Google has announced that its virtual machine (PKVM) based on a protected kernel for Android has obtained the SESIP Level 5 certification, the highest level of safety insurance for IoT and mobile platforms.
The PKVM is the hypervisor underlying the Android virtualization framework (AVF), providing an isolated and high environment to execute critical workloads. These include Google AI models like Gemini Nano for local processing of personal data, biometric authentication (face, digital imprint), DRM content management and security in the firmware.
Level 5 in SESIP (Safety Evaluation Standard for IoT platforms) is the highest level of insurance in the system developed by TrustCB, which means that a system has been tested against AVA_Van.5 from common criteria (ISO 15408).
“Today marks a moment of watersheds and a new reference for open source security and the future of consumer electronics,” said Google.
“Google is proud to announce that KVM protected (PKVM), the hypervisor that feeds the Android virtualization framework, has officially obtained the SESIP Level 5 certification.”
“This makes PKVM the first software security system designed for large -scale deployment in consumer electronics to respond to this insurance bar.”
Google says that its PKVM was tested by Dekra in certified test laboratories, which was confirmed as resistant to sophisticated and advanced threats.
Google has said that many T-shirts (confidence execution environments) found in consumption devices are not officially certified or have only reached lower safety insurance levels.
The technology giant says that this creates an uncertainty and disincited developers of the construction of highly secure applications which incorporate first -rate data protection mechanisms.
What does that mean for users?
The SESIP Level 5 certification arrives at a timely time for consumers, the processing of AI moving locally on their phone rather than the cloud, which increases the risk of exposure to personal data.
Smartphones gradually turn into “chests” that hold a detailed profile of user lives, so compromise them is no longer just to steal identification and credit cards.
“PKVM and this certification specifically approach the threat model of increasingly precious treatment on the devices,” Google spokesperson for Bleeping Composter.
“Highly personalized data is synthesized information to create a useful and personalized experience for an individual, going beyond basic information.”
“It is not so much the type of data, but the increase in return on investment for an attacker who has just had a single centralized mine of attractive data for attackers.”
“This is why solid safety measures are essential and why the precious media content, digital identification and biometric treatment have been, as an industry standard, in confidence execution environments (TEE) a long time ago.”
Although the SESIP Level 5 certification itself does not mean much to the average Android user, the point to remember is that the PKVM, which feeds security features, is much more difficult to hack even by competent threat actors.
