To support widespread deployment of secure IoT solutions based on its Platform Security Architecture (PSA) framework, Arm and its independent security testing lab partners Brightsight, CAICT, Riscure and UL, along with consultants Prove&Run, have announced PSA Certified. At this week’s embedded world exhibition, Electronic Specifier Editor, Joe Bush, caught up with David Maidment, Director, Secure Devices Ecosystem at Arm, to find out more.
Through independent security testing, PSA Certified enables IoT solution developers and device makers to establish the security and authenticity of the data collected from the diverse world of IoT devices.
“In 2017 Arm produced a security manifesto which was a pledge to the industry to work collaboratively in order to really unlock the value of IoT by addressing the security concerns that you have in devices today,” said Maidment. “That pledge within Arm and its partners transformed into a number of initiatives, one of which was PSA. There are three pillars of PSA - analysing threats, architecting against those threats and implementing. It’s free of charge, you can download all of the assets, and we have a number of different threat models that we have developed in partnership with a number of different open industry initiatives.
“What we have announced at embedded world is the fourth pillar - PSA Certified. It’s a really big step that we’ve taken in terms of creating a joint stakeholder agreement. So it’s an Arm led but open industry initiative to certify products against PSA. It will give the industry a trust marker that will allow an understanding of the security model of devices all the way through the value chain.”
PSA Certified enables devices makers to get the security required for their use case through three progressive levels of security assurance which are assigned by analysing the use case threat vectors. For example, a temperature sensor in a field may require different security robustness (level 1) than a sensor in a home environment (level 2) or in an industrial plant (level 3).
Following the testing, all PSA Certified devices will have electronically signed report cards (attestation tokens) for determining which level of security has been achieved, allowing businesses and cloud service providers to make risk-based decisions.
Commenting on the launch of PSA Certified, Maidment added: “The original three pillars that were announced last year have all gone very well and we’ve gained some great momentum working with a broad range of partners, but what we recognised is that we needed a measure metric so the industry knows that guidelines are being met. So it was the right way to start, but it wasn’t enough to fully deliver on the PSA vision, so PSA Certified gives us consistency - if you have a PSA Certified device the industry will understand what that means.”
Level 1 is a document and declare process. “This might sound lightweight,” Maidment continued, “but it’s actually setting the bar pretty high. In order to achieve level 1 certification there’s a set of questions you need to go through to achieve PSA Root of Trust in the device.”
Level 2 will drill deeper into the Root of Trust, focussing more on the silicon implementation which constitutes a month of white box testing. “This is a show me your code approach which looks for evidence that a device has been securely developed and is implementing the Root of Trust functions, and we expect Level 2 partners to be in the lab during the second quarter of this year.”
Level 3 is still in definition but Maidment explained that it will set the bar even higher in terms of robustness. “It could bring in physical attacks, side channel attacks etc and so will deal with more protection against the vulnerabilities of the device over time. We’ll be working with our partners and with the end markets in order to understand where the sweet spot is for Level 3.”
In terms of achieving certification, Maidment explained that Arm have had companies that haven’t met the requirements but also that that in itself validates the scheme. “If everyone achieves level 1 then the scheme would have no meaning. Level 1 is achievable if you have the APIs supported, and hardware separation with a Root of Trust. So we have set the bar at the right level where the scheme can say no.”
As part of the programme, the PSA Functional API Certification enables standardised access to essential security services, making it easier to build secure applications. Free test suites have been published for chip vendors, RTOS providers and device makers to test their PSA APIs and harness the hardware security of the latest silicon platforms.
PSA Certified is already gaining traction with leading silicon and IoT platform providers. Cypress, Express Logic, Microchip, Nordic Semiconductor, Nuvoton, NXP, STMicroelectronics and Silicon Labs have all achieved level 1 certification. Nuvoton and OS provider ZAYA have achieved both PSA Certified Level 1 and PSA Functional API Certification, and Arm MbedTM OS will provide out of the box compliance with PSA Certified level 1 and PSA Functional API Certification in its upcoming March 5.12 release.
“It’s great to have so many of our partners certified and we’re really excited,” said Maidment. “So one of the things I’m doing at the show is going round giving trophies out to the partners which is a nice way of recognising the effort that they have put in to supporting the scheme.”