefits it delivers.

Visit the library

Training

Learn about the SESIP methodology, its market applicability, composition, and Governance with our training for product vendors, regulators, scheme owners and labs.

Learn more and book

The SESIP Committee

The SESIP Committee sets the strategy and delivers initiatives to support the adoption and recognition of SESIP as a worldwide, multi-vertical scheme for security evaluation.

Learn more

SESIP Governance

GlobalPlatform members can join the governance working group, which is responsible for harmonizing the applicability of SESIP and driving mutual recognition across public and private schemes.

Get involved

Technical Documents

GlobalPlatform members can join the technical working group, to contribute to the creation of SESIP security profiles and mappings to other schemes, requirements and regulations.

Get involved

Ecosystem Adoption

GlobalPlatform members can join the ecosystem adoption working group to drive awareness of, and engagement with, SESIP and its benefits through marketing and communications activity.

Get involved

Participation Forms

The legal and technical forms applicable to each type of certification are provided below. For information on the procedures to be completed by a Certification Body or Laboratory to join the SESIP licensing program, read GlobalPlatform's SESIP Governance.

Participation FormsProduct VendorLaboratoryCertification Body
GlobalPlatform SESIP Security Lab Agreement
Trademark License Agreement
GlobalPlatform SESIP Certification Body Relationship Agreement
GlobalPlatform SESIP Certification Body Request Form
GlobalPlatform SESIP Adopter Agreement

Want to learn more about SESIP?

Contact us.
Chat with us
GlobalPlatform
Hey There!

It seems you are using an outdated browser, unfortunately this means that our website will not render properly for you. Update your browser to view this website correctly.

GOOGLE CHROME
DOWNLOAD
FIREFOX
DOWNLOAD
MICROSOFT EDGE
DOWNLOAD