PSA Certified: Making Secure Digital Transformation a Reality
The industry is at a turning point in security. The PSA Certified 2022 Security Report revealed business leaders have placed security at the top of the priority list and are committed to addressing the lag between the rate of digital transformation and the speed of securing the ecosystem.
As the ecosystem prepares to tackle underlying security concerns, research shows that there are some barriers to overcome. In particular, cost remains a barrier to implementation - physical costs, the cost of security experts, and the price of independent evaluation.
Arm first introduced the concept of a IoT security framework in 2017 and is a co-founder of PSA Certified – a framework and an independent third-party evaluation scheme to build-in the right level of device security.
PSA Certified has scaled to become one of the fastest growing, most valued security ecosystems, globally, and continues to break down the barriers to security. Arm remains an active co-founder of PSA Certified and is heavily involved in providing architecture specifications and security resources.
Access five actions that will reduce the cost of security and forge a more powerful connected future with advice from industry experts in the PSA Certified advisory paper.
PSA Certified Benefits
Accelerates the development of secure systems using a trusted approach designed by experts.
Increase access to global markets, thanks to alignment to industry and government standards, plus emerging IoT legislation.
PSA Certified offers an industry-standard measurement on security implementation, checked by independent labs and third parties.
Four Steps To Ease Security Design
The PSA Certified framework was created to help ensure security is designed into a device from the ground up. The four PSA Certified stages guide security implementation for each specific use case:
- Analyze: the evaluation of assets and assessment of threats to define specific security requirements.
- Architect: the security design based on identified security requirements.
- Implement: the process of bringing together hardware and firmware using open source firmware implementations.
- Certify: assurance that products adhere to security requirements and the 10 security goals outlined by PSA Certified.
Check out this white paper for an in-depth explanation of PSA Certified and an overview of the four stages.
Regulation and Security: The Multiplier Effect
As the number of connected devices continues to rise, combined with enhanced interoperability, this has led to an accelerated risk of cyber threats.
Read the PSA Certified Security 2023 report to learn how security investment is growing in response to customer demand, how the conversation is shifting to align with new regulation and how standards are building public trust.
Growing Industry Momentum
Built on industry best practices, PSA Certified goes beyond outlining security rules and guidelines, providing practical implementation guides and tools.
Arm works closely with the other PSA Certified founders to simplify and accelerate the path to more secure systems, redefining security for connected devices. Many industry leaders have already pledged their support for PSA Certified with over 55 products certified today.
Over 130 total PSA Certified products
Over 75 PSA Certified chips
Over 25 PSA Certified OEM devices
Over 20 PSA Certified software platforms
Industry Solutions
The Arm Ecosystem: Security Made Simple
Arm puts security at the heart of every connected product. Originally spearheaded by Arm with support from CAICT, ProvenRun, Riscure, SGS Brightsight, TrustCB, and UL, PSA Certified provides a security-by-design scheme that starts with the root of trust and aligns to the cybersecurity requirements of USA, Europe, and China.
Arm is committed to making security easier to achieve using the Arm architecture. We continue to provide industry-leading security specifications and guides, paving the way for a more secure, connected world.
Arm Ecosystem
Delivering a seamless software experience across a secure Arm ecosystem, PSA Certified is one of three pillars in both Project Cassini and Project Centauri. PSA Certified plays a central role by uniting the ecosystem under a common security language.
Specifications and Guides
Arm provides security architecture specifications and guides to help architects and engineers develop the necessary hardware and firmware to build a Root of Trust and meet PSA Certified requirements.
PSA Certified APIs
The PSA Certified APIs provide programming interfaces within the device to underlying security services implemented into the silicon root of trust. They ensure application developers can leverage trusted functions while reducing time-to-market and security efforts. The PSA Certified APIs have been available from Arm for many years, and have now been moved into an open public GitHub repository to enable collaboration.
Trusted Firmware
Trusted Firmware provides an open source reference implementation of the PSA Certified guidelines by complying to the platform security architecture specifications and providing reusable components to build in fundamental security functions for devices based on Cortex-M and Cortex-A. The software ensures easy porting to chips and platforms and creates a trusted environment. Delivered in a CMSIS pack, the stack can be easily configured and adapted to custom hardware in several IDEs, including Arm Keil MDK.