For inquiries about GlobalPlatform or website assistance, contact secretariat@globalplatform.org.

Security Task Force

The Security Task Force is chaired by Olivier Van Nieuwenhuyze from STMicroelectronics. All GlobalPlatform members are eligible to participate in this group, as well as approved non-member government agencies.

Mission

The Security Task Force defines GlobalPlatform’s security philosophy and its contribution to the security landscape.

It works closely with the Crypto Sub-Task Force to monitor new trends in cryptography and examine new algorithm proposals, providing a list of algorithms and protocols based on academic publications and known organizations. This is in addition to supporting the SESIP Committee on its mission to drive the adoption and recognition of the Security Evaluation Standard for IoT Platforms (SESIP) methodology as a worldwide, multi-vertical scheme for IoT security evaluation.

Objectives

  • Engage and collaborate with external security organizations to ensure that security requirements from a broad range of use cases and market sector are brought into GlobalPlatform.
  • Advise the GlobalPlatform technical committees in security philosophies, cryptography, certification and applicability.
  • Facilitate collaboration with government agencies and their security experts to define market requirements.
  • Identify and classify secure technologies for the Internet of things (IoT).
  • Maintain and update GlobalPlatform’s cryptographic algorithm recommendations table, through the crypto sub-task force.

Current Priorities

  • Engage ENISA on the alignment of security levels and cybersecurity certification frameworks.
  • Define how to combine GlobalPlatform technology and TPM technology (or other equivalent library).
Related Content

RoT Requirements

The definitions and requirements paper enables original equipment manufacturers (OEMs) and service providers (SPs) to create, implement and use a Root of Trust (RoT) to protect their devices and services.

 

Download

Introduction to GlobalPlatform RoT (English)

An introduction to GlobalPlatform's RoT Definitions and Requirements video explain what RoT is and why GlobalPlatform created the technical document.

 

Watch in English

Deploying and Protecting Digital Services with Chains of Trust

Created by GlobalPlatform’s Security Task Force, this business publication explains the importance of designing devices and services with security at the core.

 

Download
Crypto Sub-Task Force

GlobalPlatform promotes cross industry discussion to identify and address market requirements

Crypto Sub-Task Force

GlobalPlatform promotes cross industry discussion to identify and address market requirements

Mission

The purpose of the Crypto sub-task force is to evaluate and provide recommendations on the cryptographic mechanisms used in GlobalPlatform technology, to ensure high levels of security as cryptography trends and technologies evolve.

Objectives

  • Analyze and report on relevant trends in cryptographic development for new markets and new use cases, as well as trends in cryptographic standardization and policies.
  • Evaluate cryptographic algorithms and protocols, and suggest improvements/modifications to GlobalPlatform when appropriate
  • Identify new cryptographic algorithms and protocols to be considered by GlobalPlatform
  • Provide analysis and recommendations on specific cryptography topics.
  • Collaborate with external industry groups and organizations, through the GP liaison process, in order to better understand and gather functional and technical requirements.

Current Priorities

  • Examine hybrid crypto approaches starting with TLS, to be able to recommend a version in the near future that is acceptable with SE (and TEE) constraints, including collaboration with the GlobalPlatform IoTopia Task Force to understand impact for size-constrained embedded devices.
  • Progress work on hybrid post-quantum cryptography (PQC), including a plan for the integration of new algorithms published security standards bodies including National Institute of Standards and Technology (NIST).
Software Bill of Materials (SBOM) Sub-Task Force

Software Bill of Materials (SBOM) Sub-Task Force

The SBOM Task Force is chaired by Gonda Lamberink of Fortress Information Security. All GlobalPlatform members are eligible to participate in this group.

Mission

The purpose of the SBOM (Software Bill of Materials) Task Force is to analyze the impact of, and provide guidance on, the deployment of SBOM.

Objectives

  • To assess the impact of the deployment of SBOM.
  • To clarify the concepts of software transparency and assurance and provide guidance, such as:
    • A consistent means to produce, consume and exchange software transparency and assurance information.
    • A guide to improve interoperability of software transparency and assurance data exchange.
  • To initiate dialogue and collaborations with impacted markets such as telecoms, healthcare and automotive.
  • To collaborate within GlobalPlatform and with external organizations on SBOM and other key iniatives.
  • To define any necessary requirements for technology development in relation to SBOM.

Current Priorities

  • Analyze impact of the SBOM and provide guidance relating to its deployment, including a consistent means to produce, consume and exchange, software transparency and assurance information.
Chairs

Olivier Van Nieuwenhuyze

Security Task Force Chair

STMicroelectronics

Olivier currently serves as Senior R&D Engineer at STMicroelectronics. Within this role he has software architecture responsibilities for the NFC ecosystem and secure elements.

He joined STMicroelectronics in 2003 and since 1999 Olivier has been active in several smart card projects for banking, transport and near field communication.

Olivier joined the GlobalPlatform Board of Directors in 2017 and was appointed as GlobalPlatform Secretary / Treasurer from 2021 – 2022. He now serves as GlobalPlatform’s Vice Chair and Security Task Force Chair.

Béatrice Peirani

Crypto Sub-Task Force Chair

Thales

Dr. Beatrice Peirani is a standardization expert at Thales (former Gemalto), where her work focuses on security and cryptography.

After ten years working with AFNOR, CEN, and ETSI in the field of electronic signatures, and serving as an expert for the European Commission supporting the development of the eIDAS Regulation, Dr. Peirani is now using her expertise to support other standardization organizations. Specifically, since 2016, Dr. Peirani has served as the Chair of GlobalPlatform’s Crypto Sub-Task Force, which evaluates and recommends algorithms for industries such as banks, transportation, and governments. Her work with GlobalPlatform includes overseeing and providing expert input to the organization’s Security Task Force in the areas of cryptographic agility and post-quantum cryptography.

As an active member of the FIDO Alliance, she pushed for the definition of a new security certification methodology for mobile security software solution. She is co-chair of the FIDO Alliance’s Security & Privacy Working Group  and co-chair the organization’s Certification Working Group. She serves as a liaison between the FIDO Alliance and GlobalPlatform, including facilitating the adoption of GlobalPlatform TEE Protection Profile, as a companion program for FIDO Alliance’s Security Level L3.

Olivier Van Nieuwenhuyze

Security Task Force Chair

STMicroelectronics

Olivier joined the GlobalPlatform Board of Directors in 2017 and was appointed as GlobalPlatform Secretary / Treasurer from 2021 – 2022. He now serves as GlobalPlatform’s Vice Chair and Security Task Force Chair.

Béatrice Peirani

Crypto Sub-Task Force Chair

Thales

Dr. Beatrice Peirani is a standardization expert at Thales (former Gemalto), where her work focuses on security and cryptography.

Interested in joining the Security Task Force?

Contact Us
GlobalPlatform
Hey There!

It seems you are using an outdated browser, unfortunately this means that our website will not render properly for you. Update your browser to view this website correctly.

GOOGLE CHROME
DOWNLOAD
FIREFOX
DOWNLOAD
MICROSOFT EDGE
DOWNLOAD