GlobalPlatform standardises secure OS and firmware loading on secure elements
GlobalPlatform, the standard for secure digital services and devices, has published its Open Firmware Loader for Tamper Resistant Elements (OFL). The free specification standardises how secure element (SE) firmware – combining the secure operating system (OS),applications and data – can be remotely loaded and managed onto a SE such as SIM, embedded SE or eUICC / eSIM, or integrated SE even after a device has been issued.
This ensures that the device’s longevity is no longer impacted by the lifecycle of the SE, and opens up a range of new use cases like in-field OS and firmware provisioning, device refurbishment, backup / restoration of the SE and the secure transfer of a customer profile to a new device. With the OFL security scheme, handset manufacturers, service providers and firmware implementers can build a new privacy-by- design ecosystem where services can be securely deployed and updated on connected devices.
“The growth of embedded SEs is driving the development of new solutions as, previously, there has not been a standardised way to load the OS to an eUICC after the smartphone has been produced,” says Gil Bernabeu, technical director of GlobalPlatform.
“With the OFL protocol, the selection of an OS can be delayed until the device reaches its destination. So, if a smartphone is manufactured in one country, for example in China, a country-specific OS can be loaded to the eSIM or integrated SE once it reaches France, or the U.S. What’s great is that this also brings greater flexibility further down the line.
Smartphones, connected cars or any other device with an embedded or integrated SE often have more than one owner during their lifecycle. OFL ensures a new OS can replace an existing one and, importantly, a personalised OS and its services can be securely transferred to a new device.”
The OFL protocol enables the industry to:
- Distribute generic and blank (no firmware/operating system) embedded hardware featuring a standardized loading mechanism. This enables firmware from various developers to be loaded, with policy enforcement, after the issuance of the device.
- Solve the logistical challenge of distributing devices to fragmented markets with low volume.
- Distribute new firmware once the device has been issued to address additional use cases.
- Mitigate the challenges of loading firmware containing diversified data into embedded hardware during manufacturing.
- Use a standardised loader, shared between multiple silicon makers, allowing firmware implementers to produce loadable OSs.
- Ensure perfect forward secrecy and confidentiality between firmware makers easing compliancy with the latest data regulations (GDPR).
The publication of the OFL is the first output of GlobalPlatform’s new Fast Track Process. The initiative enables members to bring forward mature technologies for standardisation via an expedited process to more rapidly answer the needs of the market.
“GlobalPlatform technology gives service providers and device manufacturers the means to interact seamlessly when deploying secure digital services, regardless of market or device type. The resulting collaboration makes the mass marketing of secure digital services possible, while bringing time and cost efficiencies to stakeholders within the ecosystem,” concludes Gil.