Building trust through independent security assessment
The Platform Security Architecture (PSA) has been created to improve the security and trust of Internet of Things (IoT) devices and their data. PSA enables a consistent approach to building-in security that can be used by the entire ecosystem and scale from high end devices to the lowest cost microcontrollers. PSA can be thought of as providing the recipe (architecture documents) and ingredients (open source code, threat models, development boards and models) to make security easier and quicker for our partners. Through this approach we are working with the electronics industry to make the development of trustworthy chips, firmware, software and devices more straightforward.
PSA Certified is the independent security evaluation scheme for PSA based IoT chips, OS and devices. It aims to build trust for the IoT value chain that starts with a multi-level assurance program for chips containing a security domain called a Root of Trust (PSA-RoT). The multi-level assurance scheme helps device makers and businesses get the level of security they need for their use case, based on security requirements established during the analyze phase of PSA.
PSA Certified is the fourth step in the PSA developer flow. By focusing on the common parts of IoT systems and the central role of the PSA-RoT in providing a trustworthy security domain we have created a security evaluation scheme that can apply to many use cases and markets. It has been designed to be cost effective, fast to market and available at multiple test labs on day one.
To make it easier for developers to use the PSA-RoT security functions, a set of high-level PSA Developer APIs has been created. An API compliance program enables chip vendors and OS providers to claim PSA Functional API certification that can help build a consistent developer experience.
PSA Certified represents the fourth step, “Certify”, in the Platform Security Architecture process:
- Analyze. Create a threat model to work out your security requirements.
- Architect. Use the PSA security architecture to build in security and trust.
- Implement. Port the Trusted Firmware-M open source software to chip hardware to form a PSA-RoT or develop equivalent functionality using secure development processes.
- Certify. Use PSA Certified and independent test lab evaluation to provide security assurance to your customers.
The architecture documents, APIs and PSA evaluation scheme are published as public documents. They have been designed to fit well with the needs of resource constrained systems using microcontroller based chips. Certification requires the developer to work with a test lab so it is recommended that the specific step by step details are discussed with one of the PSA test labs.
Building secure chips and devices for IoT is non-trivial. The documents, deliverables and testing scheme of PSA Certified have been designed to make the path easier, quicker and more affordable for the electronics industry. Chip vendors, RTOS companies and OEMs who have their products PSA Certified can showcase their solutions on this website and use PSA Certified trademarks and logos appropriately. You can request a trademark agreement using the contact us form.