News
GlobalPlatform Updates TEE Initial Configuration and Launches Compliance and Security Test Suites
August 2016 by Marc Jacob
GlobalPlatform has published updates to its Trusted Execution
Environment (TEE) Initial Configuration v1.1 and Test Suite v2.0 for functional
compliance and in parallel has launched a Security Test Suite. Together these will
enhance TEE interoperability and security and make it easier for TEE vendors to
ensure compliance against GlobalPlatform’s Device Specification.
The TEE is a secure area of the main processor in a smart phone (or any connected
device) that ensures sensitive data is stored, processed and protected in an
isolated, trusted environment. The technology offers protection against software
attacks, assists in the control of access rights and houses sensitive applications.
The Initial Configuration v1.1 and accompanying functional compliance Test Suite
v2.0 have been updated in response to the latest feedback from the TEE testing and
compliance ecosystem which is working on live implementations. The updated TEE
Initial Configuration v1.1 describes common implementation requirements of core
features of the GlobalPlatform Device Specification. It includes refinements to
features including the internal core and the client specification.
The functional compliance Test Suite v2.0 sets the basis for a minimum but mandatory
level of interoperability. This new test suite and its associated qualified test
tools have been tested in both Android and Linux environments to extend the scope of
the TEE qualification, to support new types of device and to enhance
interoperability.
The parallel launch of the new TEE Security Test Suite enables vendors to confirm
the security of their TEE products as measured against the organization’s TEE
Protection Profile<http://www.globalplatform.org/speci...>
, through
independent security evaluation. It provides a defined set of tests that detect
product vulnerabilities and it also incorporates a module that automates testing,
thus accelerating and simplifying the testing process for security laboratories and
reducing the time required to achieve certification. This enables vendors to carry
out security testing during development, allowing them to use the same qualified
test tools to automate both security and compliance testing.
These activities emphasize both security and compliance as part of GlobalPlatform’s
drive to ensure a standardized level of security for embedded applications on secure
chip technology. This is particularly important in use sectors such as Internet of
Things, premium content protection and in particular mobile authentication, where
the TEE is able to manage both user and back office authentication.
