Workshop Overview

GlobalPlatform, in collaboration with Oracle, is pleased to host a Secure Element (SE) for IoT Workshop on Thursday 27 February in Nuremberg, Germany. The workshop is conveniently scheduled at a time and location that will benefit those attending Embedded World, giving delegates within the embedded community an attractive extension to their business travel.

The one-day sponsor-supported workshop will offer insight into standardized and readily available security frameworks and component technologies necessary to build trust into IoT development and deployment.

This workshop will be of greatest interest to program / project managers, security experts, product suppliers, technical consultants, developers, systems integrators and all others who are also involved with deployment and use of secure IoT devices.

Space is limited for this free-to-attend workshop. Register now to avoid disappointment!

Workshop Agenda

  • Registration – 8:30 – 9:00 am
  • Workshop – 9:00 am – 5:00 pm

The workshop agenda is built around three principle topics: the Secure Element (SE) itself, the SE for IoT and finally, use cases and demonstrations. Subject matter experts will present the material and be available throughout the day to address questions and network with delegates in attendance.

Welcome from GlobalPlatform and Oracle

GlobalPlatform will offer a brief presentation to provide insight into the session and its main objectives. Oracle will follow with a brief presentation on the Java Card market, with an emphasis on the role of the technology for IoT.


  • Gil Bernabeu, Technical Director, GlobalPlatform
  • Calinel Pasteanu, Sr. Director Java Card, Oracle

Workshop part one: SE

GlobalPlatform SE Overview

This session will explore the GlobalPlatform Card (SE) Framework and explain how applications with different security requirements can share the same secure component without impacting market interoperability or restricting application functionality, by isolating the service.


  • Gil Bernabeu, Technical Director, GlobalPlatform

Java Card Overview

This session will explore how Java Card technology, as an open and standards-based application engine, delivers security and connectivity services to suppliers of IoT devices and solutions. It will show how Java Card boosts compliance and certification processes and offers seamless deployment of services on a variety of secure hardware platforms.


  • Nicolas Ponsini, Java Security Business Development, Oracle

Workshop part two: SE for IoT

GlobalPlatform SE for IoT

This session will explore the specificities of the GlobalPlatform Card (SE) Framework for integration into IoT devices, especially the recently released SPI / I2C communication protocol and GlobalPlatform IoT configuration.


  • Gil Bernabeu, Technical Director, GlobalPlatform

Java Card for IoT

This session will explore the newly introduced Java Card 3.1 features specifically designed for the IoT market, including extended cryptography, time management, new I/O for trusted peripherals access and more.


  • Nicolas Ponsini, Java Security Business Development, Oracle

Workshop part three: use cases and demonstrations

This final part of the workshop will focus on use cases that expose IoT security and implementation problems, and how the SE is used to resolve them. For many of these cases, a demonstration and / or source code explanation will be shared.

Multi-cloud authentication and secure communication using Java Card

Securing communication between IoT devices and IoT cloud services is critical to building a trusted IoT environment. This demonstration explains how a Java Card-based SE is used to secure the communication between a device and multiple IoT cloud platforms. Java Card and GlobalPlatform technologies offer the capability to update and upgrade the security scheme. They also simplify the repurposing of a device to migrate to another cloud solution.


  • Cristian Toma, Java Card Engineer, Oracle
  • Vlad Petrovici, Java Card Engineer, Oracle

Onboarding technologies – DLOA and MUD files

During secure device onboarding and / or application deployment, specific capabilities of the device are needed, such as network demand or certification supported. A Digital Letter of Approval (DLOA) allows access to a list of certificates within a secure component and checks if the certification is available for the specific service requested. Similarly, Manufacturer Usage Description (MUD) is an embedded software standard defined by the IETF that allows IoT device makers to advertise device specifications, including the intended communication patterns for their device when it connects to the network.


  • Bastien Lacoste, SE Technical Expert, GlobalPlatform

Device connectivity based on SIM application engine

SIM is a GlobalPlatform based Secure element defined in ETSI and 3GPP and also the only standard component in all cellular mobile connected IoT devices, making them the perfect host for mass deployed IoT service management tools. Able Device will demonstrate how its SIMbae a light-weight applet can be used to enable a standard SIM to securely host and execute a smart infrastructure application without the need for the device to have a discrete application processor. This solution reduces costs and power requirements, while enhancing security, standardization, and device lifecycle management.


  • Roger Dewey, CEO, Able Device

GSMA IoT SAFE – Robust and Effective IoT Security at Scale

IoT SAFE (IoT SIM Applet For Secure End-2-End Communication), which has been developed by the mobile industry, enables IoT device manufacturers and IoT service providers to leverage the SIM as a robust, scalable and standardized hardware Root of Trust for IoT solutions – rather than proprietary security mechanisms which can increase cost, workload and complexity.


  • Ijaz Khan, Product Manager Trusted Digital Identity, Thales, on behalf of GSMA / SIMalliance

Tamper-resistant platform supporting multiple independent OS

Today’s smart devices are more and more connected and increasingly embed multiple secure functions such as SIM/eSIM connectivity, secure transactions or device protection features. Traditionally, these functions were merged in a single chip and operating system, which resulted in an optimized price and bill of materials (BoM) for the OEM.
New Tamper-Resistant Element platform offers OEMs using independent certified operating systems an innovative solution to meet their own application targets using a single chip.


  • Olivier Van Nieuwenhuyze, Senior R&D Engineer, STMicroelectronics


On-boarding a new device requires checking device identity and its capabilities (e.g. device identifier, software state, debug status, security level as examples). GlobalPlatform has defined an Entity Attestation Token (EAT) as well as the protocol for a device to securely process and export a set of claims contained in the EAT.

This demonstration shows an attestation service running as a Java Card application in an SE. The service processes attestation requests, builds, signs and exports an EAT corresponding to the requested claims. The EAT is then verified by a cloud service that can decide to on-board or not to on-board the device depending on its policy.


  • Cristian Toma, Java Card Engineer, Oracle
  • Vlad Petrovici, Java Card Engineer, Oracle

Workshop wrap-up and adjourn

Workshop Speakers

Delegates attending the SE IoT Workshop will learn from some of the industry’s foremost experts on securing digital services and devices.

Speakers you will hear from include:

Mr. Bernabeu is the Technical Advisor for the Standardization and Technology Department at Thales. In this role, he supports Thales’s marketing and product groups to deploy trusted and convenient digital services.

Mr. Bernabeu was elected as GlobalPlatform’s Technical Director in 2005. His main role is to drive forward the development of GlobalPlatform’s specifications to deploy secure services. Mr. Bernabeu also acts as GlobalPlatform’s central technical liaison point, coordinating the efforts of the organization’s three technical committees – Secure Element (SE), Trusted Execution Environment (TEE) and Trusted Platform Services (TPS) – and the GlobalPlatform Task Forces with external partners.

Nicolas Ponsini M.Sc. & CISSP is a seasoned security solutions architect at Oracle. His technical expertise and customer relationships experience are gathered to serve Java and Internet of Things Oracle products. In the past 20 years, he successfully defined, designed, developed and sold security solutions targeting major players in embedded platforms and cloud services. He is an expert in Security, Cryptography and IoT and succeeded in several cutting edge realizations with major players in trusted computing domains. He owns several patents in related areas.

Calinel Pasteanu is Senior Director SW Development at Oracle responsible for Java Card. He holds several software patents and has a Licentiate degree in Physics. After working for Siemens in several telecommunication business units where he also managed the Technology & Innovation SW department of Siemens Mobile, moved to Sun Microsystems and then to Oracle Germany, based in Munich. Calinel has made several contributions in the area of standardization. He served as Vice Chair of the Software Defined Radio Forum, as member of the OSGI Board of Directors, member of the DVB Board of Directors, member of the JCP Executive Committee, and is involved in several standardization organizations e.g. ETSI, GlobalPlatform, Java Card Forum, etc

Cristian Toma is Senior Software Engineer at Oracle – Java Platform Group organization, member of Bucharest-Romania team within Java Card and Embedded Security Technology field. He has over 17 years of experience with IT technologies and he is member of IEEE and Global Platform since 2014. His work focuses on the Cyber Security, Java Card, IoT – Internet of Things, Crypto Blockchain, eMbedded and Mobile applications development/computing, Cloud / Fog / Infrastructures Distributed and Parallel computing, Artificial Intelligence/Machine Learning and computational cryptography.

Vlad Petrovici M.Sc is from Bucharest – Romania where he works as an Senior Software Engineer at Oracle. He has over 13 years of experience with various technologies used in the Java and Internet of Things Oracle products with a focus in Security for Embedded Systems and Data Analytics. He utilizes his programming knowledge as well as understanding to implementing the right solutions for the Java Card platform.

An internationally recognized leader in the emerging growth areas of the Internet of Things (IoT) and machine-to-machine (M2M) communications, Roger Dewey is the Founder and CEO of Able Device. His experience in M2M and IoT technology began in the late 1990s when he held senior executive level positions at Ericsson. Since then Dewey held senior executive level positions in the industry at Sony Ericsson and Telit Wireless Solutions before founding Able Device.

Mr. Van Nieuwenhuyze currently serves as Senior R&D Engineer at STMicroelectronics. Within this role he has software architecture responsibilities for the NFC ecosystem and secure elements.

He joined STMicroelectronics in 2003 and since 1999 Mr. Van Nieuwenhuyze has been active in several smart card projects for banking, transport and near field communication.

Mr. Van Nieuwenhuyze joined the GlobalPlatform Board of Directors in 2017.

Workshop Sponsors

The SE for IoT Workshop is made possible by the generosity of the following sponsors.


Oracle, headquartered in California, provides more than 430,000 customers in 175 countries with enterprise cloud computing solutions, including software as a service, platform as a service, infrastructure as a service, and data as a service. The company’s application suites, platforms, and infrastructure leverage the latest technologies and emerging ones, such as artificial intelligence (AI), machine learning, blockchain, and Internet of Things (IoT).

Oracle has more than 138,000 employees globally, including 40,000 developers and engineers and 19,000 implementation consultants, and holds more than 17,000 patents worldwide.

GlobalPlatform-based solutions:

Oracle licenses Java Card(TM) technology to original equipment manufacturers (smart card, chip or software vendors) and their partners across several industries. The applet interoperability provided by Java Card technology allows card issuers to mix and match third-party applications, including standard payment, stored value, computer authorization, data management, and many more. The Java Card platform is the leading technology for multi-application smart cards with over 2 billion cards shipped. It is compatible with international standards for smart cards such as ISO7816, or EMV. Major industry-specific standards such as GlobalPlatform and ETSI refer to Java Card technology.


STMicroelectronics first came to market in 1987 under the name SGS-THOMSON Microelectronics before becoming STMicroelectronics in 1998. The company is headquartered in Geneva and now operates in over 35 countries, with 11 main manufacturing sites and over 7,500 employees committed to R&D.

The company develops and delivers semiconductor solutions that span the spectrum of microelectronics applications and is now one of the largest semiconductor companies in the world. Its product portfolio includes discrete and standard commodity components, ASICs, full custom devices and semi-custom devices, and application-specific standard products that are today powering the IoT and smart driving markets.

A combination of silicon and system expertise, manufacturing strength, intellectual property (IP) portfolio and strategic partners positions the company at the forefront of system-on-chip (SoC) technology and its products play a key role in enabling today’s convergence markets.

Able Device is a provider of technology for Mobile Network Operators (MNOs), IoT service providers, and OEMs. Its flagship product SIMbae™ (short for “SIM based application engine”) enables hosting of IoT device controls and applications on standard SIMs and UICCs.

Travel & Venue

Thursday, 27 February 2020

Novotel Nuernberg Messezentrum Hotel
Nuremberg, Germany

Hotel & Event Location

Novotel Nuernberg Messezentrum Hotel

Muenchener Strasse 340
90471 Nuremberg, Germany

Hotel website

Limited Seating

Seating for this workshop is limited. In order to avoid disappointment, please register now.

As seating is limited, we politely request you inform the GlobalPlatform Secretariat should you be unable to attend after registering.

Visa Assistance

If you require a travel visa, please contact with the following information:

  • Given Name
  • Surname
  • Company
  • Gender
  • Country of Passport
  • Passport Number
  • Date of Passport Issuance
  • Date of Passport Expiration
  • Country of Residence
  • Travel Begin Date
  • Travel End Date

To register for the Workshop

Hey There!

It seems you are using an outdated browser, unfortunately this means that our website will not render properly for you. Update your browser to view this website correctly.