specification

GlobalPlatform standardises secure OS and firmware loading on secure elements

By Zenobia Hegde

GlobalPlatform, the standard for secure digital services and devices, has published its Open Firmware Loader for Tamper Resistant Elements (OFL). The free specification standardises how secure element (SE) firmware – combining the secure operating system (OS), applications and data – can be remotely loaded and managed onto a SE such as SIM, embedded SE or eUICC / eSIM, or integrated SE even after a device has been issued.

This ensures that the device’s longevity is no longer impacted by the lifecycle of the SE, and opens up a range of new use cases like in-field OS and firmware provisioning, device refurbishment, backup / restoration of the SE and the secure transfer of a customer profile to a new device. With the OFL security scheme, handset manufacturers, service providers and firmware implementers can build a new privacy-by- design ecosystem where services can be securely deployed and updated on connected devices.

“The growth of embedded SEs is driving the development of new solutions as, previously, there has not been a standardised way to load the OS to an eUICC after the smartphone has been produced,” says Gil Bernabeu, technical director of GlobalPlatform.

“With the OFL protocol, the selection of an OS can be delayed until the device reaches its destination. So, if a smartphone is manufactured in one country, for example in China, a country-specific OS can be loaded to the eSIM or integrated SE once it reaches France, or the U.S. What’s great is that this also brings greater flexibility further down the line.

Smartphones, connected cars or any other device with an embedded or integrated SE often have more than one owner during their lifecycle. OFL ensures a new OS can replace an existing one and, importantly, a personalised OS and its services can be securely transferred to a new device.”

The OFL protocol enables the industry to:

Distribute generic and blank (no firmware/operating system) embedded hardware featuring a standardized loading mechanism. This enables firmware from various developers to be loaded, with policy enforcement, after the issuance of the device.
Solve the logistical challenge of distributing devices to fragmented markets with low volume.
Distribute new firmware once the device has been issued to address additional use cases.
Mitigate the challenges of loading firmware containing diversified data into embedded hardware during manufacturing.
Use a standardised loader, shared between multiple silicon makers, allowing firmware implementers to produce loadable OSs.
Ensure perfect forward secrecy and confidentiality between firmware makers easing compliancy with the latest data regulations (GDPR).

The publication of the OFL is the first output of GlobalPlatform’s new Fast Track Process. The initiative enables members to bring forward mature technologies for standardisation via an expedited process to more rapidly answer the needs of the market.

“GlobalPlatform technology gives service providers and device manufacturers the means to interact seamlessly when deploying secure digital services, regardless of market or device type. The resulting collaboration makes the mass marketing of secure digital services possible, while bringing time and cost efficiencies to stakeholders within the ecosystem,” concludes Gil.

Comment on this article below or via Twitter: @IoTNow_OR @jcIoTnow

The post GlobalPlatform standardises secure OS and firmware loading on secure elements appeared first on IoT Now – How to run an IoT enabled business.

Read more here:: www.m2mnow.biz/feed/

OSPT Alliance to develop CIPURSE™terminal specifications

By Zenobia Hegde

OSPT Alliance, the global community advancing a non-proprietary standard CIPURSE for secure transit fare collection solutions, has launched a System Integration Sub-Working Group to create a dedicated CIPURSE Specification and guidelines for terminals and readers. The work will enable any terminal, or a reader implementing application logic, to communicate and seamlessly interoperate with any CIPURSE-based card or account using the common language of CIPURSE.

The development of terminal requirements is in direct response to demand from reader and terminal manufacturers who want a secure, non-proprietary, hardware agnostic and globally interoperable messaging standard on which ticketing terminals can be developed. This activity also reflects OSPT Alliance’s efforts to support the full ticketing ecosystem.

OSPT Alliance is inviting reader and terminal manufacturers, and system integrators to join its existing community and ensure their needs are addressed.

Laurent Cremer, executive director of the OSPT Alliance, said: “The ticketing market is evolving to offer new ways to purchase tickets and validate your journey, such as account-based ticketing and a range of different mobile ticketing use cases. A ticketing kernel is no longer necessarily embedded in the terminal or reader, and system partitioning may vary across automatic fare collection systems and evolve over time.”

“OSPT Alliance recognises that as the market continues to innovate, we must ensure that the system is saleable to support new form factors and applications. The System Integration Sub-Working Group will achieve this by specifying a non-proprietary API, which will be managed long-term by an open community, so it can evolve in line with market needs.”

The group will define and publish the minimum requirements for terminals interacting with CIPURSE products in early 2018. The CIPURSE Certification Program will then be updated to incorporate the certification of terminals.

Cremer concludes: “To realise our mission of supporting the full ticketing ecosystem, it is vital that we can independently validate that the communication of a terminal is compliant with the CIPURSE specifications and will perform as intended with CIPURSE certified products.”

To participate in this work initiative, a company must be a Full or Affiliate OSPT Alliance Member. Membership is open to system integrators, as well as reader and terminal manufacturers, active within the contactless market (for example transit, loyalty and access control).

If you would like more information on this or any of the working groups, or are interested in becoming a member please click here.

Comment on this article below or via Twitter: @IoTNow_OR @jcIoTnow

The post OSPT Alliance to develop CIPURSE™terminal specifications appeared first on IoT Now – How to run an IoT enabled business.

Read more here:: www.m2mnow.biz/feed/

Teledyne LeCroy Inc and Spirent Communications partner for PAM4 generation and analysis

By Zenobia Hegde

Teledyne LeCroy, and Spirent Communications, the global providers in Ethernet and Fibre Channel test and measurement solutions, announced the industry’s first Ethernet generation and test solution for developers of Pulse Amplitude Modulation (PAM4) networks.Spirent and Teledyne LeCroy have created the QSFP28 to SFP56 single w/PTAP adapter, an exclusive PAM4 adapter allowing design and test engineers the ability to source, synchronise, capture, and analyse PAM4 signaling for emerging IEEE 802.3cd-based applications.

PAM4 signaling enables higher throughput Ethernet connections to support the growing need for data storage and communications speeds. These higher signaling rates require increased attention to intricacies of establishing and maintaining robust and healthy link connections. Spirent TestCenter generates IEEE compliant 50GbE traffic for exercising these new Ethernet links. Teledyne LeCroy’s SierraNet analyser captures and decodes the traffic which is ported via the QSFP28 to SFP56 single w/PTAP adapter module.

Early adopters of the IEEE 802.3cd for 50GbE Ethernet transactions need generation and analysis tools to ensure their designs are specification compliant. Spirent and Teledyne LeCroy offer best-in-class solutions to ensure Network Equipment Manufacturers (NEMs) new products meet customer expectations of operation and conformance.

The NEMs reliance on the Test and Measurement community is increasing, as homegrown tools are not up to the task. This relationship allows Teledyne LeCroy and Spirent to focus on their core strengths, keep pace with market needs, and offer leading edge tools, which are paramount to successful Ethernet product deployments.

To learn more about PAM4, download our white paper here.

Comment on this article below or via Twitter: @IoTNow_OR @jcIoTnow

The post Teledyne LeCroy Inc and Spirent Communications partner for PAM4 generation and analysis appeared first on IoT Now – How to run an IoT enabled business.

Read more here:: www.m2mnow.biz/feed/

G+D Mobile Security and Senet are partnering to strengthen LoRaWAN security

By Zenobia Hedge

G+D Mobile Security and Senet Inc. plan to cooperate to strengthen security of LoRaWAN connectivity across the whole IoT ecosystem. The collaboration between the two companies provides a full integration of G+D Mobile Security’s Key Management System (KMS) with Senet’s global LoRa®-based networks.

This results in a flexible and secure cloud-based provisioning solution which enables the necessary levels of security required for various use cases, ensuring a reliable and robust infrastructure for global IoT deployments. G+D Mobile Security’s KMS solution provides security with efficient scaling from initial implementations through mass rollouts based on hardware protection.

The HSM (Hardware Security Module) appliance ensures long term LoRa key protection in the infrastructure and increases reliability and robustness. With the joint solution, device vendors and solution vendors can now provision one set of security credentials in their end device at the time of manufacture and deploy it confidently anywhere in the world.

LoRaWAN is a Low Power Wide Area Network (LPWAN) specification intended for wireless battery-operated devices in regional, national or global networks. LoRaWAN enables new opportunities and connectivity options for applications that require low power consumption and low bandwidth.

At the same time, the massive growth in connected devices increases the risk of cyber-attacks. G+D Mobile Security protects both LoRaWAN end-devices with end-to-end IoT security solutions – from onboarding, secure key provisioning, identification, and data transmission to device lifecycle management.

The entire network infrastructure is protected by integrating keys securely into the endpoints. Endpoints then connect securely to a LoRaWAN network, and the application data can be only read by the application provider. This mechanism significantly increases the protection against different cyber-attacks intending to tamper with the data or the network.

Dave Kjendal

The joint solution enables IoT system providers to protect LoRaWAN endpoints, while meeting cost requirements for the different use cases. LoRaWAN service providers, application enablers and equipment manufacturers can reduce their liability and security risk exposure by applying key management and security technologies.

“This cooperation between G+D Mobile Security and Senet helps IoT solution providers and enterprises to easily integrate security and avoid flaws during the whole lifecycle of LoRaWAN equipment, starting from when they are produced,” stated Bernd Müller , head of Product Management at G+D Mobile Security.

“Security is a critical element of any communication technology and with the hyperconnected world of the Internet of Things, everything about data security and data privacy becomes that much more important,” said Dave Kjendal, CTO for Senet. “Our Partnership with G+D Mobile Security helps ensure device makers, solution providers and end users are following best practices that simply and cost-effectively address the complex security challenges of deploying IoT at massive scale.”

G+D Mobile Security will be demonstrating this integration with Senet at the LoRa Alliance All Members Meeting Open House and Marketplace in Suzhou, China, October 18-19 and at their booth #414 at the Competitive Carriers Association Annual Convention in Fort Worth, Texas, October 25-27.

Comment on this article below or via Twitter: @IoTNow_OR @jcIoTnow

The post G+D Mobile Security and Senet are partnering to strengthen LoRaWAN security appeared first on IoT Now – How to run an IoT enabled business.

Read more here:: www.m2mnow.biz/feed/

Enterprise-grade Smart router & sensor hub Linxs launched

Linxs is an enterprise-grade mobile router and customizable sensor hub. The router combines ‘things-based’ connectivity solutions with IoT analytics dashboard. It comes integrated with LTE, dual-radio dual-band Wi-Fi, Ethernet and Bluetooth connectivity. The router-cum-hub is built on open-source software based on Linux OS and OpenWRT.

Mobile Router and Sensor Hub

Major use cases of the product are remote workforce connectivity, remote device management, smart home office, sales and advertising through sponsored Wifi to customers, vehicle & driver connectivity, and M2M connecitivty by embedding into vending machines, ATMs, and other equipment.

Linxs comes with built-in sensors such as Gyro/vibration, temprature, humidity, sound (DB), proximity, and light sensors. Additional sensors can be attached via USB, BLE and Wi-Fi connectivity.

The mart router can be used both as a primary connection or as failover to 4G connectivity. “The Linxs Service Platform includes software that runs both in the cloud and on the Linxs device”, reads one of the router’s technical specification documets. An added advantage for enterprises is that they can install extra software, apps, and sensors on Linxs. A detiled feature list and technical documentation for the device can be accessed here.

IoT Gateway Guide can be accessed to assess which gateway technology is best suited to serve your IoT deployment.

Read more here:: feeds.feedburner.com/iot