Understanding GlobalPlatform Certification for Trusted Applets (TA) Development
The development of Trusted Applets (TAs) within a Trusted Execution Environment (TEE) on ARM-based platforms requires a clear understanding of the certification process, particularly when targeting specific implementations such as Qualcomm’s TEE. The GlobalPlatform certification is a critical aspect of ensuring that TAs meet industry standards for security and functionality. However, the certification process can vary depending on the scope of the development, whether it involves only the TA or extends to modifications of the underlying Trusted OS.
GlobalPlatform certification ensures that TAs operate securely within the TEE, adhering to strict guidelines that prevent unauthorized access and ensure data integrity. For developers, this means that the certification process is not just a formality but a rigorous evaluation of the TA’s design, implementation, and interaction with the TEE. The certification process typically involves a series of tests and audits conducted by accredited laboratories, which verify that the TA complies with GlobalPlatform’s specifications.
When developing TAs for Qualcomm’s TEE implementation, the certification process may involve additional steps due to the proprietary nature of Qualcomm’s TEE. Qualcomm’s TEE is built on ARM’s TrustZone technology, which provides hardware-based isolation between the secure and non-secure worlds. However, Qualcomm may have its own set of requirements and modifications to the standard ARM TEE, which could impact the certification process. Developers must be aware of these nuances to ensure that their TAs are compliant with both GlobalPlatform standards and Qualcomm’s specific requirements.
Certification Scenarios: TA Development vs. Trusted OS Modifications
The certification requirements for TAs can be broadly categorized into two scenarios: certification of the TA itself and certification of modifications made to the Trusted OS. Each scenario has its own set of challenges and requirements, which developers must navigate to achieve certification.
In the first scenario, where only the TA is being certified, the focus is primarily on the applet’s functionality and security. The TA must be designed to operate within the constraints of the TEE, ensuring that it does not expose sensitive data or create vulnerabilities that could be exploited by malicious actors. The certification process for TAs typically involves a series of functional and security tests, which verify that the applet behaves as expected and does not introduce any security flaws. These tests are conducted by accredited laboratories, which use a combination of automated tools and manual analysis to evaluate the TA.
The second scenario involves modifications to the Trusted OS, which is a more complex and involved process. In this case, the certification process not only evaluates the TA but also the changes made to the underlying Trusted OS. This is particularly relevant when developing TAs for Qualcomm’s TEE implementation, as Qualcomm may have made modifications to the standard ARM TEE that need to be taken into account. The certification process for Trusted OS modifications typically involves a more thorough evaluation, including code reviews, security audits, and extensive testing to ensure that the modifications do not introduce any vulnerabilities or compatibility issues.
For developers targeting the Chinese market, additional considerations come into play. The China Academy of Information and Communications Technology (CAICT) oversees the certification process for TEE implementations in China. Developers must work closely with CAICT-accredited laboratories to ensure that their TAs and Trusted OS modifications meet the specific requirements for the Chinese market. This may involve additional testing and documentation, as well as compliance with local regulations and standards.
Navigating the Certification Process for Qualcomm TEE Implementations
Navigating the certification process for TAs on Qualcomm’s TEE implementation requires a thorough understanding of both GlobalPlatform standards and Qualcomm’s specific requirements. The process can be broken down into several key steps, each of which must be carefully managed to ensure successful certification.
The first step in the certification process is to define the scope of the certification. This involves determining whether the certification will cover only the TA or if it will also include modifications to the Trusted OS. Once the scope is defined, developers must prepare the necessary documentation, including design specifications, security assessments, and test plans. This documentation is critical for the certification process, as it provides the basis for the evaluation conducted by the accredited laboratory.
Next, developers must implement the TA and any necessary modifications to the Trusted OS. This involves writing the code for the TA, integrating it with the TEE, and ensuring that it operates securely within the TEE. Developers must also ensure that the TA is compatible with Qualcomm’s TEE implementation, taking into account any proprietary modifications that Qualcomm may have made to the standard ARM TEE.
Once the TA and Trusted OS modifications are implemented, developers must conduct a series of internal tests to verify that the TA functions as expected and does not introduce any security vulnerabilities. These tests should cover both functional and security aspects, including boundary conditions, error handling, and resistance to common attack vectors. The results of these tests should be documented and included in the certification submission.
After internal testing is complete, developers must submit the TA and Trusted OS modifications to an accredited laboratory for evaluation. The laboratory will conduct a series of tests and audits to verify that the TA and Trusted OS modifications comply with GlobalPlatform standards and Qualcomm’s specific requirements. This may involve both automated and manual testing, as well as a review of the documentation provided by the developers.
If the TA and Trusted OS modifications pass the laboratory evaluation, the next step is to obtain certification from GlobalPlatform. This involves submitting the test results and documentation to GlobalPlatform, which will review the submission and issue the certification if all requirements are met. Once certified, the TA can be deployed on Qualcomm’s TEE implementation, with the assurance that it meets industry standards for security and functionality.
For developers targeting the Chinese market, additional steps may be required. This includes working with CAICT-accredited laboratories to ensure that the TA and Trusted OS modifications meet the specific requirements for the Chinese market. This may involve additional testing and documentation, as well as compliance with local regulations and standards. Developers must also be prepared to address any issues or concerns raised by the CAICT during the certification process.
In conclusion, the certification process for Trusted Applets on ARM-based TEE implementations, particularly Qualcomm’s TEE, is a complex and involved process that requires careful planning and execution. Developers must be aware of the specific requirements for both GlobalPlatform certification and Qualcomm’s TEE implementation, as well as any additional requirements for the Chinese market. By following the steps outlined above, developers can navigate the certification process successfully and ensure that their TAs are secure, functional, and compliant with industry standards.
