Eurosmart has just published the PP-0117 protection profile, the equivalent for Secure Element IP in a SoC of the well-known PP-0084, called “Security IC Platform Protection Profile.”
Eurosmart, the voice of the digital security industry, is committed in promoting the excellence in hardware and software resistance to potential attacks. As such, the industry association builds specifications that guarantee interoperability and security across the industry. The role of a Protection Profile, as specified in the Common Criteria, is to define a set of security objectives and requirements for a category of products that covers the security needs common to several users.
The new PP-0117 version 1.5 defines the Target of Evaluation as a Secure Sub-System (3S) integrated in a System on Chip (SoC), which is the core of Tiempo Secure expertise. The new PP-0117 Protection Profile (PP) within the SOGIS (Senior Officials Group Information Systems Security) certification scheme, and its future successor, the EUCC (EU cybersecurity certification) scheme, aims to cover Secure Subsystems in SoC (System on Chip). This new PP will enable the evolution of security technologies, especially for smartphones and IoT devices.
The PP-0117 specification describes the TOE (Target of Evaluation) as a Secure Sub-System (3S) implemented as a functional block of a System on Chip (SoC). It includes a processing unit, security components, I/O ports and memories to provide a range of security functionalities covering a defined set of security objectives. The TOE provides its security features and security services isolated from the remaining SoC components, based on physical and/or logical isolation mechanisms. The TOE comprises hardware (HW), firmware (FW) and software (SW) required to provide security services and security features. Security services provided by the TOE comprise the functionality of the Root of Trust (RoT), including unique instance identification, ciphering, deciphering and generation of random numbers for confidentiality, integrity and authentication. Security features protect the data stored and processed inside the TOE, as well as support the correct operation of the security services to be provided to the SoC and the “Composite Software,” which may include parts of the OS and applications.
For more information on Eurosmart’s PP-0117 Protection Profile for Secure Sub-System in System-on-Chip (3S in SoC) : https://www.eurosmart.com/bsi-completes-evaluation-of-eurosmarts-secure-sub-system-in-system-on-chip-protection-profile-pp-0117.