Analyze: Identify Right-Size Security for your IoT Product

Understand the assets, threats, and counter-measures needed for your specific product, and embed security into every element and process during product development.

Threat Modeling and the Platform Security Model help you create products with right-size security, and ensure you aren’t over-spending on security nor exposing your device, organization or customers to unnecessary risk.

Follow the Threat Modeling Process

The outcome: A Threat Model and Security Analysis document

The PSA Certified ecosystem has provided threat model and security analysis (TMSA) documents for three use cases. These editable documents follow a systematic process for threat modeling.

A device manufacturer can download these examples and use them to create a threat model and security analysis document for their own specific use case.

Align to the PSA Certified 10 Security Goals

Alongside use case-specific requirements, PSA Certified outlines top-level requirements for IoT products, sharing 10 Security Goals that should be implemented and considered in all IoT components. These are outlined in the Platform Security Model.

If you’d like to learn more about how the 10 Security Goals were defined, you may find the Platform Threat Model and Security Goals document useful.

Resources

The PSA Certified founders have provided the Security Model and TMSA documents.

Three published example Threat Model and Security Analysis (TMSA) documents are currently available, these can be downloaded and adapted for new use cases.