ETSI TC Smart Card Platform, that standardized the former generations of SIM cards, has been working on a brand-new security platform called Smart Secure Platform (SSP). The ETSI committee has unveiled the first three technical specifications to launch this new security platform.
The ETSI Smart Secure Platform offers an open platform for multiple applications with various physical interfaces and form factors. The new flexible file system and built-in capabilities support several authentication methods, as well as features defined for a UICC - the current security platform used, for instance, for the SIM card - such as a toolkit or a contactless interface. SSP is a highly secure, scalable, thus cost-efficient solution optimized to fit many requirements, from IoT applications to complex solutions, hosting several applications such as banking and payment, ID management and access to mobile networks. Furthermore, the SSP is backwards compatible to the UICC. The three specifications cover the general technical characteristics of the Smart Secure Platform with ETSI TS 103 666?1, the integration of the Secure Element into a System on Chip (SoC) solution in ETSI TS 103 666?2 and, as the first protocol between the Smart Secure Platform and the outside world, the Serial Peripheral Interface (SPI) which is specified in ETSI TS 103 713.
EU-wide Cybersecurity legislation: implementation of the EU rules in the energy sector
The European Commission has just published a report with key findings on how the EU cybersecurity rules under the NIS Directive are implemented in the crucial Energy sector, in particular in electricity, gas and oil areas. The report takes stock of the implementation of the main NIS Directive requirements across the EU, notably on the ways to identify the so-called Operators of Essential Service (OES), security measures, incident notification requirements. The report includes information on governance models chosen, lessons learnt and best practices at national level and presents cybersecurity capabilities of EU associations, organisations and bodies with a role in the energy sector. In addition, it provides an overview of the different public-private collaboration schemes in place across the EU. In line with the Commission Recommendation of 3.4.2019 on cybersecurity in the energy sector, the document supports Member States in addressing energy sector specificities, such as real-time security requirements, cascading effects and the combination of legacy and state-of-the-art technologies, when implementing the NIS Directive.