IoT Device Security: Simplifying the Journey for OEMs

Skip to content

With over 75 PSA Certified partners, it’s no surprise that most of the world’s top chip vendors have invested heavily in their security solutions and have adopted the PSA Root of Trust as their secure foundation. This blog outlines how device manufacturers can make use of this security foundation, meet international cybersecurity requirements, and demonstrate they are following IoT security best practice.

Digital transformation is continuing to grow at an unprecedented rate. According to the Statista Research Department, it is expected that there will be over 74 billion IoT devices fueling digital transformation by 2025. Each connected device brings new levels of connectivity, service, and efficiency. However, this growth of IoT devices also brings with it increasing concerns about security. It is estimated that 70% of companies who employed IoT devices have experienced attempted or successful hacks. With the average hack costing more than $330,000 businesses are waking up to the risks of digital transformation.

Consequently, device manufacturers (OEMs), are under increasing pressure to meet cybersecurity baseline requirements in all their connected devices. The fragmented environment of IoT security has brought increasing complexities and a lack of expertise can hold back implementation of the right security counter-measures. Securing your IoT devices is no longer optional, but you also do not want to add unnecessary cost and time to your projects. How can you combat these challenges and implement best practice security?

In this blog, we walk through the fundamental steps of security design and implementation to ensure your products are built with the right level of security, without unnecessary complexity. Doing a good job of designing-in hardware-based security can help protect your brand, enhance your revenue, and strengthen your reputation.

How Can PSA Certified Help You Implement Best Practice Security?

PSA Certified makes it easier and quicker to embed security into the heart of your device. The PSA Certified framework breaks down IoT security design and implementation into a four-step process, reducing complexity and allowing you to design-in right size security without impacting product development or time-to-market and without increasing costs. The growing ecosystem of PSA Certified silicon and software platforms lets you leverage the security expertise from the value chain: you can select pre-certified silicon and software components for your device and implement the 10 security goals to achieve PSA Certified Level 1 – demonstrating device-level security best practice.

Step 1: Define Your Security Requirements

When building a new IoT device it is crucial to understand the security requirements for your specific device. This requires a threat model that considers the device’s assets (such as cryptographic keys), the threats in scope (e.g., does the device need to protect against physical attacks as well as software attacks?) and results in a set of security functional requirements that are specific to the device and its usage.

When building a new IoT device it is crucial to understand the security requirements for your specific device. This requires a threat model that considers the device’s assets (such as cryptographic keys), the threats in scope (e.g., does the device need to protect against physical attacks as well as software attacks?) and results in a set of security functional requirements that are specific to the device and its usage. This video gives you some insight into threat modeling in more detail.

At this stage, the security requirements are implementation independent: there are often several ways that security could be designed-in to meet them. The PSA Certified founders provide three editable Threat Model and Security Analysis (TMSA) documents, that use a systematic approach to threat modeling, to guide you with your own analysis. We recommend you download the TMSA examples and use them to create your own unique TMSA document for your product.

Alongside the TSMA documents, the PSA Certified 10 Security Goals outline the high-level security principles for IoT products. Although every product has unique functional and security requirements, these goals outline the common objectives that should be met in every connected device. They inform the whole security framework and provide a practical checklist to follow. The PSA Certified Level 1 security questionnaire is developed upon the 10 security goals and regionally important cybersecurity baseline requirements that can be used by chip vendors, software platform providers and device makers to demonstrate you are following these basic security principles.

Step 2: Choose a Chip

A basic output of your threat model should be a decision on the robustness needed for the chip’s Root of Trust: does it need to protect against only remote scalable software attacks? Or does it need to also protect from substantial (local) physical attacks? For most consumer goods with unique keys or certificates per device, protecting the device against software attacks might be sufficient. However, if the assets are very valuable or if the device has a shared private key (which is not advisable) then protection against physical attacks is likely to be needed. PSA Certified offers multi-level certification at the chip level with increasing robustness and a specific focus on the Root of Trust. This enables you to make informed decisions when choosing different components for your device. There are three levels of silicon security assurance:   

PSA Certified Level 1 ensures basic security principles have been applied

PSA Certified Level 1 – Indicates that the chip vendor completed the chip assessment section of the PSA Certified Level 1 questionnaire to the satisfaction of the evaluation lab. Confirming that they have a hardware isolated Root of Trust that can do secure boot, secure storage of keys and best practice crypto.

Format so the relevant logo is next to the relevant Level.

PSA Certified Level 2 – The chip’s Root of Trust is penetration tested against software attacks by a third-party evaluation lab.

PSA Certified Level 2 demonstrates protection against software attacks

PSA Certified Level 3 – The chip’s Root of Trust is penetration tested against substantial physical and software attacks by a third-party evaluation lab.

Step 3: Integrate Your Software Platform

Integrating the system software with the chip’s Root of Trust enables the developer to leverage hardware security. Many chip vendors and software platforms support the PSA Certified APIs, which provide a common software interface between the trusted services of the Root of Trust and the OS/platform software. This dramatically simplifies security development at the device-level as applications can leverage the silicon security and can easily be ported to different chips, reducing development costs, and providing scalable robustness depending on end-market requirements. 

Additionally, if the software platform is PSA Certified Level 1, this further simplifies certification at the device level.

We are very excited that the AzureRTOS is PSA Certified. The AzureRTOS team has done an incredible job in integrating individual hybrid components. They know what it takes to do that securely in such a way that they take advantage of hardware security as offered by the hardware platforms – the MCUs. PSA Certified is important to us because of that and is a nod that we are moving in the right direction and being recognized for that.

Eustace Asanghanwa, Principal Program Manager for Security, Azure IoT, Microsoft

Step 4: Certify Your Device

The final stage of the journey for you is to certify your IoT product. One of the key benefits of PSA Certified for OEMs is the ability to reuse chip and system software certifications in your device certification. This layering makes security certification easier and quicker for the value chain; if you have selected a pre-certified chip and the software platform was also already certified, you only need to fill out a response to the top-level security questions in the PSA Certified Level 1 questionnaire, which is less than 20 questions.

You should also complete the security mappings in PSA Certified Level 1 for various important cybersecurity baselines such as NISTIR 8259A , EN303645 and Californian State Law SB-327. These mappings are contained in the PSA Certified Level 1 questionnaire appendices. The PSA Certified founders, otherwise known as the JSA members, continually review and assess emerging requirements to ensure that the scheme aligns with these documents as they develop. Following device certification, the device is then showcased on the PSA Certified website, helping businesses understand that the chip, system software and device work together to meet internationally recognized best security practice.

Eurotech have certified our product at PSA Certified Level 1. We try to show our customers, not only that we have technical skills, but that those technical skills have been applied to a secure development process, to a secure life cycle of the product that we make, and with third party assessments of those skills.

Marco Carrer, CTO, Eurotech

PSA Certified: Revolutionizing IoT Security

PSA Certified is revolutionizing embedded security, offering a single framework that can be used across the value chain. This tackles the key barriers of IoT security for device manufacturers who are facing increasing expectations from customers for strong device security. Suik Hwang, CEO, Security Platform Inc., notes how this common framework is unique to PSA Certified: “Only the PSA Certified program provides detailed guidelines for the system architecture, not just the application layer. PSA Certified is very organized across all layers and helps us avoid inefficient and lengthy development.”