Industry Interviews

    Media & Resource Center  > Industry Interviews 

> Back to Industry Interviews

Industry Interviews

GlobalPlatform, Industry Interviews | Trusted Computing Group (TCG)

In 2012, GlobalPlatform and the Trusted Computing Group (TCG) created a joint work group to enable the sharing of expertise and collaboration around mobile device industry standards. In our latest industry interview, John Mersh, editor of the Mobile Platform Working Group of the TCG, discusses the motivation for establishing the joint initiative and provides insight into the group's current priorities.

1. Please tell us about your role at TCG and company of employment?

I work for the Secure Services Department at ARM as Lead Software Architect. My function at ARM is to ensure that the software architecture supporting TrustZone (R) is maintained and enhanced, and to promote the adoption of this technology within the computing industry. I work with partners to help them make the correct technology choices when creating secure systems and applications.

In addition to my role as editor of the Mobile Platform Working Group of the TCG,
I also represent ARM within GlobalPlatform, where I am active in the GlobalPlatform Device Specification Working Group. Due to my engagement across both associations, I have also been appointed as chair of the joint work group which coordinates and aligns the collective activity of GlobalPlatform and TCG.

2. What is the mission of TCG?

The TCG is a not-for-profit organization that develops, defines and promotes open, vendor-neutral, global industry standards based on a hardware root of trust, for interoperable trusted computing platforms. Billions of endpoints use TCG standards to ensure system integrity, network protection and data security.

3. In June 2012, the TCG published a white paper entitled: TPM Mobile with Trusted Execution Environment for Comprehensive Mobile Device Security. What were the key learnings of this document?

This was the first product of the joint GlobalPlatform/TCG work group. The aim of this document was to highlight that it is possible to implement a TCG Mobile Trusted Module (TPM) in the environment defined by GlobalPlatform's Trusted Execution Environment (TEE) Specifications.

The main lesson learned was the necessity for the two groups to work together. Achieving a workable solution that will bring benefits to the industry requires a willingness to amend and adapt existing and future specifications. We have already witnessed changes in both the TPM activity of the TCG and revisions to forthcoming versions of the Global Platform TEE Specifications.

Ongoing communication and collaboration is key to identifying the many ways in which the two associations can work together to enhance their respective offerings and, ultimately, support market advancements.

4. What motivated the TCG to engage with GlobalPlatform?

The TCG's TPM is used in the PC and server industry when ensuring the security and integrity of systems in the form of discrete or integrated TPM chips. In the mobile industry there is generally not sufficient space or power available to include this additional chip. This has held back the adoption of TCG technology in the mobile marketplace.

GlobalPlatform's Device Committee focuses on the TEE for smart devices enabling trusted applications to run securely in parallel with the normal operating system.

By combining these technologies it becomes possible to gain the advantages of the mature software which supports the TCG's TPM, without the disadvantage of requiring an additional chip.

5. A TCG / GlobalPlatform joint working group has been created, what are the initial priorities of this group?

This group has existed for more than a year now and I recently took over as chair.

The objectives of this group are:

  • To encourage the use of GlobalPlatform Specifications as a platform and toolkit within the TCG.
  • To help GlobalPlatform ensure that large secure applications such as a TPM are viable in the TEE.
  • To teach each side about the other's technology to the extent this is allowed by IP rules.
  • To bring together the certification activities in TCG and GlobalPlatform.

6. How do you see this partnership benefiting the mobile device industry?

The mobile device industry gains by having mature technology and operating system support of the TCG's TPM. This availability addresses the needs of those who require its reliability. All this can be achieved while sharing the TEE with solutions in areas such as digital rights (premium content) management and mobile financial services as well as identity for government and corporate enterprises, for which trusted applications running within the TEE are a more appropriate solution.

7. What is your vision for common activities between GlobalPlatform and TCG in the next three to five years?

I hope that over the coming years the relationship will continue to strengthen to take full advantage of the specifications offered by both parties and to provide solutions to real user opportunities and challenges.

As current mobile architectures are extended into the server market then the integration between TCG and GlobalPlatform Specifications will become essential to secure those systems.

For more information about TCG visit the website, Twitter and LinkedIn.