OS Profile Management

CoreESIM: Device OS Management of Multiple eSIM Profiles

3 min read

CoreESIM is a critical component within the device OS architecture, abstracting the complexities of eUICC (embedded Universal Integrated Circuit Card) management. Its primary function, particularly in multi-profile environments, is to provide a standardized, secure interface for the operating system to interact with the eUICC hardware, facilitating the lifecycle management of stored eSIM profiles. This includes enumeration, activation, deactivation, and secure deletion, all while maintaining strict adherence to GSMA SGP.22 specifications for remote SIM provisioning.

The CoreESIM module typically resides within the device's secure environment or trusted execution environment (TEE), interacting with the OS via a well-defined Hardware Abstraction Layer (HAL) or dedicated APIs. The OS, through its telephony or connectivity management services, issues commands to CoreESIM for profile operations. CoreESIM then translates these high-level requests into low-level commands executable by the eUICC, managing the secure channel communication (e.g., using SCP03 or SCP80 for secure element access).

eSIM Profile Lifecycle Management

  • Enumeration: CoreESIM exposes functionalities to query the eUICC for all stored profiles, returning metadata such as ICCID, profile name, operator identifier, and current status (enabled/disabled, active/inactive).
  • Activation/Deactivation: The OS instructs CoreESIM to enable or disable a specific profile. An enabled profile is available for network attachment. Only one profile can be active for network connectivity at any given time, as per SGP.22. CoreESIM ensures this mutual exclusivity, managing the transition between active profiles.
  • Deletion: Secure deletion of profiles is critical. CoreESIM handles the cryptographic commands to permanently remove a profile from the eUICC, ensuring no residual data remains accessible. This process often requires specific authentication from the OS, potentially tied to user consent.

CoreESIM is responsible for maintaining the integrity and confidentiality of eSIM profiles. This involves robust authentication mechanisms for all commands originating from the OS, preventing unauthorized profile modifications. It also provides comprehensive error reporting to the OS, detailing specific eUICC responses or internal failures, enabling the OS to present appropriate feedback to the user or trigger recovery mechanisms. The module must strictly enforce access control policies, ensuring that sensitive eUICC operations are only performed by authorized system components.

Adherence to GSMA SGP.22 (and potentially SGP.02 for M2M) is paramount. CoreESIM acts as the interpreter and enforcer of these standards at the device level, ensuring interoperability and security across different eUICC manufacturers and service providers. This includes managing profile metadata, handling security domains, and facilitating seamless profile switching without compromising the eUICC's secure element integrity.