Technical Committee (TC) Smart Card Platform (SCP) Activity Report 2021

NOTE: As of 01 January 2022 this committee is known as TC Secure Element Technologies (SET)

Chair: Klaus Vedder, Samsung R&D Institute UK

Responsible for the development and maintenance of specifications for Secure Elements (SEs) in a multi-application capable environment, their integration into such an environment, and the secure provisioning of services making use of SEs.

ETSI’s Smart Card Platform technical committee (TC SCP) has been responsible for developing and maintaining specifications for the Secure Element (SE) used in telecommunication systems including the Internet of Things (IoT) and Machine-to-Machine (M2M) applications.

Reflecting the committee’s evolving mission and scope of interests, from the start of January 2022 TC SCP has been officially re-named as TC SET (Secure Element Technologies). The last meeting of TC SCP in December 2021 was also the last meeting of its Chair for 21 years. Denis Praca from Thales was elected as Chair of the re-named TC SET.

The remote management of SEs and the interfaces required for the interaction of servers involved in this management are also addressed. TC SET develops ‘agnostic’ specifications that can find their way into other applications such as ID management, ticketing and ID cards with contactless interfaces used in financial services. It is of particular importance for the user that for each topic addressed, TC SET’s specifications encompass not only requirements and the technical solution but also conformance testing for both the SE and the terminal.

TC SET is the home of the UICC – the most widely deployed Secure Element with more than five billion pieces entering the market every year just as SIM cards, a share of well over 50% of the Secure Elements market (source: EUROSMART).

The committee is also the home of the all-new Smart Secure Platform (SSP). SSP offers a more flexible platform than the UICC. It can be adapted to multiple different products and markets, while maintaining a common set of features and some of the characteristics of the UICC platform. SSP offers an open platform for multiple applications, a choice of physical interfaces and form factors to adapt to market needs, a new modern and flexible file system, built-in capabilities to support multiple authentication methods (such as biometric). It is designed to further the design of scalable secure solutions that can be optimized to fit different markets and products.

In 2021 the committee continued the process of upgrading specifications for both the UICC and the SSP. 16 different specifications including three UICC test specifications were revised, upgraded, and published with a new Release number. The committee accepted the remaining two specifications of the ETSI Testing Task Force (TTF) T001 for publication and T001 was closed having successfully completed its work.

A complete list of all the committee’s deliverables published (as TC SCP) in 2021 can be seen here.

In 2021, the committee defined the requirements and technical parameters for a 1,2 V interface of the UICC. This followed the course of its predecessors in progressively reducing the required voltage down from 5 V.

The requirements of the Multiple Logical Interface (MLI) were completed for the UICC, and Release 16 was closed for new requirements. The MLI defines a new logical framework which will allow the communication over several logical interfaces going through a single physical interface. Applications hosted on the UICC can thus act in a totally independent manner. The technical realization will continue into 2022; first results are expected to be available by March to provide this new functionality to be used for specifications of the GSMA. Also continuing into 2022 will be discussions on the technical implementation of the requirements for the use of NFC for Ultra-Wide Band applications.

In 2021, the emphasis of the work on the Smart Secure Platform was on the revision and enhancement of the already published four specifications, the advancement of the Embedded SSP Type 2 and the development of a new interface specification. Regrettably, there was no progress of the removable SSP specification though this could prove to be of great interest to industry sectors beyond telecommunications. Interested parties are invited to contribute.

Following the establishment of an MoU with the MIPI Alliance, the committee started work on the I3C interface for the Smart Secure Platform. This will continue in 2022, with publication of the specification as TS 102 818 intended for mid-2022.

The completion of the Embedded SSP (eSSP) Type 2 (TS 102 666-4) took longer than anticipated, in common with other work in the days of online-only meetings. This is now expected for March 2022.

Following its mission to provide a test specification for its core specifications, the committee applied (successfully) to ETSI for the funding of a task force to develop test specifications for the three SSP specifications published at that time in 2019. The first ever ETSI Testing Task Force T001 took up its work in May 2020 and completed this task in November 2021. The work of the TTF also provided valuable information on potential issues in the respective core specifications leading to a number of change requests to the latter. The following SSP Test Specifications were published in 2021:

  • TS 103 813 Smart Secure Platform (SSP); Test Specification, SPI Interface (Release 15),
  • TS 103 999-1 Smart Secure Platform (SSP); Part 1: Test Specification, general characteristics (Release 15),
  • TS 103 999-2 Smart Secure Platform (SSP); Part 2: Test Specification, Integrated SSP (iSSP) characteristics (Release 15).

To execute those tests a proprietary test tool connection needs to be provided by the SSP manufacturer. Different test tool connections might, however, lead to different test results. So a common test tool interface is needed to provide interoperability between any test tool that supports the SSP test cases and any device incorporating an SSP. The committee agreed on the Terms of Reference for a follow-up TTF which was granted by ETSI. This will be known as T018 Requirements & Protocols for a Test Tool Interface for the SSP. It is expected to start work in early 2022, provide as a first step a report on legacy test tool interfaces, and complete the work on the specification for the Test Tool Interface in late 2022.

An ongoing testing topic is the discussion with other bodies such as the GSMA and 3GPP WG CT6 on testing terminals with non-removable UICCs.

In addition to the new and ongoing topics, TC SET and its three Working Groups will in 2022 continue to provide technical enhancements and improvements to its 53 specifications and reports, including 21 test documents.

A full list of all current TC SET Work Items can be viewed here.

External promotion of SSP technology was conducted at several events during the year. These included a presentation to the European Payment Council (EPC) in April, and webinars at “l’embarque” in March, as well as the ETSI Security Week in June. A specific webinar about the new MIPI I3C® Interface for the ETSI Smart Secure Platform was given at MIPI DevCon in September.

The committee’s work includes inputs from ETSI and outside organizations. Liaison therefore continued with major external contributors and users such as 3GPP, GlobalPlatform, the GSM Association, the NFC Forum, the Global Certification Forum (GCF), ISO/IEC JTC1/SC17, oneM2M, Eurosmart and the Trusted Connectivity Alliance. The committee is also participating in the ENISA ad hoc working group on 5G Cybersecurity Certification.

In collaboration with the ETSI Secretariat a new process was developed for the allocation of an SSP manufacturer ID. The link for the allocation will be contained in the application identity register for smart card applications which TC SET maintains on behalf of a number of partner organizations.