GlobalPlatform Updates TEE Initial Configuration and Launches Compliance and Security Test Suites

August 15, 2016

Further enhances TEE security, compliance and interoperability

GlobalPlatform has published updates to its Trusted Execution Environment (TEE) Initial Configuration v1.1 and Test Suite v2.0 for functional compliance and in parallel has launched a Security Test Suite. Together these will enhance TEE interoperability and security and make it easier for TEE vendors to ensure compliance against GlobalPlatform’s Device Specification.

The TEE is a secure area of the main processor in a smart phone (or any connected device) that ensures sensitive data is stored, processed and protected in an isolated, trusted environment. The technology offers protection against software attacks, assists in the control of access rights and houses sensitive applications.

The Initial Configuration v1.1 and accompanying functional compliance Test Suite v2.0 have been updated in response to the latest feedback from the TEE testing and compliance ecosystem which is working on live implementations. The updated TEE Initial Configuration v1.1 describes common implementation requirements of core features of the GlobalPlatform Device Specification. It includes refinements to features including the internal core and the client specification.

The functional compliance Test Suite v2.0 sets the basis for a minimum but mandatory level of interoperability. This new test suite and its associated qualified test tools have been tested in both Android and Linux environments to extend the scope of the TEE qualification, to support new types of device and to enhance interoperability.

The parallel launch of the new TEE Security Test Suite enables vendors to confirm the security of their TEE products as measured against the organization’s TEE Protection Profile, through independent security evaluation. It provides a defined set of tests that detect product vulnerabilities and it also incorporates a module that automates testing, thus accelerating and simplifying the testing process for security laboratories and reducing the time required to achieve certification. This enables vendors to carry out security testing during development, allowing them to use the same qualified test tools to automate both security and compliance testing.

These activities emphasize both security and compliance as part of GlobalPlatform’s drive to ensure a standardized level of security for embedded applications on secure chip technology. This is particularly important in use sectors such as Internet of Things, premium content protection and in particular mobile authentication, where the TEE is able to manage both user and back office authentication.

“The standardized TEE is key in meeting the market’s need for greater device security. Feedback from live implementations is invaluable to enhance the specifications and streamline the testing process. GlobalPlatform’s goal is to accelerate the deployment of certified TEE products and promote a globally interoperable, secure connected device ecosystem, which enables service providers to confidently and effectively manage risk.” said Gil Bernabeu, Technical Director of GlobalPlatform.

“The testing of the functional compliance TEE Test Suite v2.0 and its associated test tools in the Linux environment is particularly important because it promotes the deployment of certified TEE products into the Internet of Things market where Linux is widely used,” Bernabeu added.
Visit the GlobalPlatform website to view the full list of qualified laboratories for TEE testing and certification.


Categorised in: