Our Approach to IoT Security

Skip to content

Successful digital transformation needs trusted data, which can only come from secure devices. Despite a growing appetite for IoT security, barriers to best practice security design and implementation remain. PSA Certified is a global partnership combating security challenges and uniting the IoT ecosystem under a common security baseline. By providing an easy-to consume, comprehensive methodology for the lab-validated assurance of IoT security, PSA Certified is helping to unlock the possibilities of a connected world.

The Turning Point for IoT Security

While the rate of IoT security adoption has historically lagged behind the pace of digital transformation, the recent pandemic has propelled an industry-wide imperative to rectify this, placing trusted components and the Root of Trust at the centre of technology deployment.

As the number of hacks continues to rise consumer confidence started to dwindle, impacting adoption rates and delaying digital transformation. In response, the industry have prioritized IoT security, highlighting a universal desire to build a more secure IoT ecosystem to deliver assurance and allow deployments and services at scale.

PSA Certified believe that a standardized approach to IoT security, underpinned by certification, is key to overcoming these challenges and bridging the gap between the reality and expectations of IoT security. This view is backed by research: 96% of tech decision makers are interested in the development of an industry-led set of guidelines (rising from 84% in our previous survey) to build a collaborative approach to IoT security, with certification offering an independent measure of conformance to industry best practice.

Founded by Industry Experts

Arm Logo
Riscure Logo
ProvenRun Logo
TrustCB Logo
UL Logo

The Value of Certification

95% of tech decision makers reacted positively to the suggestion that collaborative, common certification can be a differentiator in the market. Independent certification provides an objective view of standardized security, ensuring critical principles are implemented. World-leading evaluation laboratories guide the security evaluation and certification of PSA Certified products. SESIP labs, licensed by the PSA Certified certification body TrustCB, can also evaluate products in line with the SESIP methodology. Third-party evaluation moves the industry away from a “trust me, it’s secure” mentality and towards a more formal approach based on documented evidence. A common baseline of security paired with independent evaluation defragments the ecosystem, simplifying IoT security for the entire value chain and building trust in connected devices.

PSA Certified is the fastest way for our customers to have confidence in the security of the devices we build

Dr. Juan Nogueira, Sr. Director, Connectivity Center of Excellence, Flex
Juan Nogueira
More partner stories

Building-in Foundational Security

PSA Certified and its ecosystem are creating a secure-by-design culture where security is implemented from the beginning of product development. Building-in security starts with two key foundational security measures that should be embedded into every connected device.

Firstly, PSA Certified outlines high-level IoT security principles in the 10 security goals. Although every product will have unique security needs, these goals define the common requirements that should be met in every connected device. With security best practice in place, products and features can be developed in an ecosystem built on a reliable security baseline.

The second principle is a Root of Trust (RoT). This is a foundational security component, built into the silicon, that completes a set of implicitly trusted functions that the rest of the system can use to ensure security. The PSA Root of Trust (PSA-RoT) fortifies security at the heart of an IoT device by building it into the silicon, providing a source of confidentiality and integrity for the whole value chain.