GlobalPlatform has published two new standards designed to provide chip, device and firmware developers with an open, standardized way to load and manage firmware in a secure and isolated area of a device’s system-on-a-chip (SoC).
“The ability to integrate a tamper-resistant hardware platform in a SoC offers a new universal form factor to host and execute secure digital services, while supporting the high level of security and tamper-resistance achieved by today’s secure elements,” GlobalPlatform says.
“We believe that this technology will bring value both to manufacturers and service providers, creating new opportunities for device connectivity like 5G and NB-IoT, device design and secure service management,” adds Kevin Gillick, the digital security industry association’s executive director.
“Integration of a tamper-resistant platform is a recent feature of SoC technology, which brings new opportunities and challenges,” explains technical director Gil Bernabeu.
“For example, with these new SoCs, data in the secure memory may not remain when the device is switched off, so a standardized mechanism is needed to securely reload the sensitive data when the device restarts.
“In parallel, the tamper-resistant platform in a SoC must meet the required security levels and offer the same security services as today’s secure elements to provide standardized services to service providers.”
The two new specifications published by GlobalPlatform are designed to address these issues and are both freely available to download:
- Open Firmware Loader (OFL) standardizes how firmware can be loaded and managed in the tamper-resistant hardware platform.
- Virtual Primary Platform (VPP) defines the security services running on the tamper-resistant platform, called a Virtual Primary Platform (VPP). This then allows developers to build secure solutions and deploy them across a variety of products.