Android's pKVM hypervisor earns SESIP Level 5 security certification

2 months ago 11

Android Shield

Google announced that its protected Kernel-based Virtual Machine (pKVM) for Android has achieved SESIP Level 5 certification, the highest security assurance level for IoT and mobile platforms.

The pKVM is the hypervisor underpinning the Android Virtualization Framework (AVF), providing an isolated, high-assurance environment for executing critical workloads. These include Google's AI models like Gemini Nano for local personal data processing, biometric authentication (face, fingerprint), DRM content handling, and firmware-level security.

Level 5 in SESIP (Security Evaluation Standard for IoT Platforms) is the highest assurance tier in the system developed by TrustCB, meaning a system has been tested against AVA_VAN.5 from Common Criteria (ISO 15408).

"Today marks a watershed moment and new benchmark for open-source security and the future of consumer electronics," Google announced.

"Google is proud to announce that protected KVM (pKVM), the hypervisor that powers the Android Virtualization Framework, has officially achieved SESIP Level 5 certification."

"This makes pKVM the first software security system designed for large-scale deployment in consumer electronics to meet this assurance bar."

Google says its pKVM was tested by DEKRA in certified testing laboratories, which was confirmed to be resistant to sophisticated and advanced threats.

Google commented that many TEEs (Trusted Execution Environments) found in consumer devices aren't formally certified or have only achieved lower levels of security assurance.

The tech giant says this creates uncertainty and disincentivizes developers from building highly secure applications that incorporate top-notch data protection mechanisms.

What does this mean for users?

The SESIP Level 5 certification comes at a timely moment for consumers, with AI processing moving locally into their phones rather than the cloud, which increases the risk of personal data exposure.

Smartphones are gradually turning into "vaults" holding a detailed profile of users' lives, so compromising them isn't only about stealing account credentials and credit cards anymore.

"pKVM and this certification is specifically addressing the threat model of increasingly valuable processing on-device," a Google spokesperson explained to BleepingComputer.

"Highly personalized data is information that is synthesized to create a helpful, tailored experience for an individual, going beyond basic information."

"It's not so much the type of data, but the increased ROI for an attacker that comes from having a single, centralized trove of data that is attractive to attackers."

"This is why strong security measures are essential and why valuable media content, digital ID, and biometric processing was, as an industry standard, moved into Trusted Execution Environments (TEEs) a long time ago."

While the SESIP Level 5 certification itself doesn't mean much to the average Android user, the takeaway is that the pKVM, which powers on-device security features, is much harder to hack even by knowledgeable threat actors.

Read Entire Article