IoTopia Task Force

The IoTopia Task Force is co-chaired by Sebastian Hans from Oracle and Russ Gyurek from Cisco. All GlobalPlatform members are eligible to participate in this group.

The goal of the IoTopia Task Force is to accelerate IoT deployment by providing best practice references for IoT security, guidelines, testing and certification. It does this by defining and evaluating the business and technical requirements of existing and emerging secure services, required by consumer and industrial products in an increasingly connected world.

This involves maintaining and developing GlobalPlatform’s IoTopia Framework, which is a practical implementation guide to secure IoT devices across all markets and in line with global requirements. The vision is to create an open and standardized approach to secure IoT device management, utilizing GlobalPlatform technologies across four key pillars:

  1. Secure-by-Design – defines how GlobalPlatform-secured components and Trusted Platform Service (TPS) APIs can be used with existing secure by design standards.
  2. Device Intent – GlobalPlatform’s MUD File Service leverages IETF’s framework and uniform resource identifier (URI) to outline device intent, and help device manufacturers publish, in a unique location, the MUD file library associated with their products.
  3. Autonomous, Scalable, Secure Onboarding – IoTopia will offer an open, standards-based secure onboarding process to streamline network administration, based on open standards, such as Bootstrapping Remote Secure Key Infrastructures (BRSKI).
  4. Device Lifecycle Management – provides governance to cover software, firmware and hardware patching and updates, tracking, secure storage of events and end of support/service.


The IoTopia Task Force works to:

  • Leverage standards and accepted parameters for secure-by-design, onboarding, device intent and lifecycle management, and develop high-level requirements, guidelines, and white papers on IoT-related solutions and specifications;
  • Host internal and external educational meetings and workshops to further the understanding of IoT technologies across the ecosystem;
  • Develop a blueprint for device makers to build and manage connected IoT devices using GlobalPlatform secure component technologies; and
  • Collaborate with Government agencies (including NIST/NCCoE, ENISA), Industry Consortiums (such as CTA, CTIA, OCF, IETF, ISA) and Universities, to achieve adoption of the IoTopia Framework and four pillars.

Current Priorities

  • Continue to drive forward GlobalPlatform secure component technologies for IoT;
  • Promote the use of GlobalPlatform technology, certification and specifications;
  • Promote GlobalPlatform’s IoT initiatives IoTopia and Security Evaluation Standard for IoT Platforms (SESIP) within relevant markets;
  • Finalize the foundations for IoTopia’s secure-by-design parameters, to address specific consumer and industrial use cases across key market verticals;
  • Propose hosted solutions (open source, POCs, repository) to support the deployment of the IoTopia framework;
  • Contribute to secure device on boarding deployment across markets; and
  • Collaborate with industry partners including the Car Connectivity Consortium, ETSI, GSMA, IoT Connectivity Alliance (ICA), Industrial Internet Consortium (IIC), NFC Forum, NIST, Open Mobile Alliance, oneM2M, Trusted Connectivity Alliance and Trusted Platform Consortium.
Related Content

Managing Security & Risk in the IoT

Watch Nguyen Quang-Huy, Evaluation Labs Manager at Trusted Labs, discuss the implications of an IoT hack and how TEE technology can help manage this risk.


VIDEO: How does SESIP provide a standardized methodology for IoT security implementation?

Technical Director Gil Bernabeu, alongside Brightsight’s Carlos Serratos and NXP’s Eve Atallah, explores how SESIP will provide the IoT ecosystem with a scalable, standardized methodology for ensuring that connected products meet the specific compliance, security, privacy and scalability challenges presented by the rapidly expanding IoT landscape.

Watch Here

Combined strengths of oneM2M and GlobalPlatform to address IoT security

François Ennesser, chairman of oneM2M Security Working Group and Gil Bernabeu, GlobalPlatform Technical Officer, illustrate how the know-how and expertise of both organizations complement each other to combine security and ubiquity in IoT deployments.


Sebastian Hans

IoTopia Task Force Co-Chair


Mr. Hans currently serves as Principal Member of Technical Staff at Oracle, previously Sun Microsystems Inc., where he is responsible for all smart card standardization activities with a strong focus on SIM and UICC technology. While at Sun Microsystems Inc, Mr. Hans has also headed up business development within the telecommunications market and has driven advanced pilot projects for the deployment of Java Card in the banking, insurance and mobile communication markets. Mr. Hans represents Sun Microsystems Inc. in ETSI SCP, 3GPP, OMA and is the Vice Chair of ETSI SCP TEC.

Mr. Hans serves as GlobalPlatform Board Director and Co-Chair of the IoTopia Task Force.

Chris Steck

IoTopia Task Force Co-Chair

Cisco Systems

Chris Steck is Head of Standardization, IoT & Industries for Cisco, where he is responsible for the overall strategy for Cisco’s commercial and industrial IoT standards initiatives, which includes aligning Cisco’s IoT security standards strategy across multiple vertical (5GAA, 5G-ACIA, IIC, OPC, OPAF, OCF) and horizontal consortia (WFA, LoRaWAN, 3GPP, GSMA, oneM2M, OMA,Thread, IEC, IEEE, TCG and Charter of Trust).  Chris also serves on the board of the Open Connectivity Foundation where Cisco is leading Smart Commercial Building specification, and open source efforts to develop an application-agnostic common IoT app framework to drive the proliferation of IoT devices that are interoperable and secure on both managed and unmanaged networks.

Chris held a similar technology strategy role at Jasper, prior to their acquisition by Cisco, driving Jasper’s standards interests in LPWA networking, device provisioning/management, and IoT security. Prior to that, he drove standardization of voice enhancement software and hardware capabilities for Audience (now a part of Knowles), and held similar responsibilities at RealNetworks, driving standards and guiding research in digital media, while serving on the board of the International Multimedia Telecommunications Consortium as CTO.  Much further back he spent several years at Microsoft on Win95 through XP.

A veteran of several startups along the way, he’s also created mobile apps for managing family life, a WiFi phone switch, an operating system GUI for early smartphones, and computer telephony & speech recognition software.

Gonda Lamberink

Device Intent Sub-Task Force Leader


Ms. Gonda Lamberink is the current Chair of GlobalPlatform’s Device Intent Working Group where she oversees the organization’s involvement in developing documentation for creation, management and certification of MUD files. The working group will also focus on creating MUD Proof of Concept implementations, industry outreach, and exploring liaisons with stakeholders and organizations to help drive MUD. Ms. Lamberink also works as Cybersecurity Senior Business Development Manager at UL (Underwriters Laboratories).

Interested in joining the IoTopia Task Force?

Hey There!

It seems you are using an outdated browser, unfortunately this means that our website will not render properly for you. Update your browser to view this website correctly.