Adoption of GlobalPlatform’s IoT security evaluation standard

GlobalPlatform’s Security Evaluation Standard for IoT Platforms (SESIP) methodology has been adopted as the basis for a European Standard (EN) by the European Committee for Standardisation, CEN and CENELEC. The standard is working to help the IoT ecosystem address regulatory fragmentation and better understand, deploy and explain security.

“This is all about raising the bar for IoT security,” comments Eve Atallah, GlobalPlatform SESIP Sub-Task Force Chair. “Security in IoT is a problem as a myriad of national and regional regulations have emerged in recent years. We are asking device makers and non-security experts to firstly identify relevant security requirements, implement technology to address them and then demonstrate the security features of their products. This is complex, costly and unsustainable.”

Value for all IoT stakeholders

The World Economic Forum (WEF) reported in 2022 that cybersecurity threats have increased by over 358% in recent years, outpacing societies’ ability to effectively prevent or respond to them. A year on the challenge persists, with WEF noting cybersecurity as a constant concern and listing as a top 10 global risk for 2023.

The SESIP methodology provides a standardised approach for evaluating IoT security implementations, tailored to the unique requirements and challenges of the evolving ecosystem. The methodology has analyzed and mapped regulatory and industry requirements from leading organizations such as ENISA, ETSI, IEC and NIST. The IoT community therefore has a single, accessible reference point for assessing IoT cybersecurity in line with these and other requirements, reducing fragmentation, complexity and cost from security certification processes for stakeholders.

Additionally, the SESIP methodology also supports composition and reuse of certificates. This enables previously certified components to be used to build a device with in-built security assurances, without having to repeat a complete evaluation of the same component in each and every targeted market. This drives greater efficiency, security, innovation, and cost-savings across the certification process.

Importantly, both national and private certification bodies are creating and managing certification schemes based on the SESIP methodology. One recent example is Taiwan where the methodology is being assessed by the Institute for Information & Industry.

A rapidly growing ecosystem

SESIP has rapidly grown into an internationally recognised standard for security evaluation, supported by a large community of security providers, industry bodies, security laboratories and other stakeholders.

The GlobalPlatform community is responsible for maintaining the methodology, enforcing a governance model with an associated quality brand between CBs, product vendors and laboratories. The longstanding certification body (CB) TrustCB has already licensed 10 laboratories and certified 28+ products from industry-leading companies including Amazon Web Services, Microchip Technology, STMicroelectronics, NXP Semiconductors, Renesas, Secure Thingz, Silicon Labs, Trusted Objects and Winbond Electronics Corporation. Most recently, SGS Brightsight CB has joined the program to become a GlobalPlatform SESIP CB.

The methodology is also already recognized and referenced by bodies including PSA Certified, National Institute of Standards & Technology (NIST) and Car Connectivity Consortium (CCC).

Simplifying & strengthening IoT security through standardization

“SESIP is a result of the expertise of the GlobalPlatform community and its work to drive more cybersecurity into IoT devices without adding complexity,” adds Gil Bernabeu, GlobalPlatform CTO. “By giving stakeholders a single point of reference for IoT cybersecurity, regardless of their security expertise, we can collectively raise the bar for security. When everyone can understand, better decisions can be made faster. When better security decisions are made, confidence both within industry and among end users grows. We believe in a digital society, but that goal is only achievable if we have trust in digital devices and services. Standardization, evaluation and certification are fundamental to this trust.”

More than 200,000 experts from industry, associations, public administrations, academia, and societal organizations are involved in the CEN and CENELEC network, that reaches over 600 million people in 34 countries. The development of a European Standard is based on the so-called National Delegation Principle and is governed by the principles of consensus, openness, transparency, national commitment and technical coherence.

“CEN and CENELEC, as two of the officially recognised European Standardization Organisations (ESOs), have a strong commitment to making the digital transition in Europe a reality, working together with all relevant stakeholders to ensure that new technologies are safe, trustworthy and beneficial for all,” comments Cinzia Missiroli, Director, Standardization and Digital Solution. “In this context, our collaboration with GlobalPlatform is key. The work on the European standard based on their SESIP methodology is a good example of what can be achieved in working together for an inclusive and safe digital society for Europe.”

Read more exclusives and news in our latest issue here.

Never miss a story… Follow us on:
Security Buyer
@SecurityBuyer
@Secbuyer

Media Contact
Rebecca Morpeth Spayne,
Editor, Security Portfolio
Tel: +44 (0) 1622 823 922
Email: [email protected]

About Security Buyer

Security Buyer is the leading authority in global security content, delivering expert news, in-depth articles, exclusive interviews, and industry insights across print, digital, and event platforms. Published 10 times a year, the magazine is a trusted resource for professionals seeking updates and analysis on the latest developments in the security sector.

To submit an article, or for sponsorship opportunities, please contact our team below.

Rebecca Spayne picture 2025

Rebecca Spayne

Managing
EDITOR

Georgina Turner image

Georgina Turner

Sales
Manager

Afua Akoto image - Security Buyer

Afua Akoto

Marketing Manager

Read the Latest Issue

Follow us on X

Follow us on X

Click Here

Follow us on LinkedIn

Follow us on LinkedIn

Click Here

Advertise here

Reach decision makers and amplify your marketing

Advertise here

Click Here

Related News

OneLink

Product Spotlight – Gallagher’s OneLink

Gallagher Security presents, OneLink – the product that is elevating remote security through the power of the cloud 
Pinaccle systems

Pinnacle Systems further supports Installers and System Integrators

Pinnacle Systems has launched the Pinnacle Partner Programme, a new initiative designed to provide enhanced support for installers…
Stephen Tickle

Comelit-PAC Appoints Stephen Tickle as Regional Sales Manager

Comelit-PAC has appointed Stephen Tickle as its new Regional Sales Manager.  Stephen will focus on supporting PAC’s access control…
Intersec Saudi

Intersec Saudi Arabia returns with record exhibition space

Intersec Saudi Arabia, the premier industry platform for security, safety and fire protection, will return to the Riyadh…
Abloy UK

Abloy Academy breaks attendance records

Abloy UK has achieved record breaking attendance at its Academy, with more professionals than ever attending its…
Hikvision

Hikvision Introduces X-ray Baggage Inspection System

Hikvision India has recently introduced X-ray Baggage Inspection System with AI- enabled Intelligent Recognition Capabilities…
GBV

IFPO Column: The Quiet Signals of Danger

Yoyo Hamblen of IFPO and Gary Simpson, Nonverbal and Behavioural specialist discuss the important topic of Gender-Based Violence..
Doorbird Carousel

Product Spotlight – Door Communication for the “Neue Wallufer”

 A customised solution case study for a residential complex is presented by DoorBird and CompuNet Systems GmbH 
suprema

Suprema Achieves EN 60839 Certification

Suprema, a global provider of AI-powered access control and security solutions, has achieved EN 60839-11-1:2013 Grade 3 certification
ASSA ABLOY

Electric locks are a vital component in digital access

To protect the important openings in their buildings, organizations need locks they can trust. This means more than just strength…
Scroll to Top