How Intrinsic ID Became the World’s First IP Vendor with a PSA Certified Level 3 Root of Trust Component

Skip to content

The rapid growth of the internet of things (IoT) has caused a parallel concern for the security of billions of connected devices. Any unprotected device could become the entry point for an attack on the device itself, or the networks on which it runs. According to the PSA Certified 2023 Security Report, 58% of technology decision makers say they consider building devices with trusted components or on a root of trust (RoT) as the most essential factor in creating secure devices and a more secure future. To secure the IoT, each piece of silicon in the supply chain needs to be trusted.

The best way to achieve this is by using a hardware-based root of trust for every device. This is a seemingly unachievable goal; however, collaboration among industry players on standards and certifications can make it more attainable.

Intrinsic ID QuiddiKey 300 is the world’s first IP to be awarded “PSA Certified Level 3 Root of Trust Component” certification. This certifies that the IP includes substantial protection against both hardware and software attacks. It allows chip designers creating high-value assets to fast-track their products for full PSA Certified certification and helps to ensure supply chain integrity, chiplet security, and protection against reverse engineering. Certification is essential for security-critical IoT market verticals such as healthcare, critical infrastructures, and smart consumer products as outlined in the US Cyber Mark Program.

We prioritized PSA validation for QuiddiKey 300 because we believe in a standardized approach to device security, underpinned by certification. PSA Certified is an objective and comprehensive process to developing lab-validated components on which a robust and secure IoT can thrive. We are thrilled to be the first-ever IP vendor to achieve PSA Certified Level 3 RoT Component certification with QuiddiKey 300. This gives our customers access to certified, robust security components that will help build a more trusted IoT and comply with applicable legislation.

Pim Tuyls, CEO of Intrinsic ID

The mission of Intrinsic ID is to make it easy to secure any smart device and make the connected world safer. That is why our PUF IP enables chip designers to build secure key vaults and provision their chips with an unclonable identity in the most secure, seamless, and cost-effective manner. We commit ourselves to developing security solutions that adhere to the highest quality standards. The PSA Certified and SESIP (Security Evaluation Standard for IoT Platforms from GlobalPlatform) certifications enable us to demonstrate the quality of our products and make them available for security-critical markets that need to adhere to specific standards.

The Intrinsic ID PUF technology has already been field-proven through more than a decade of deployments on over 500 million chips. With the QuiddiKey 300 hardware IP becoming the world’s first IP solution to be awarded PSA Certified Level 3 RoT Component certification, we have achieved a new milestone. This certification ensures that the IP includes substantial protection against both software and hardware attacks (including side-channel and fault-injection attacks) and is qualified as a trusted component in a system that requires PSA Certified Level 3 certification.

Earning Digital Trust

QuiddiKey 300: The First Root-of-Trust IP PSA Certified Against Physical Attacks

With the rapidly growing IoT come equally fast-growing security concerns. Root-of-trust technology is needed to help deal with these threats and it is even better to have this technology certified. This is why the PSA Certified initiative is so important for our industry. This white paper describes how PSA Certified evaluation works and how Intrinsic ID was able to become the first-ever IP vendor to achieve PSA Certified Level 3 Root of Trust Component certification with their hardware IP solution QuiddiKey.