Embedded UICC & Remote Provisioning

Christopher Burke

Head of IoT & M2M / Lead Architect

Adrian Hernandez

SVP Strategic Partnerships

PUBLIC USE – NXPFTF

Who are Simulity?

• Simulity is a software company. We have a number of secure operating systems, interoperable through any chipset and used worldwide.

• Our OS’s have some of the smallest footprints on the market, while retaining functionality and security.

• We are fabless, which allows us to focus almost exclusively on technology.

• We can adapt our OS onto any chipset (including Virtual/Soft SIM)

• We have an impressive R&D stack so our customers can focus on their business, with infinite scalability.

• We are also disruptive in telecommunications desktop & server software for remote SIM management (Over-the-Air etc) and provisioning.

History

PUBLIC USE – NXPFTF

The Subscriber Identity Module (SIM)

• Since its inception in the early 1990s, the SIM provides secure, identifiable and authenticated access to cellular networks. It has been the primary piece of operator supplied equipment used by consumers when connecting to mobile networks.

• The SIM has evolved a lot over the years, however at its core the SIM is a telco-specific Secure Element (SE) handling key storage and derivation for authentication of subscribers.

• With the introduction of things like JavaCard™ the SIM is also now used as a trusted execution environment for value added applications like mobile wallet for banking, and much more.

PUBLIC USE – NXPFTF

Due to the needs of the market, SIMs have been getting smaller and smaller, while being able to store more data and ensure higher levels of security protection. SIMs are resilient to physical attacks such as SDA, DFA (and more) and non-

physical attacks due to constant third party review and audits improving software design.

1FF (1991) 2FF (1996) 3FF (2003) 4FF (2012)

Evolution

PUBLIC USE – NXPFTF

Embedded UICC (eUICC or eSIM)• Future SIMs will be deeply embedded into the chipset.

• They are therefore integrated as part of the manufacturing process of a given device.

• This approach not only addresses disadvantages of SIM in the M2M market, but introduces a high degree of flexibility on the SIM, that in turn, also enables new business benefits for the M2M ecosystem.

• The new packaging formats and reduced size of SIMs with eUICC technology streamlines the manufacturing process for mass volume.

• That creates a potentially low production and distribution cost enabled by late stage provisioning.

• Cost savings are also incurred as devices need not be returned to a retail outlet to change SIM card. Everything happens Over-the-Air.

• This also streamlines the retail process and considerably widens the route to market.

PUBLIC USE – NXPFTF

Remote Provisioning• The GSM Association (GSMA) has defined a ”Remote Provisioning”

architecture which allows for multiple subscriber profiles to be stored on a single Secure Element.

• As SIMs are now deeply embedded into chipsets, there are many new challenges (and opportunities) presented.

• The physical chips provide increased resiliency (dust, moisture, humidly, temperature, 10+ year retention) for M2M applications (fx. automotive, metering industries)

• They are also completely re-programmable, allowing for the carrier profile to be updated post issuance without compromise of security using standard user equipment; end user is transparent to change.

• The architecture describes both the chip and the server components.

Architecture

PUBLIC USE – NXPFTF

Traditional SIM Software Architecture

The simplified block diagram looks at the traditional SIM/UICC architecture.

Reprogramming only occurs in the File System / Applets,

however there is no isolation between the device

manufacturer or telecom operator (meaning that the

device manufacturer is effectively at the mercy of

the MNO)

PUBLIC USE – NXPFTF

PUBLIC USE – NXPFTF

Security: The separation of roles and data

PUBLIC USE – NXPFTF

PUBLIC USE – NXPFTF

Actors and Entities

PUBLIC USE – NXPFTF

Typical First Stage Deployment

ISD-R

OEMSM-SR

ISD-P

MNO SM-DP

SMS, TCP, UDP

Embedded Interface

SOAP Interface

MNO

OEM

SOAP Interface

SOAP Interface EUM

PUBLIC USE – NXPFTF

Introduction of new MNO

ISD-R

OEMSM-SR

ISD-P1

SM-DP1

SMS, TCP, UDP

Embedded Interface

SOAP Interface

MNO1

OEMSOAP Interface EUM

SM-DP2

MNO2

ISD-P2

PUBLIC USE – NXPFTF

Change of SM-SR

ISD-R

OEMSM-SR

ISD-P1

SM-DP1

SMS, TCP, UDP

Embedded Interface

SOAP Interface

MNO1

OEM1SOAP Interface EUM

SM-DP2

MNO2

OEM2

Handover SM-SR

SOAP Interface

ISD-P2

Opportunity

PUBLIC USE – NXPFTF

The Impact of Remote Provisioning (2020)

Others (229M)36%

Consumer Electronics (220M)

34%

Automotive (229M)30%

Utility48%

Security17%

IT/Networks9%

Transport18%

Buildings1%

Industrial1%

Retail2%

Healthcare4%Others

PUBLIC USE – NXPFTF

Projected Connections; GSMA Standard vs Proprietary (2013-2020)

164,258190,842

223,942

260,431

303,547

353,864

412,038

478,838

164,258191,914

227,179

275,814

338,864

418,433

516,514

639,393

2013 2014 2015 2016 2017 2018 2019 2020

Proprietary GSMA Specification

PUBLIC USE – NXPFTF

Projected Connectivity Revenues ($bn), 2020

5.7

1.331.93

0

1

2

3

4

5

6

Automotive Consumer Electronics Others

Projected Connectivity Revenues ($bn), 2020

Connectivity Revenues ($bn)

Hardware

PUBLIC USE – NXPFTF

Hardware Class Overview

• In order to simplify the (complex) market requirements, we have broken down the M2M/IoT verticals to three market needs.

• SIMgine Residential: For Smart Homes, Wearables etc

• SIMgine Industrial: For Smart Meters, Vending Machines etc

• SIMgine Automotive: for Automotive and similar applications

PUBLIC USE – NXPFTF

Hardware Class Detail

Product Flash RAM CPU HW DES RNG Enduro Retent. Temp CC

Residential

Industrial

Automotive

HW RSA

>132KB<480KB

>4KB<13KB

ARM SC000

No Yes 100K 25 Years-25°C +85°C

-No

>256KB<512KB

>8KB<12KB

INF16-bit

Yes Yes 500K 10 Years-40°C

+105°C-No

>600KB<1MB

32KBARM

SC300Yes Yes 500K 17 Years

-40°C +105°C

EAL5+Yes

Packaging

PUBLIC USE – NXPFTF

ETSI MFF1 / MFF2 (QFN8 / VQFN)

• MFF1 / MFF2 are dramatically smaller than standard SIMs. It is a standard form factor allowing for simpler interoperable reference design (the pin-out is the same as a SIM, just smaller)

• if you have a 3G/4G cellular modem using SIM in a 2FF, 3FF or 4FF form factor, you can change out to MFF2 with little complexity.

MFF1 / MFF2 / QFN8 (Embedded, Soldered)

PUBLIC USE – NXPFTF

WLCSP

• WLCSP is tiny.

• Size comparison, largest to smallest:

• DIP,

• MFF1 / MFF2 / QFN8 / VQFN,

• SOT,

• WLCSP

PUBLIC USE – NXPFTF

Let’s do the math…

• My cellular reference design currently uses…

• 2FF; 25x15mm=375mm2 + tray / connectors (>700mm2)

• 3FF; 15x12mm=180mm2 + tray / connectors (>500mm2)

• 4FF; 12.3x8.8mm=108.24mm2 + tray / connectors (420mm2)

• So using MFF2 my reference design will use

• MFF2; 6x5=33mm2

• And using WLCSP my reference design will use

• WLCSP; < 1mm2

PUBLIC USE – NXPFTF

Who’s adopting Remote Provisioning

• Operators: AT&T, CK Hutchison, Deutsche Telekom, Etisalat, EE, KDDI, NTT DOCOMO, Orange, Rogers, SFR, Sprint, Telefónica, Telenor, TeliaSonera, Telstra, TIM, Transatel, Verizon and Vodafone and more…

• Vendors: Gemalto, Giesecke & Devrient, Morpho (Safran), Oasis Smart SIM, Oberthur Technologies, Qualcomm, STMicroelectronics, Valid and more…

• Device Manufacturers: Apple, Huawei, LG, Microsoft, Samsung and Sony

• Others: Nokia (Network Equipment), Trustonic (Security / TEE)

PUBLIC USE – NXPFTF

Thank you for your time

• Contact me via E-Mail: christopher.burke@simulity.com

• Or Adrian at: adrian.hernandez@simulity.com