SESIP: IoT platform security evaluation methodology
Guide. SESIP / GlobalPlatform
SESIP (Security Evaluation Standard for IoT Platforms) is the cybersecurity evaluation methodology published by GlobalPlatform in May 2020 under reference GP_FST_070. Derived from Common Criteria ISO/IEC 15408 but optimised for constrained IoT platforms, it organises evaluation into five assurance levels aligned with the AVA_VAN scale. Its distinctive feature is composition: an evaluated component (chip, secure OS, crypto stack) can be integrated into a platform and then a final product without full re-verification. SESIP is the methodology recognised by the EN 18031 series at the higher assurance levels, and the technical backbone of ETSI EN 17927 and the future EUCC scheme. This guide sets out its origin, evaluation structure, articulation with PSA Certified and Common Criteria, and the most frequent pitfalls.
Origin and the gap addressed
Section titled “Origin and the gap addressed”Until the late 2010s, formal cybersecurity evaluation of electronic components was largely conducted under the Common Criteria Recognition Arrangement (CCRA). Common Criteria (CC), formalised in ISO/IEC 15408 and the supporting methodology ISO/IEC 18045, remain the worldwide reference for high-assurance evaluations, in particular in the banking, governmental and identity domains.
Three characteristics of CC make them ill-suited to the mass-market IoT segment:
- typical durations of an EAL 4 or higher evaluation (twelve to twenty-four months) are incompatible with the time-to-market of a connected sensor or a smart home device;
- the cost of a full CC evaluation (in the order of several hundred thousand euros for a non-trivial target) does not align with the unit economics of a mid-volume IoT product;
- the absence of native composition machinery forces full re-evaluation of the stack on every product iteration, whereas IoT relies precisely on the standardised stacking of bricks (silicon, OS, middleware, application).
GlobalPlatform, the industry consortium already responsible for the Card Specification and TEE (Trusted Execution Environment) specifications, started the SESIP project in 2018 to close this gap. Public release 1.0 was issued on 26 May 2020 under reference GP_FST_070, subtitled "Security Evaluation Standard for IoT Platforms". An incremental revision is in preparation, with alignment expected against the 2022 edition of ISO/IEC 15408 (the major CC revision).
SESIP inherits the CC vocabulary: Security Target, Security Problem Definition, Security Objectives, Security Functional Requirements, AVA_VAN class. It introduces, in contrast, a single IoT-oriented profile (rather than the bespoke Protection Profile of CC), a fixed and reduced set of assurance classes, and an explicit certificate composition mechanism.
Three levels of evaluation granularity
Section titled “Three levels of evaluation granularity”SESIP formally distinguishes three target-of-evaluation granularities, matching the three typical layers of an IoT stack.
| Target level | Description | Typical examples |
|---|---|---|
| Component | Atomic hardware or software block of the stack | MCU with secure boot, eUICC, secure element, trusted OS |
| Platform | Hardware and software assembly providing security services | MCU + bootloader + secure OS + crypto library |
| Product | Complete IoT device integrating a platform | Smart meter, smart-home gateway, industrial sensor |
This granularity has a direct economic consequence: a silicon supplier can have its component certified once, then deliver the certificate and supporting documentation to all downstream integrators. The integrator reuses that certificate in the evaluation of its platform or product, demonstrating through a composition argument that the upstream certificate assumptions still hold in the integration context.
The five SESIP assurance levels
Section titled “The five SESIP assurance levels”SESIP defines five assurance levels numbered 1 to 5, aligned with the AVA_VAN assurance components of Common Criteria. AVA_VAN is the "Vulnerability Analysis" class of CC, graded across five levels by the attack potential resisted.
| SESIP level | Equivalent AVA_VAN | Type of evaluation | Laboratory involvement | Expected resistance |
|---|---|---|---|---|
| SESIP 1 | AVA_VAN.1 | Guided self-assessment | Optional | Known public vulnerabilities |
| SESIP 2 | AVA_VAN.2 | Accredited laboratory evaluation | Mandatory | Attacker with basic potential |
| SESIP 3 | AVA_VAN.3 | Laboratory plus black-box penetration test | Mandatory | Attacker with enhanced potential |
| SESIP 4 | AVA_VAN.4 | SESIP 3 plus side-channel analysis and fault injection | Mandatory, specialised equipment | Attacker with moderate potential, moderate equipment |
| SESIP 5 | AVA_VAN.5 | Resistance to state-of-the-art attacks | Mandatory, advanced equipment | Attacker with high potential, high equipment and expertise |
The AVA_VAN scale is documented in the Common Methodology for Information Technology Security Evaluation (CEM, ISO/IEC 18045). Attack potential is estimated through five factors: preparation time, expertise required, knowledge of the target, window of opportunity, hardware equipment required. An aggregate score determines the AVA_VAN level the target resists.
SESIP 1: tool-supported self-assessment
Section titled “SESIP 1: tool-supported self-assessment”Level 1 covers documentary conformity and review of public vulnerabilities. The manufacturer produces the Security Target itself, describes the security measures, and provides evidence that known public vulnerabilities (CVE, CWE) applicable to its product are handled. No laboratory intervention is mandatory. The evaluation is reviewed by the certification body on the documentation alone.
SESIP 2: accredited laboratory, functional testing
Section titled “SESIP 2: accredited laboratory, functional testing”Level 2 introduces examination by a laboratory accredited under a GlobalPlatform scheme. The laboratory verifies the coherence of the Security Target, exercises the declared security functions, and conducts an extended vulnerability review. Expected resistance covers an attacker with basic potential: standard tools, no specialised equipment, no in-depth knowledge of the target.
SESIP 3: black-box penetration testing
Section titled “SESIP 3: black-box penetration testing”Level 3 adds a logical black-box penetration test. The laboratory actively attempts to bypass the security functions through interfaces accessible to the attacker, without access to source code or keys. Expected resistance covers an attacker with enhanced potential: non-trivial expertise, advanced software tooling, but without sophisticated hardware equipment.
SESIP 4: side-channel and fault injection
Section titled “SESIP 4: side-channel and fault injection”Level 4 introduces two families of hardware tests:
- side-channel analysis, exploiting information leaks through power consumption measurement (Simple Power Analysis, Differential Power Analysis), electromagnetic emission or timing response to extract cryptographic secrets;
- fault injection analysis, deliberately injecting disturbances (voltage glitches, electromagnetic pulses, focused laser) to deviate execution and bypass security checks.
These tests require specialised laboratory equipment (high-end oscilloscopes, EM benches, laser benches, micro-positioning stations) and deep expertise. Level 4 is typically targeted by payment components, high-end eUICC and commercial secure elements.
SESIP 5: state-of-the-art resistance
Section titled “SESIP 5: state-of-the-art resistance”Level 5 targets resistance to state-of-the-art attacks worldwide: very high attacker potential, extended preparation, advanced equipment (scanning electron microscope, FIB for circuit editing, substrate analysis). This level is typical of governmental identity components, high-end banking cards and certified hardware security modules (HSM). Very few mass-market IoT products target this level, where evaluation cost runs in the hundreds of thousands of euros.
SESIP, Common Criteria and PSA Certified compared
Section titled “SESIP, Common Criteria and PSA Certified compared”The table below maps the three cybersecurity evaluation frameworks most used for IoT components and platforms.
| Dimension | SESIP | Common Criteria (ISO/IEC 15408) | PSA Certified |
|---|---|---|---|
| Publisher | GlobalPlatform | ISO, CCRA, national schemes | Arm and partners |
| Reference | GP_FST_070 v1.0 (May 2020) | ISO/IEC 15408:2022 and CEM | PSA Certified specifications |
| Target | IoT platforms and components | All IT products | IoT platforms and Arm MCUs |
| Profile | Single SESIP profile | Bespoke Protection Profile | PSA profile referencing SESIP |
| Levels | 5 (SESIP 1 to 5) | 7 EAL plus AVA_VAN.1 to .5 | 3 (PSA level 1, 2, 3) |
| Native composition | Yes, explicit mechanism | CC composition (rare, heavy) | Yes, inherited from SESIP |
| Typical evaluation duration | Weeks to months | Six to twenty-four months | Weeks to months |
| Typical evaluation cost | Tens to hundreds of thousands of euros | Hundreds of thousands of euros | Tens to hundreds of thousands of euros |
| Regulatory recognition | EN 18031 (EU), EUCC (in progress) | CCRA, EUCC, national schemes | Recognised via SESIP by EN 18031 |
| Typical use case | IoT MCU, eUICC, secure OS, IoT device | Smart card, HSM, governmental OS | Arm Cortex-M, Cortex-A MCU and platforms |
The rough equivalence between SESIP and PSA Certified levels is the following: PSA level 1 is a self-attestation aligned with the PSA Functional API 10-Question Assessment, with no direct SESIP mapping; PSA level 2 maps in practice to SESIP level 3 (laboratory plus penetration testing); PSA level 3 maps to SESIP level 4 (side-channel and fault injection), with possible extension to SESIP level 5 for the most demanding targets. This mapping is not absolute and depends on the Security Target scope.
The equivalence between SESIP levels and Common Criteria EAL levels does not exist formally. SESIP level 4 is not equivalent to EAL 4. EAL levels aggregate assurance across seven classes (ADV, AGD, ALC, ATE, AVA, and formerly ACM, ASE, APE), whereas SESIP levels concentrate on the AVA_VAN scale. Conflating the two scales in a declaration of conformity is a common pitfall and a frequent ground for rejection by certification bodies.
SESIP profile and composition-based evaluation
Section titled “SESIP profile and composition-based evaluation”The SESIP profile plays the role that a Protection Profile (PP) plays in Common Criteria: it sets the frame for the Security Target. Where a CC PP is specific to the product or product family considered, the SESIP profile is unique and generic, applicable to any IoT platform. The Security Target instantiates the profile for a given product by filling out the mandatory sections:
- TOE description (Target Of Evaluation), what is evaluated, what is not, the precise boundary;
- Security problem definition, threats considered, environmental assumptions, organisational policies;
- Security objectives, security objectives covered by the product and by the environment;
- Security functional requirements (SFR), functional requirements selected from the SESIP catalogue (which carries over a subset of ISO/IEC 15408-2);
- TOE security functionality (TSF), concrete description of the mechanisms implemented.
Composition of certificates
Section titled “Composition of certificates”The composition mechanism is the central contribution of SESIP. Consider a component evaluated at SESIP level X with certificate C1. Consider a platform integrating this component and evaluated at SESIP level Y (with Y at most X). The platform evaluation reuses C1 as evidence, without fully re-verifying the component, under two conditions:
- the environmental assumptions of the component (operating environment assumptions) must be satisfied in the platform integration context;
- the security policies declared by the component must be coherent with those of the platform.
These two conditions are documented in a composition rationale added to the platform Security Target. The laboratory evaluating the platform verifies that rationale but does not re-run tests already executed on the component.
Example: silicon to platform to product composition
Section titled “Example: silicon to platform to product composition”The example below illustrates typical composition along an IoT stack.
| Layer | Target of evaluation | Target level | Reused element |
|---|---|---|---|
| Silicon | MCU with secure boot and secure storage | SESIP 4 (side-channel) | Component certificate, chip Security Target |
| Platform | MCU + bootloader + secure OS + crypto stack | SESIP 3 | MCU certificate + platform Security Target |
| Product | IoT sensor integrating the platform + application firmware | SESIP 2 | Platform certificate + product Security Target |
A final manufacturer integrating a SESIP 4 certified MCU into its product can target SESIP 2 on the complete product by leveraging the upstream certificate. The evaluation effort focuses on the application firmware and integration, not on the MCU itself.
This logic transforms the economics of IoT certification: an initial effort concentrated at the silicon supplier is monetised across all downstream products. A final product not certified today can target a modest SESIP level with reasonable effort, provided that it integrates components already certified at SESIP level equal or higher.
SESIP in the European landscape: EN 17927, EN 18031, EUCC
Section titled “SESIP in the European landscape: EN 17927, EN 18031, EUCC”SESIP entered the European regulatory framework through three distinct channels.
ETSI EN 17927
Section titled “ETSI EN 17927”Published in 2023, ETSI EN 17927 ("Methods and protocols, security evaluation of IoT") is a European standard derived directly from SESIP. The text reproduces the five-level structure, the composition mechanism and the functional requirements catalogue. EN 17927 acts as the European normative counterpart to SESIP, usable in EU regulatory schemes.
EN 18031 series
Section titled “EN 18031 series”The EN 18031-1/-2/-3 series, published in August 2024 and listed in the Official Journal of the European Union in January 2025, defines harmonised standards for conformity to RED article 3.3 (cybersecurity of radio equipment). EN 18031 distinguishes several assurance levels and, at the higher levels, allows the use of a SESIP level 3 or higher evaluation as evidence of conformity. In practice, a radio IoT device targeted by RED 3.3 can leverage the SESIP certificate of its platform to demonstrate compliance with essential requirements, alongside the documentation foreseen by EN 18031.
For the wider European radio placing-on-the-market context, see our ETSI EN 303 645 guide, which covers the complementary voluntary baseline for consumer IoT.
EUCC scheme under the Cybersecurity Act
Section titled “EUCC scheme under the Cybersecurity Act”The European Common Criteria scheme (EUCC) is the first certification scheme adopted under the Cybersecurity Act (Regulation (EU) 2019/881). Adopted by Implementing Regulation (EU) 2024/482 and applicable since February 2025, EUCC carries over the Common Criteria structure and provides for SESIP incorporation in IoT evaluations.
The connection between EUCC, SESIP and the Cyber Resilience Act (CRA, Regulation (EU) 2024/2847, applicable from 11 December 2027) is still being shaped by ENISA. The current outline foresees that for "important" and "critical" products under the CRA, certification under EUCC or a recognised programme (including SESIP) will serve as presumption of conformity. The exact timeline and scope depend on implementing acts expected in 2026 and 2027.
SESIP and PSA Certified: an operational alignment
Section titled “SESIP and PSA Certified: an operational alignment”PSA Certified is the operational certification programme led by Arm and a consortium of laboratories (Brightsight, Riscure, SGS Brightsight, TrustCB, UL). Initially structured around three PSA-specific levels, the programme aligned in 2022 its PSA level 2 and PSA level 3 with SESIP profiles.
| PSA level | Indicative SESIP mapping | Target type | Dominant method |
|---|---|---|---|
| PSA level 1 | No direct SESIP mapping | Guided self-attestation via 10-Question Assessment | Documentary |
| PSA level 2 | SESIP level 3 | Chip plus PSA Root of Trust | Black-box penetration test |
| PSA level 3 | SESIP level 4 (sometimes 5) | Chip for high-demand applications | Side-channel and fault injection |
A PSA Certified level 2 or 3 certificate issued from 2022 onwards explicitly names the SESIP profile applied, allowing a downstream integrator to reuse that certificate in a SESIP composition. Conversely, a manufacturer aiming for PSA certification goes through a SESIP-accredited laboratory. PSA Certified and SESIP are therefore not competitors but complements: SESIP is the methodology, PSA an operational programme that instantiates it for the Arm ecosystem.
For non-Arm cases (RISC-V, MIPS, embedded x86), evaluation goes directly through SESIP without a PSA intermediate.
Accredited laboratory ecosystem
Section titled “Accredited laboratory ecosystem”SESIP evaluation requires the involvement of a laboratory accredited by GlobalPlatform (except at level 1, where self-assessment is admitted). GlobalPlatform maintains a public list of accredited laboratories, updated periodically on the sesip.globalplatform.org portal. The main players at the time of writing include:
- Brightsight (Netherlands, part of SGS), historically the reference laboratory for banking secure components and eUICC;
- Riscure (Netherlands), recognised specialist in side-channel analysis and fault injection, particularly at level 4;
- SGS (international group), broad portfolio covering IoT product certification;
- TrustCB (Netherlands), ITSEF certification scheme and certificate-issuing body;
- UL Solutions (United States and Europe), diversified laboratory covering the consumer and industrial IoT segments.
Several additional European laboratories (Serma Safety and Security in France, T-Systems in Germany, applus+ Laboratories in Spain) are accredited or under accreditation for SESIP levels 2 and 3. The geographic coverage of the SESIP scheme broadens as EN 17927 and EN 18031 gain weight.
Certificate life cycle and maintenance
Section titled “Certificate life cycle and maintenance”A SESIP certificate is not a frozen deliverable. Its validity rests on three conditions sustained over time.
Initial duration
Section titled “Initial duration”The default validity is set by the scheme under which the evaluation is conducted. Current practice observes an initial validity of five years for SESIP levels 1 to 3, sometimes reduced to two or three years at levels 4 and 5 where the target is more exposed to the rapid evolution of attack techniques.
Vulnerability maintenance
Section titled “Vulnerability maintenance”The manufacturer must maintain a vulnerability surveillance and handling programme covering the validity period. Any publicly disclosed vulnerability affecting the target or a reused component must be assessed for its impact on the certificate. A critical vulnerability that cannot be remediated may lead to suspension or withdrawal of the certificate by the certification body.
Re-evaluation on evolution
Section titled “Re-evaluation on evolution”A major change to the target triggers at least a partial re-evaluation:
- change of silicon chip or major silicon revision;
- modification of the bootloader or the chain of trust;
- firmware update adding functions accessible to the attacker;
- introduction of new external interfaces (additional radio, debug port).
Minor changes (security patches, application adjustments without attack surface change) are usually handled through a certificate addendum, faster than a full re-evaluation.
Frequent pitfalls in a SESIP project
Section titled “Frequent pitfalls in a SESIP project”Field experience from the early years of the programme has surfaced several recurring pitfalls for manufacturers approaching SESIP. The methodology cannot be improvised, and rigorous up-front scoping avoids costly late refusals. AESTECHNO designs IoT products and tracks the maturity of these methodologies for cybersecurity architecture decisions.
See also
Section titled “See also”- PSA Certified: Arm-led IoT security baseline
- TPM 2.0 and TCG hardware security
- Common Criteria (ISO/IEC 15408): IT security eval
- Cyber Resilience Act (CRA): EU baseline for digital
- IEC 62443 (ISA-99), industrial control cybersecurity
- ETSI EN 303 645: cybersecurity for consumer IoT
1. Security Target under-scoping
Section titled “1. Security Target under-scoping”The most frequent pitfall is an incomplete or fuzzy Security Target. The manufacturer describes the security functions implemented but neglects the environmental sections (assumptions, organisational policies, uncovered threats). The laboratory then returns the target for completion, delaying the evaluation. A solid Security Target devotes as much effort to defining the perimeter (TOE) and its environment as to describing the technical mechanisms.
2. Confusion between SESIP levels and Common Criteria EAL
Section titled “2. Confusion between SESIP levels and Common Criteria EAL”The temptation to claim "SESIP 4 equivalent to EAL 4" in marketing material leads almost immediately to rejection. The two scales are not equivalent. SESIP level 4 guarantees AVA_VAN.4 resistance but does not cover the full set of assurance classes of an EAL 4. A declaration of conformity must cite SESIP with its level, without numerical equivalence to EAL. Common Criteria (covered in a dedicated guide on spilma) remain a distinct framework, complementary but not equivalent.
3. Badly justified composition
Section titled “3. Badly justified composition”Composition is the central contribution of SESIP and also the point where manufacturers most frequently stumble. Reusing a component certificate without formally demonstrating that all environmental assumptions of that certificate are satisfied in the integration context leads to refusal. An MCU certificate may state that the package is presumed protected against physical attack (environmental assumption); if integration places the MCU in an openable enclosure (e.g. an outdoor sensor easily dismounted), the assumption is not satisfied and composition does not hold. The composition rationale must be explicitly written and verified by the laboratory.
4. Unsuited level selection
Section titled “4. Unsuited level selection”Targeting SESIP 4 or 5 without economic or regulatory necessity is another pitfall. The evaluation surcharge is significant: side-channel and fault injection tests mobilise weeks of specialised equipment. A consumer IoT product (smart-home sensor, connected bulb) achieves its regulatory objective at SESIP 2 or 3 and need not aim higher. The level must flow from a product risk analysis and the regulatory mapping targeted, not from marketing ambition.
5. Underestimating maintenance
Section titled “5. Underestimating maintenance”A SESIP certificate is not an end-of-project deliverable. The five-year validity implies a commitment to vulnerability surveillance, handling of CVE affecting reused components, and re-evaluation on major changes. The initial evaluation budget must be supplemented with a maintenance budget; otherwise the certificate is suspended during the commercial life of the product.
Suggested reading order and project integration
Section titled “Suggested reading order and project integration”SESIP sits within a broader IoT cybersecurity stack. For a manufacturer approaching the subject for the first time, the suggested reading order is the following:
- European regulatory framing: understand RED article 3.3, the EN 18031 series and the CRA horizon. See our news entry on the publication of EN 18031 and the ETSI EN 303 645 guide for the complementary voluntary baseline.
- Evaluation methodology: this SESIP guide, complemented for high-end needs by Common Criteria (subject of a dedicated upcoming guide, whose ISO/IEC 15408 reference is cited in the sources).
- Operational programme: PSA Certified for Arm platforms (subject of a dedicated upcoming guide), direct SESIP for other ecosystems.
- Project implementation: product cybersecurity architecture, selection of certified components, drafting of the Security Target, planning of the evaluation with an accredited laboratory.
The spilma glossary gathers the definitions of the technical terms manipulated here (TOE, SFR, AVA_VAN, Protection Profile, composition rationale).
Summary
Section titled “Summary”SESIP is today the cybersecurity evaluation methodology best aligned with the industrial reality of IoT: it carries the rigour of Common Criteria, simplifies implementation, allows certificate composition along the silicon-platform-product stack, and benefits from growing European regulatory recognition via EN 17927, EN 18031 and the future EUCC. For an IoT manufacturer anticipating CRA obligations from 2027, familiarity with SESIP is no longer optional. Architecture decisions taken at design phase, in particular the selection of a silicon component already certified under SESIP, directly drive the cost and duration of the product evaluation. The follow-up of Cybersecurity Act and CRA implementing acts, expected in 2026 and 2027, will complete the regulatory picture and fix the precise place of SESIP in the European certification landscape.
Further reading
Section titled “Further reading”- Publication of EN 18031: presumption of conformity to RED 3.3 and reference to SESIP at higher assurance levels
- ETSI EN 303 645 guide: voluntary consumer IoT baseline, complementary to SESIP
- spilma glossary: definitions of ISO/IEC 15408, AVA_VAN, Protection Profile, composition rationale terms
Sources & references
- GlobalPlatform SESIP methodology, programme overview , GlobalPlatform globalplatform.org/sesip/
- GP_FST_070 v1.0 Public Release, SESIP methodology specification , GlobalPlatform globalplatform.org/wp-content/uploads/2020/05/GP_FST_070_SESIP_v1.0.0_PublicRelease.pdf
- ETSI EN 17927, security evaluation standard for IoT platforms , ETSI www.etsi.org/standards-search?search=EN+17927
- ISO/IEC 15408, evaluation criteria for IT security , ISO www.iso.org/standard/72891.html
- CENELEC, portal of European harmonised standards (EN 18031 series) , CENELEC www.cenelec.eu/
- PSA Certified, certification programme operated under SESIP , Arm and partners www.psacertified.org/
- ENISA, EUCC candidate scheme under the Cybersecurity Act , ENISA www.enisa.europa.eu/topics/certification