CLP.13-v1.0 CN

GSM
CLP.13 -

1.0
2016 02 08
GSMA
2016 GSM
GSM
GSM
V1.0 1 82
GSM
CLP.13 -
1 5
1.1 GSMA 5
1.2 5
1.3 6
1.4 6
1.5 7
1.6 8
2 10
2.1 10
2.2 10
2.3 >10 10
2.4 10
3 11
3.1 11
3.2 12
3.3 12
3.4 13
4 14
4.1 14
4.2 15
4.3 15
4.4 16
4.5 17
5 18
5.1 18
5.2 18
5.3 19
5.4 19
5.5 19
5.6 20
5.7 20
5.8 20
5.9 21
5.10 21
5.11 22
5.12 22
5.13 22
5.14 22
5.15 23
6 24
6.1 24
V1.0 2 82
GSM
CLP.13 -
6.2 28
6.3 30
6.4 API TCB 30
6.5 31
6.6 33
6.7 34
6.8 35
6.9 36
6.10 37
6.11 38
6.12 39
6.13 39
6.14 40
6.15 ROM 41
6.16 41
6.17 42
6.18 43
6.19 44
6.20 45
7 46
7.1 46
7.2 47
7.3 48
7.4 50
7.5 51
7.6 52
7.7 54
7.8 55
7.9 55
7.10 56
7.11 57
8 58
8.1 58
8.2 59
8.3 60
8.4 61
8.5 62
8.6 APN 62
8.7 63
8.8 64
8.9 66
8.10 66
8.11 68
9 69
V1.0 3 82
GSM
CLP.13 -
9.1 69
9.2 70
9.3 70
9.4 72
9.5 73
9.6 X 74
9.7 75
9.8 76
10 78
A 79
B UICC 81
C 82
C.1 82
C.2 82
V1.0 4 82
GSM
CLP.13 -
1.1 GSMA
GSMA (loT)
GSMA CLP.11
[1] CLP.12 [2] CLP.13 [3]
CLP.11

CLP.14

CLP.12 CLP.13

1 - GSMA
GSMA
CLP.14[4]
1.2
V1.0 5 82
GSM
CLP.13 -
1.3
-

-
-
-
1.4
SIM SIM

(M2M)
V1.0 6 82
GSM
CLP.13 -

CLP.11 [1]

(TCB) TCB

TCB
TCB TCB
TCB
TEE
(TEE)
UICC ETSI TS 102 221
ETSI TS 102 671

1.5
3GPP 3
AC
API
APN
BT
V1.0 7 82
GSM
CLP.13 -

CLP GSMA
CPE
CPU
EEPROM
eUICC UICC
FIB
GBA
GPS
GSMA GSM
LAN
BLE
IoT
IP
ISM
MCU
NVRAM
OMA
PAN
PSK
RAM
ROM
SCADA
SPI
SSH
SIM
SRAM
TCB
TTL -
UART
1.6

[1] CLP.11 IoT Security Guidelines Overview Document
[2] CLP.12 IoT Security Guidelines for IoT Service Ecosystem
[3] CLP.13 IoT Security Guidelines for IoT Endpoint Ecosystem
[4] CLP.14 IoT Security Guidelines for Network Operators
[5] OMA FUMO OMA Firmware Update Management Object
www.openmobilealliance.org
V1.0 8 82
GSM
CLP.13 -

ST-LINK/V2 in-circuit debugger/programmer
[6]
http://www.st.com/
[7] Mobile IoT Initiative
http://www.gsma.com/connectedliving/mobile-iot-initiative/
Nmap Security Scanner
[8]
https://nmap.org/
CLP.03 IoT Device Connection Efficiency Guidelines
[9] http://www.gsma.com/connectedliving/iot-device-connection
-efficiency-guidelines/
Federal Information Processing Standards
[10]
www.nist.gov/itl/fips.cfm
EMVCo
[11]
www.emvco.com/
SIM Alliance - Open Mobile API
[12] simalliance.org/key-technical-releases/
GPD_SPE_013 GlobalPlatform Secure Element Access Control
[13]
www.globalplatform.org/specificationsdevice.asp
GPD_SPE_024 GlobalPlatform Trusted Execution Environment API
[14] Specification
www.globalplatform.org/specificationsdevice.asp
GPC_SPE_034 GlobalPlatform Card Specification
[15]
www.globalplatform.org/specificationscard.asp
ISO/IEC 29192-1 Information technology -- Security techniques -- Lightweight
[16] cryptography
www.iso.org/obp/ui/#iso:std:iso-iec:29192:-1:ed-1:v1:en
Generic Authentication Architecture (GAA); Generic
[17] TS 33.220 Bootstrapping Architecture (GBA)
www.3gpp.org
Generic Authentication Architecture (GAA); Access to
network application functions using Hypertext Transfer
[18] TS 33.222 Protocol over Transport Layer Security (HTTPS)
www.3gpp.org
V1.0 9 82
GSM
CLP.13 -
2.1

ISO/IEC 29192 [16]

2.2
2.3 >10

10
16

2.4

(IP) (ISM)
IP
V1.0 10 82
GSM
CLP.13 -

#1 /
(CPE)
/

WiFi
#2

(CPE)
BLE Zigbee /
#3
ISM

WiFi/LAN
2 -
3.1
(PAN)
(BLE)Thread Zigbee
2 #3
V1.0 11 82
GSM
CLP.13 -
3.2
2 #1 Wi-Fi
2 #2
(AC)

SCADA
OBD2
(PSK) (TCB)
3.3
V1.0 12 82
GSM
CLP.13 -

GBA TLS
GBA
(CPE)
1.

/ CPE
2. CPE

3.4
(CPU)
CPU //
CPU

V1.0 13 82
GSM
CLP.13 -
4.1
V1.0 14 82
GSM
CLP.13 -
BLE802.15.4
4.2
NMap [8] IP
BLE IEEE
(SSH)
(CGI)
4.3
(QA)
V1.0 15 82
GSM
CLP.13 -
TTL 5
CPU MCU UART
TTL TTL
Google
SSH
4.4
(SD/MMC) NVRAM EEPROM
EEPROM CPU SPI
V1.0 16 82
GSM
CLP.13 -
4.5
CPU
ROM NVRAM
SRAM
X FIB
V1.0 17 82
GSM
CLP.13 -
5.1
5.2
TCB

API TCB

V1.0 18 82
GSM
CLP.13 -
5.3
5.4

TCB
5.5

V1.0 19 82
GSM
CLP.13 -
5.6
NVRAM

ROM

5.7
5.8
V1.0 20 82
GSM
CLP.13 -
5.9
5.10

APN
V1.0 21 82
GSM
CLP.13 -
5.11
5.12
5.13

APN

5.14
V1.0 22 82
GSM
CLP.13 -
5.15
V1.0 23 82
GSM
CLP.13 -
6.1
(TCB)
TCB
TCB (PSK)
UICC
TCB
TCB
TCB

(PSK)

PSK

V1.0 24 82
GSM
CLP.13 -

PSK

PSK
3 - TCB
TCB TCB
TCB
TCB
NVRAM
TCB
V1.0 25 82
GSM
CLP.13 -
TCB
TCB
TCB
TCB
TCB
TCB
TCB TCB
V1.0 26 82
GSM
CLP.13 -
TCB TCB
6.1.1
6.1.1.1
PSK
TCB
TCB
TCB
6.1.1.2
PSK TCB
PSK
UICC UICC
eUICC
eUICC
TCB
TCB UICC SIM
6.1.2 TCB
TCB
TCB
V1.0 27 82
GSM
CLP.13 -
oneM2M TS-0003 oneM2M SM UICC
(GBA) 3GPP TS 33.220 A
TCB
TCB
eUICC UICC
eUICC GlobalPlatform [15]
6.1.3
TCB TCB
TCB
TCB
6.2
CPU UICC eUICC
TCB
TCB
TCB
V1.0 28 82
GSM
CLP.13 -
UICC
ETSI TS 102 671 6 5 MFF1
MFF2 UICC UICC
CPU

TCB

UICC
6.2.1
V1.0 29 82
GSM
CLP.13 -
6.3
FIB
FIB
(FIPS) [10]EMVCo [11]
6.3.1
NVRAM
6.4 API TCB
TCB TCB API
TCB
TCB
TCB
TCB
TCB
TCB
V1.0 30 82
GSM
CLP.13 -
TCB
TCB
TCB
SIM API [12]
GlobalPlatform [13]
GlobalPlatform (TEE) API [14]
(TCG)
TCB API TCB
TCB
TCB
TCB
ROM
API ROM RAM
6.4.1
TCB
API
6.5
TCB
V1.0 31 82
GSM
CLP.13 -
Example IoT Company LLC
TCB
(TLS)
(SSH2)
(OCSP) IETF RFC 2560
(GBA) A3GPP TS 33.220
Web
(HSM)
HSM
TCB HSM
V1.0 32 82
GSM
CLP.13 -
6.5.1
6.6
TCB
(PCB/A)

TCB

TCB

UICC
UICC
UICC
eUICC
eUICC
eUICC
V1.0 33 82
GSM
CLP.13 -
B UICC
UICC
6.6.1
6.7
(MVeP)
V1.0 34 82
GSM
CLP.13 -

CPU

MVeP
MVeP NVRAM ROM
MVeP
MVeP
MVeP
NVRAM
6.7.1
MVeP
MVeP
6.8
V1.0 35 82
GSM
CLP.13 -
6.8.1
6.9
V1.0 36 82
GSM
CLP.13 -
OWASP SANS
JavaScript Web
PIN
6.9.1
6.10
TCB
TCB
TCB FIPS [10]EMVCo [11]
V1.0 37 82
GSM
CLP.13 -
6.10.1
6.11
CPU ROM
TCB
NVRAM
ROM
ROM
6.11.1
(NVRAM)
V1.0 38 82
GSM
CLP.13 -
6.12
SSH TLS

(VPN)
API
6.12.1
6.13
V1.0 39 82
GSM
CLP.13 -
6.13.1
6.14
(MMU)
(MPU)
TCB
32
MPU MMU
V1.0 40 82
GSM
CLP.13 -
6.14.1
6.15 ROM
CPU (ROM)
CPU CPU ROM
CPU
(SPI) API
ROM NVRAM CPU MCU/MPU
6.15.1
CPU
6.16
V1.0 41 82
GSM
CLP.13 -
(ROM)
6.16.1
6.17
CPU
CPU
CPU
V1.0 42 82
GSM
CLP.13 -
ROM
6.17.1
6.18
(PFS)
V1.0 43 82
GSM
CLP.13 -
6.18.1
PFS
6.19
TLS
DTLS
SSH2
GBA
OAuth2
V1.0 44 82
GSM
CLP.13 -
6.19.1
6.20
TCB TCB
GBA
TCB TCB

TCB
V1.0 45 82
GSM
CLP.13 -
6.20.1
CPU
7.1
CPU
RAM
RAM
V1.0 46 82
GSM
CLP.13 -
7.1.1
CPU SRAM RPM NVRAM
SRAM DMA
RAM
RAM
RAM
RAM
7.2
V1.0 47 82
GSM
CLP.13 -
7.2.1
7.3
NVRAM
(ATM)
ATM
V1.0 48 82
GSM
CLP.13 -
ATM
7.3.1
V1.0 49 82
GSM
CLP.13 -
7.4
UICC
UICC
UICC eUICC
7.4.1
TCB
CPU
TCB
TCB
TCB
V1.0 50 82
GSM
CLP.13 -
CPU CPU
CPU ROM
CPU ROM
7.5

TCB

TCB

V1.0 51 82
GSM
CLP.13 -
7.5.1
OTA
7.6
EEPROM
7.6.1
GSM
(IMSI)
(LAN)
GSM
IMSI (IMSI)
(SIM)
V1.0 52 82
GSM
CLP.13 -
GSM IMSI
SIM
IMSI
7.6.2
GSM GSM
GSM 1000
3G LTE
7.6.3
7.6.4
SIM SIM
SIM
V1.0 53 82
GSM
CLP.13 -
SIM
SIM
7.6.5
TCB
TCB
LTE
7.6.6
MNO
MNO
7.7
Web
V1.0 54 82
GSM
CLP.13 -
7.7.1
7.8
802.11 Wi-Fi
Wi-Fi
Wi-Fi
(BLE) 802.15.4 Wi-Fi IMSI
SSH
7.8.1
7.9
(SSH)apache2
V1.0 55 82
GSM
CLP.13 -
UNIX ID ID
/ ID
privsep SSH
/
SSH http://www.citi.umich.edu/u/provos/ssh/privsep.html
7.9.1
7.10
TCB
ID
API
V1.0 56 82
GSM
CLP.13 -
7.10.1
7.11
V1.0 57 82
GSM
CLP.13 -
7.11.1
PHPPython
(RTOS)
8.1
ASLR
BSSRodata
(UDEREF)
(MMU)
ASLR UDEREF
(MPU)
8.1.1
V1.0 58 82
GSM
CLP.13 -
ASLRNXUDEREF
8.2
JTAG SWD
SSH Telnet
UART/USART
DB9
JTAG SWD
JTAGSWD
8.2.1
V1.0 59 82
GSM
CLP.13 -
NVRAM ROM
8.3
(DMA)DMA
CPU CPU
DMA
DMA
CPU
DMA
DMA
DMA
V1.0 60 82
GSM
CLP.13 -
IEEE1394ThunderboltExpress Card
(PCI) DMA
DMA
DMA
8.3.1
DMA
8.4
QR NFC RFID URL
URL
8.4.1
RFID
V1.0 61 82
GSM
CLP.13 -
8.5
API
C C++ Java
8.5.1
8.6 APN
(APN)
APN APN
APN
APN
APN APN
(MVNO) APN
V1.0 62 82
GSM
CLP.13 -
8.6.1
APN APN
APN
(DoS)
APN APN
APN APN
APN
8.7
CPUMCU
V1.0 63 82
GSM
CLP.13 -
8.7.1
PCB
CPU
8.8
V1.0 64 82
GSM
CLP.13 -
LED
8.8.1
V1.0 65 82
GSM
CLP.13 -
8.9
8.9.1
TCB
TCB
8.9.2
TCB
8.10
TCB
V1.0 66 82
GSM
CLP.13 -
TCB
PSK
TCB
PSK
V1.0 67 82
GSM
CLP.13 -
8.10.1
CPU
8.11
API
8.11.1
V1.0 68 82
GSM
CLP.13 -
9.1
(GPS) GPS
(UHF)
GPS
(DoS)
V1.0 69 82
GSM
CLP.13 -
GSMA [9]
(DHIR)
9.1.1
9.2
9.2.1
9.3
NVRAMRAM
NVRAM CPU NVRAM

CPU CPU
V1.0 70 82
GSM
CLP.13 -
NVRAM CPU
RAM
NVRAM RAM
RAM
RAM RAM
RAM
NVRAM RAM NVRAM
NVRAM
NVRAM NVRAM
NVRAM RAM
I2C I2C
I2C
9.3.1
TCB
NVRAM
RAM
RAM
V1.0 71 82
GSM
CLP.13 -
TCB NVRAM
9.4
[]
RAM
(PII)
Web
TLS TLS
RAM
RAM
RAM
CPU RAM CPUMCU

MPU SRAM
RAM RAM
9.4.1
V1.0 72 82
GSM
CLP.13 -
- https://citp.princeton.edu/research/memory/
9.5
9.5.1
V1.0 73 82
GSM
CLP.13 -
9.6 X
(FIB)
FIB
FIB
FIB FIB FIB
FIB
FPGA
FIB
FIB
FIB
V1.0 74 82
GSM
CLP.13 -
9.6.1
FIB
FIB
9.7
(ROM)
ROM NVRAM
ROM NVRAM
RNG
TCB
V1.0 75 82
GSM
CLP.13 -
9.7.1
9.8
9.8.1
NSA
V1.0 76 82
GSM
CLP.13 -
V1.0 77 82
GSM
CLP.13 -
10
V1.0 78 82
GSM
CLP.13 -
(GBA) [17]
SIM
SIM SIM
SIM
SIM
234 PAN
SIM
SIM
SIM
(GBA) GBA SIM

(NAF) GBA 3GPP 3GPP
TS 33.220 [17] 3GPP
SIM (UICC)
SIM (eUICC) GSMA SIM (eUICC)
[5]
V1.0 79 82
GSM
CLP.13 -
PSK UE
NFA (TS 33.222) [18]

eUICC

TLS-PSK

V1.0 80 82
GSM
CLP.13 -
B UICC
ETSI TS 102 221 UICC UICC
ETSI TS 102 221 UICC
UICC UICC
UICC ETSI TS 102 671

UICC 3GPP TS
51.011 SIM 3GPP TS 31.102 USIM3GPP2 CDMA CSIM
WiMAX SIM UICC
ETSI TS 102
225/TS 102 226 UICC UICC
UICC
UICC
UICC ETSI
TS 102 226 GlobalPlatform [15] A UICC
UICC
IMS ISIM
3GPP TS 31.103 oneM2M TS-0003 D
1M2M SM 1M2MSM /
3GPP GBA UICC
UICC 1M2MSM
UICC OEM UICC
UICC
UICC
/ UICC
V1.0 81 82
GSM
CLP.13 -
C
C.1
/
1.0 2016 PRD CLP.13 PSMC Ian Smith
02 08 GSMA
&
Don A. Bailey Lab
Mouse Security
C.2
Ian Smith - GSMA
prd@gsma.com
V1.0 82 82

CLP.13-v1.0 CN

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

CLP.13-v1.0 CN

Uploaded by

Copyright:

Available Formats

GSM

(SD/MMC) NVRAM EEPROM

EEPROM CPU SPI

oneM2M TS-0003 oneM2M SM UICC

(GBA) 3GPP TS 33.220 A

eUICC GlobalPlatform [15]

CPU UICC eUICC

(FIPS) [10]EMVCo [11]

6.4 API TCB

TCB TCB API

SIM API [12]

GlobalPlatform (TEE) API [14]

TCB API TCB

Example IoT Company LLC

MVeP NVRAM ROM

TCB FIPS [10]EMVCo [11]

ROM NVRAM CPU MCU/MPU

(BLE) 802.15.4 Wi-Fi IMSI

QR NFC RFID URL

NVRAM CPU NVRAM

CPU RAM CPUMCU

FIB FIB FIB

(GBA) GBA SIM

UICC ETSI TS 102 671

Ian Smith - GSMA

You might also like