iSIM With IoT SAFE For Seamless Authentication From Chip To Cloud

Using SIM to provide a robust, scalable, and standardized hardware Root of Trust to protect IoT data communications.


When transferring data over mobile networks, IoT devices need to exchange that data securely and establish trust with a public or edge cloud in a way that’s seamless, scalable and easy to manage. IoT SAFE (IoT SIM Applet For Secure End-2-End Communication) enables IoT device manufacturers and IoT service providers to leverage the SIM (Subscriber Identity Module) as a robust, scalable and standardized hardware Root of Trust to protect IoT data communications.

Seamless provisioning

IoT SAFE’s goal is to progressively offer “zero-touch provisioning” for devices to ensure application-level security from chip to cloud. The mobile industry group GSMA clearly outlines the key areas of chip-to-cloud security where IoT SAFE can act as a security service, enabled for:

  • IoT devices to securely establish TLS (transport layer security) or DTLS (datagram transport layer security) authentication session with a corresponding application cloud/server
  • IoT devices to compute shared secrets and keep long-term keys secret
  • Provisioning and credentials lifecycle management from a remote IoT security service.

Developers can implement IoT SAFE on an eSIM (also known as eUICC, or Universal Integrated Circuit Card) and iSIM (ieUICC) by using Arm Kigen OS. This takes the existing remote-programming and bootstrapping features of iSIM to an entirely new level, anchoring trust right on a device.

So, we can now seamlessly provision not just connectivity credentials but also the necessary certificates to secure the exchanges from the device to any major cloud using the world’s most deployed trusted security platform – the SIM.

Using a secure, tamper-resistant hardware element to protect credentials reduces the risks associated with spoofing or man-in-the-middle attacks when exchanging sensitive data with the IoT service provider’s cloud. These credentials could be open to compromise if they’re instead stored in an unprotected environment. By ensuring IoT SAFE can be supported, IoT device developers can enable IoT solution deployers to readily secure their data channels from device to cloud.

“For over 25 years the SIM has been the ‘Root of Trust’ for the mobile industry, its security constantly evolving over this period so that today the SIM secures over 9.4 billion cellular connected devices,” said Graham Trickey, Head of IoT, GSMA. “IoT SAFE extends the security capabilities of the SIM further to secure new IoT services end-to-end, underpinning a new generation of IoT services and billions of new IoT devices.”

Native trust

While an IoT SAFE application can be implemented in any SIM form factor, it is on eSIM and iSIM  devices that this native trust can be achieved out-of-the box due to the fact that eSIM and iSIM security is built-in from the point of manufacture. Once this trust has been verified and the connection secured, developers can further customize the connection security credentials using remote automation to meet their deployment use case. Facilitating this inherent capability – with use case-determined security credential distribution – awakens the promise of massive IoT scale.

iSIM takes the concept of simplifying the SIM SKU count further than other form factors. The system-on-chip (SoC) housing an MCU already exists in any device that uses a SIM or eSIM. So it makes perfect sense to build the necessary SIM capabilities right into the same chip. This reduces the number of chips required and optimizes the supply chain and module design. iSIM acts as a ‘crypto-safe’ inside the SoC so that, effectively, we can bake connectivity and security at the chip level.

The size reduction is particularly important as there are many IoT devices that could not accommodate SIM or eSIM chips before due to their small size or sealed nature. In combination with IoT SAFE, iSIM will help designers deliver a vast new range of use cases covering a combination of smaller device sizes.

Extending the trusted environment

IoT SAFE doesn’t work in a vacuum, and as such helps bolster security best practices such as the use of the independent PSA Certified assessment program. For example, IoT SAFE can be loaded on an eSIM or iSIM inside a PSA Certified device which implements the PSA Functional APIs, namely the PSA crypto APIs. GSMA, in its IoT SAFE documentation (IoT SAFE Executive Summary and IoT.04), refers to these APIs as a de-facto standard means of a client application interacting with IoT device middleware. PSA Crypto APIs are offered to the ecosystem as an open specification and are quickly being adopted as a means of leveraging security services in an IoT device.

Arm’s goal is to enable any device to securely connect to and exchange any data with any cloud, across trusted networks. Today Arm Pelion Connectivity Management, leveraging the Arm Global Connectivity Bootstrap, is capable of downloading a local mobile network profile to a device.

For the moment, the certificates to securely exchange data with the cloud must be pre-loaded in a device at point of manufacture, or later over-the-air in a somewhat cumbersome and/or proprietary way. Thanks to IoT SAFE, the means to provision security certificates to the most secure place in the device, the iSIM, have now been standardized. After downloading the cellular subscription to the device, Pelion Device Management will also download the credentials to authenticate the device to the cloud and secure exchanges.

Arm already has the IoT SAFE applet ready for market, as our engineers continue to work to make a fully integrated solution incorporating PSA, Kigen and Pelion, which will be released in the near future.


While the tipping point for IoT development has arrived, a recent survey from The Economist Business Unit found that – among other things – security concerns still constrained respondents’ IoT ambitions.

eSIM and iSIM devices, taking advantage of the flexibility and familiarity of global cellular networks and introducing increased efficiencies and economies of scale in the design process, are the key that unlocks those ambitions.

Until now, generating the relevant certificates and distributing them to a large number of IoT devices before they are deployed has been an expensive, time-consuming and inefficient exercise. Leveraging SIMs as a root-of-trust combined with a comprehensive device management solution, provides a cost-effective mechanism for cloud authentication and end-to-end security, since SIMs are already used for authentication on mobile networks.

For more information on iSIM, please download our iSIM whitepaper.

Leave a Reply

(Note: This name will be displayed publicly)