The concept to deliver security models based on both hardware and software security approaches is completely new and will allow the manufacturers to decide on their own how to distribute security objectives between the hardware and software components of their platform.

The industry target is to deliver a common level of security, agnostic regarding the nature of the processor, with a minimal software interface (API), to implement their services in proven and isolated environments. The ODSI system management of these isolated contexts allows to qualify and authenticate security levels of remote equipment. ODSI solutions will guarantee / certify the lowest common subset of software and hardware with the goal to remotely deliver and prove the equipment isolation property. In order to achieve this capacity of isolation property to be remotely qualified, the project targets a global recognition of the security assurance level for the delivered isolation models (hardware / software), using the Common Criteria scheme.

General ecosystems of M2M and IoT request the use of concentrators that connect and manage terminal equipment. Those concentrators could themselves be shared between several entities; in this case we need to propagate the isolation quality obtained on some equipment to another equipment already isolated. ODSI project will deliver a communication protocol allowing to propagate the isolation properties from a first isolated zone towards a second isolated zone (with a formal proof of this end-to-end isolation property).

In order to comply with several ecosystems needs, one of the general ODSI objectives is to have a generic framework that addresses typical architectures, end-to-end security properties and multiple level of robustness and correctness assurance.

To gain confidence in the security of these systems, there is a need to assess them. ODSI proposes to define an M2M:IOT specific evaluation building this framework in the Common Criteria scheme in order to benefit from the experience of the CC bodies, shorten the path to the standardisation and mutual recognition. The objective is to solve two major challenges: the certification of the elementary bricks at the highest logical/physical assurance level and the "lego methodology" to reach a global assurance level for the system when combining the certified bricks.