Java Card Forum

The Java Card Forum is an industry association of companies from the smart card, secure operating system and secure silicon industry, working together to promote and develop Java as the preferred programming language for multi-application smart cards, secure devices and other execution environments.

ENISA Lead Certification Expert reflects on JCF longevity & future of Java Card

In the fourth interview of the 25th Anniversary series, Eric Vétillard, Lead Certification Expert at ENISA explains ENISA’s certification mandate and discuses how Java Card certification schemes are related to the ENISA scope. He also reflects on his time as the JCF Technical Committee (TC) Chairman and how it has shaped his career path since.

It’s been a while since you were the Technical Committee Chairman of the Java Card Forum. What have you been working on since then?

The last time I joined the Java Card Forum was when I was with Oracle; I was Product Manager for Java Card. I’ve had a few jobs since, that included a stint at NXP, where I stayed in touch with the JCF through present members like Christian Kirchstaetter [current Technical Committee chairman] and Alexandre Frey, but my focus was actually more on IoT processors and certification.

In 2019, I joined ENISA, the EU Cyber Security Agency, as a Certification Expert, so here I’ve been continuing the work I was actually doing at NXP – working on Cyber Security certification, but focusing more on a scheme on cloud services. So, this is not very close to Java Card, but thanks to my experience with Java Card and more generally with Secure Elements, I’ve also been involved in other schemes that we’re developing in ENISA on Common Criteria and also on 5G, where we’re also on the Embedded UICC. We’re working as a team, so it’s very nice to have this experience and it definitely helps.

What is ENISA doing with certification?

In 2019, the Cyber Security Act made ENISA a permanent agency in the EU and, maybe most importantly, assigned new tasks to the agency. One of these tasks is to design European Cyber Security certification schemes. Our role here is to prepare the schemes, in collaboration both with the industry and with the Member States. When we’re done with that, we’ll actually give these schemes to the Commission, who will derive an implementing Act and they become part of the EU law. 

The first scheme that ENISA worked with is called EUCC – it’s a European scheme for Common Criteria. This one should be quite important for the Java Card community, as most Java Card products are certified with Common Criteria. This scheme will of course be used by at least European chip and card developers, hopefully starting next year with the first certification activities. ENISA will also continue in helping and guiding through the deployment of this scheme and other schemes that we are working on.  

How are Java Card certification schemes related to the ENISA scope?

Java Card is not something that we explicitly talk about, but it often is in the background. For instance, many of the Java Card licencees are represented in our working groups on Common Criteria and 5G, and every time we consider examples of certified products, Java Card platforms are somehow cited. They are such an important component of the supply chain in smart cards’ Secure Elements. I’m also quite confident that some Java Card products will be among the first to be certified with both the EUCC and the EU5G – maybe we’ll be lucky enough to have a Java Card product being the first one to actually be certified.

Of course, with my work on cloud services, we are much further from Java Card and smart cards in general, but it’s interesting to see that there’s always some kind of a surprise reference that comes up every time we talk about access control or authentication. We rely on products, and these products rely on Java Card technology, so the link is indirect, but it’s always there, because the technology is so present everywhere. 

Do you miss the Java Card Forum?

Well, yes I do! I’m not missing the interactions, because my work includes many interactions with the industry, with governments…But the cloud community is very large – discussions have a tendency to grow political at some points. So, what I really miss here is also the lower profile of the Java Card Forum, where you have a limited number of members; most of them are not even known to the general public and what we’re working on still remains in the background, yet we’re collaborating on the design of a product that just about everyone on the planet is using. It’s like we have the impact, but with maybe less visibility. And when you’re actually working on defining the next version of a specification, it’s easier when you work like this – a little bit hidden, especially for the technical people. For the business people this is not always seen as positive!

I’m sometimes missing the excitement of the Java Card Forum’s early days, back in the 1990s, where we were designing the first versions and all our companies were still wondering whether this would work or not. Well, 25 years later and there are a number of Billions of cards being sold every year with Java Card – I guess that now they know the answer to that question and I am very happy to see that the Java Card Forum is still here and that the technology still remains dominant. There hasn’t been another technology coming along and replacing it, and it doesn’t look like this will happen in the near future. I think the Java Card Forum is definitely a nice adventure! 

View the interview in video format here

Java Card is platform of choice for first M2M eSIM certification under GSMA’s Security Assurance scheme

STMicroelectronics has the first machine to machine (M2M) eSIM certified by the GSMA’s Security Assurance scheme.

STMicroelectronics used SGS Brightside in Delft, the Netherlands, to test its ST4SIM-201v1.0.8, with the tests ratified by GSMA’s appointed Certification Body, TrustCB, also in the Netherlands.

The certification scheme by the GSM Association ensures that new eSIM products are resilient against a range of high-level attack threats and is designed to speed up the security certification process, overcome complexities, and reduce time to market for eSIM products.

The GSMA is currently seeking tenders for the provision of eSA Scheme Certification Body services.

M2M and IoT roll outs are moving to remotely configured eSIMs and integrated iSIM devices to simplify the roll out of hundreds of thousands of devices without having to individually provision separate SIM cards. However ensuring that the technology is rugged and secure is vital.

The ST4SIM-201S eSIM (above) is designed for all IoT devices and can remotely manage different MNO profiles while ensuring the appropriate security level.

The device is based on the ST33G1M2 with a tamper-resistant secure element certified by Common Criteria EAL5+, with a 32bit ARM SecurCore SC300 core. It supports a secure and interoperable Java Card environment compliant with Java Card v3.0.5 classic and integrates a dynamic memory management with Java Card garbage collection mechanism optimizing the usage of the memory.

The GSMA certification scheme requires manufacturers to prove a benchmark level of security resilience across product processes. It does this by combining high-security quality with a pragmatic evaluation implementation approach adapted for the mobile market. The processes are in line with industry and ISO requirements and reflect the highest Common Criteria security standards recognised in Europe.

“The GSMA is committed to promoting security across the entire mobile ecosystem to ensure the benefits of mobile connectivity can be enjoyed safely by all. In addition to guaranteeing the highest security – eSA ensures that eSIM products have the same level of security resilience required for chips embedded in passports – we are delighted that our processes enable faster time to market for manufacturers,” said the GSMA’s Chief Technology Officer, Alex Sinclair.

“This is a critical milestone for STMicroelectronics, and we thank the GSMA for maintaining the highest security levels for the product and their efforts to support reduced time-to-market with quick and efficient eSIM certification,” commented Laurent Degauque, Marketing Director at STMicroelectronics.

“SGS Brightsight is pleased to implement the GSMA assurance framework to maintain high security quality using a pragmatic and efficient evaluation approach. The programme ensures we focus on the topics that are fundamental to promoting a ‘security-first’ culture across the entire telecommunication and network industry,” said Adjay Gopie, Director Business Development at SGS Brightsight.

“TrustCB is delighted to issue this first eSA certification. From the very start, the eSA scheme has proved its ability to provide a high-assurance certification in a predictably short timeframe alongside experienced labs. Congratulations to ST for their certified ST4SIM-201v1.0.8 and thanks to SGS Brightsight,” said Wouter Siegers, CEO at TrustCB.

Press Release from eeNews Europe (20/7/22)