IoT Security Certification for Device Manufacturers

Skip to content

PSA Certified offers a thorough security framework, with a comprehensive set of supporting resources, to enable certification of IoT security implementations using third-party evaluation labs. Strengthen your brand, protect your revenue and enhance your reputation with a PSA Certified Level 1 device certification and help build trust in the IoT.

Combat IoT Security Challenges for Device Manufacturers 

Security is no longer an optional feature, however, the implementation of IoT security still poses significant challenges for device manufacturers (OEMs). The annual PSA Certified Security Report consistently hears that the ecosystem is struggling with additional cost of security as a top barrier to improving it, this is particularly true for OEMs who need to closely manage the cost per unit associated with a device. Similarly, the report also found that OEMs are tasked with meeting the requirements of a range of fragmented global standards and regulations, something that nearly half of respondents considered a top security challenge.

Low Cost with Minimal Risk

PSA Certified lowers business risk and the cost of security with a comprehensive framework and simple certification program.

Fast Alignment with Legislation and Standards

PSA Certified gives you access to global markets, because it aligns with major industry and government standards and IoT legislation.

Methodically Created and Independently Tested

The certification program was created methodically by industry-leading experts. Independent and unbiased assessment creates a comprehensive scheme.

Streamline Product Security with the PSA Certified Ecosystem

As  part of its mission to simplify IoT security for device manufacturers, PSA Certified was developed with a composite format that allows you to leverage security expertise from the value chain. The easiest route to achieving PSA Certified Level 1 is by selecting pre-certified silicon and a pre-certified software platform for your device and then implementing the 10 security goals. By choosing PSA Certified products, you can consume the certifications of silicon vendors and system software providers. This fast-tracks your certification as only the “device” questions in the PSA Certified Level 1 questionnaire need to be answered, that is less than 20 questions.

PSA Certified offers multi-level certification for silicon with increasing robustness focused on the PSA Root-of-Trust (PSA-RoT). After completing a threat model, the three levels of robustness allow you to make an informed decision and easily select silicon with the right size security for your device. Our rapidly growing ecosystem of certified silicon and software platforms provides greater choice and flexibility than ever before.

Reuse Certifications for Market-Specific Standards

Products that have achieved PSA Certified Level 1 can be reused in other schemes, enabling alignment with end market and vertical applications. We’re proud to have many tier one companies encouraging their component vendors to achieve PSA Certified certifications, plus alignment with ioXt alliance and UL, which both offer fast-tracked certification, based on the recognition of an already established PSA-RoT.

One challenge we faced was how to cost-effectively implement a secure product. We have a small development team without the luxury of a full-time device security expert. Being able to start with a PSA Certified solution at the chip level reduced the project risk that a major security vulnerability would be found at the end of the project, which could have potentially required a major redesign

Cristin Dziekonski – Chief Systems Architect, Smart Farming Solutions, Fluence

Reducing Fragmentation of Standards and Legislation

The fragmentation of standards and regulations is widely agreed as the biggest IoT security challenge. To combat this, PSA Certified Level 1 aligns with major global guidelines and legislations including ETSI EN 303 645, NIST 8259A, and Californian State Law SB-327, facilitating the global applicability of your connected devices. We’re also actively aligning with upcoming regulations and standards including UK DCMS, ENISA, IEC 62443 4-2  and CSA-311. Emerging requirements are continually reviewed and assessed to ensure the framework aligns with most major standards.

RequirementPSA Certified Level 1 version 2.0ETSI EN 303 645NIST 8259ASB-327
Authentication/PasswordXXXX
ConfigurationXX
CryptoXXX
HardeningXXX
LoggingXX
PrivacyXXX
Secure StorageXXX
UpdateXXX

Real-World Applications

The PSA Certified partnership is continuing to gather momentum at a rapid pace. Industry-leading device manufacturers, from a range of markets, are working with PSA Certified to make their devices more secure and are seeing the real-world benefits of certification.

Arrow Electronics

Learn how Arrow Electronics and PSA Certified are collaborating on to increase trust with end-customers.

Read More
Read More

Flex

Learn how Flex’s PSA Certified products are unlocking new business models in healthcare and construction.

Read More
Read More

Fluence

Fluence used PSA Certified to tune their security requirements and establish a proof-point for their investment in security.

Read More
Read More