Bertrand Moussel, Chair of the Trusted Connectivity Alliance Board
The publication of GSMA’s eSIM IoT Specification (SGP.32) is a transformative development in global connectivity. By offering a dedicated standard for remotely provisioning and managing IoT devices, SGP.32 promises to further accelerate the adoption of eSIM technology across established and emerging IoT use-cases.
The industry is now working to turn this promise into reality. With 83% of organisations identifying eSIM as important to the success of future IoT deployments [GSMA Intelligence], analysts are predicting that over half of active eSIMs across IoT deployments will be compliant with the new specification by 2028.
But as adoption builds, ensuring the full benefits of SGP.32 are realised will require sustained collaboration across the secure connectivity ecosystem.
Building on Proven Foundations
The GSMA eSIM IoT Specification was introduced as the industry recognised the crucial need to enhance the eSIM infrastructure to meet specific IoT requirements. This is because the growing deployment of network, user interface and power constrained devices demand a simpler model – ensuring high resiliency and scalability, necessitating less computing power on the device, using less radio resources, and requiring zero or very limited user interaction.
Yet it is important to recognise that SGP.32 is not a completely new approach to Remote SIM Provisioning and builds on proven elements of the existing Consumer Remote SIM Provisioning Specifications (SGP.22).
To simplify and accelerate deployments, a key design principle for SGP.32 was to leverage existing components of the well-established SGP.22 infrastructure. This includes the SM-DP+ (Subscription Manager – Data Preparation) for the creation, download, protection and delivery of the profile, as well as the SM-DS (Subscription Manager – Discovery Server) – which enables the eUICC to connect to an SM-DP+.
To address the specific considerations associated with managing constrained devices across various IoT and B2B fleet management use-cases, however, SGP.32 does introduce two new ecosystem components:
- The eSIM IoT Remote Manager (eIM) is a standardised, remote provisioning tool that enables profiles to be downloaded and managed on a single IoT device or fleet of devices without the need for direct end user interaction. The eIM can also communicate with any IoT device or SM-DP+, removing the need for complex and inflexible individual integrations.
- The IoT Profile Assistant (IPA) provides the functions that enable the eSIM to be remotely managed using the eIM platform infrastructure or to retrieve the profile using the existing SM-DP+ platform infrastructure. The IPA can either reside on the device (IPAd) or on the eUICC (IPAe).
In addition to these new components, SGP.32 also references TCA’s Interoperable Profile Package Specification – which is used in every eSIM deployed in the field – to standardise the format used for the remote loading of subscriptions onto eSIMs across deployed devices. This enables mobile operators to load interoperable connectivity profiles in an eSIM, regardless of the SIM vendor.
Promoting Security and Interoperability
Like the existing Consumer and M2M Specifications, the eSIM IoT Specifications are also supported by comprehensive certification and compliance schemes that will ensure eSIM solutions are subjected to thorough assessment and testing to promote security and interoperability. The eSIM IoT Test Specifications (SGP.33), and product compliance programmes for the IoT eUICC, eIM and IPAd are expected to be available in early 2025.
This will undoubtedly play a key role in promoting confidence in eSIM IoT solutions across operators, device manufacturers and service providers. However, a key consideration for the industry as adoption builds is that there are a vast number of potential IoT use-cases. To reflect this diversity, SGP.32 is intentionally very flexible to allow for multiple implementation options and various deployment scenarios.
Yet this flexibility must be coupled with a consistent baseline across all deployments to prevent complexity and fragmentation.
Focusing on Real-World Interoperability as Adoption Builds
The good news is that SGP.32 applies robust principles to help ensure functional interoperability across and between IoT devices and the enabling infrastructure. For example, an IoT device should work with any SM-DP+ and SM-DS, regardless of the supplier or operator who manages them. This includes the requirement to future-proof the eUICC and device so they can work with any SM-DP+ or SM-DS installed after deployment. Conversely, an SM-DP+ hosted by an operator should be able to create profiles for any eUICC, regardless of the manufacturer.
Despite this diligence, some interoperability considerations will inevitably only become apparent once solutions are live in the field. Given the vast number of potential IoT use-cases, as the first SGP.32-compliant solutions come to market, ensuring deployments are underpinned by a strong foundation of interoperability must be a priority.
The Importance of Industry Collaboration
As the number of SGP.32 deployments increases, industry collaboration will play a key role in driving the iterative enhancements across the ecosystem needed to ensure robust interoperability. This is why TCA is committed to bringing together leading industry stakeholders to shape the ongoing standardisation of eSIM technology and the supporting infrastructure.
To learn more about realising the benefits of SGP.32, watch TCA’s exclusive webinar with GSMA here.