Close Search

PSA Certified Level 2

Evidence of protection against scalable, remote software attacks through lab-based evaluation of chips with a PSA Root of Trust security component

During PSA Certified Level 2 evaluation, penetration testing is carried out on the PSA Root of Trust (PSA-RoT), a trusted domain within a chip. The PSA-RoT provides trusted security functions that the rest of the system relies on, and as a result, acts as a source of confidentiality and integrity.

PSA Certified Level 2 at a Glance:

Attack Methods

The evaluation methodology is inspired by ANSSI CSPN which is a practical, time limited, approach to penetration testing. A key document for Level 2 is the PSA-RoT Protection Profile (PP) that focuses on scalable software attacks and establishes nine security functions that will be tested in the lab.

PSA Certified Level 2 is aimed at IoT devices that need to protect against scalable remote software attacks. Device makers who use a PSA Certified Level 2 chip to store confidential cryptographic keys in the PSA-RoT should make them unique per device. This will prevent creating a “honeypot” for physical attacks, including side-channel attacks.

Further information on the attack methods at PSA Certified Level 2 can be provided by the PSA test laboratories.

Pre-Certification For Chips with a PSA-RoT – PSA Certified Level 2 Ready

PSA Certified Level 2 Ready provides a pre-certification security assessment of a PSA-RoT to demonstrate solutions that protect against scalable remote software attacks.

Designed to fit the needs of trusted hardware and trusted software vendors, PSA Certified Level 2 Ready is widely applicable to developers seeking a pre-certification assessment. Level 2 Ready is suitable for systems that use FPGA or test-chip based hardware.

Pre-certification using PSA Certified Level 2 Ready provides confidence for developers who later seek a full PSA Certified evaluation.

When proceeding from PSA Certified Level 1 to a Level 2 Ready evaluation, the Security Target should clearly identify which Security Functional Requirements (SFRs) are being claimed. As an example, Arm has prepared a security target for Level 2 Ready using Arm Musca-B development board and Trusted Firmware-M v1.0 that is available to developers from the PSA test laboratories.

PSA Certified Level 2 Ready at A Glance:

Getting Started with PSA Certified Level 2 and Level 2 Ready

To get started, chip vendors should download the PSA Certified Level 2 Protection Profile, that explains the threats in scope and nine security functions being tested in the lab.

Once the PSA-RoT has been developed, a test lab should be selected to begin security evaluation.

Next Steps

Find PSA Certified Level 2 resources including the PSA-RoT Protection Profile

Get Started