The Framework for Securing a Trillion Devices

The Arm Platform Security Architecture (PSA) is a framework that helps accelerate time-to-market with low-cost, integrated security built from the ground up. It outlines common standards for the industry, providing both hardware- and firmware-based security to all devices, at the initial design stage. The PSA takes a holistic and scalable approach to ensure alignment across the entire IoT industry.

The resources here guide you through the three phases of PSA, with key documentation and specifications to help you build a more secure device. Our video explains what PSA is and the white paper provides a comprehensive overview.

Three Key Phases to a Secure Device
Learn more about the three stages of the Platform Security Architecture.

The first stage of PSA is to analyze the value of your assets and the threats they face. Threat Models and Security Analyses (TMSA) documents can help, and provide functional requirements needed to mitigate these threats.


To ease development, Arm provides three examples of TMSA documents, created for three common IoT use cases completely free of charge. Learn more about TMSA documentation and why it's important in this blog.

Asset Tracking

Asset Tracker TMSA

Water Smart Meter

Smart Water Meter TMSA


Network Camera TMSA


Once you’ve established your security recommendations, the next step is to put them into action. The architect stage focuses on applying the recommendations from the analyze phase. Resources include open source documentation, outlining the architecture specifications for firmware and hardware.


As security becomes more complex, Arm understands that all developers need access to high quality reference code and documents.

Trusted Firmware-M (TF-M)

Trusted Firmware-M is the open source reference implementation firmware that conforms to the PSA specifications, making security simpler, more cost effective, and more efficient. Learn more about Trusted Firmware-M in this blog post. 

APIs and API Test Kits

PSA APIs and API test kits enable a consistent developer experience and ensure application interoperability across different hardware implementations of the device Root of Trust. 

Note: API Test Kits are available today for Firmware Framework and Trusted Base System Architecture and Crypto API is available at Alpha.