The Framework for Securing a Trillion Devices

The Arm Platform Security Architecture (PSA) makes it quicker, easier and cheaper to design security into a device from the ground up. Built on industry best practices, it outlines common standards for security.

These resources guide you through the four phases of PSA: analyze, architect, implement, and certify.

Read the overview white paper for more information on PSA.


Download Overview White Paper
 
Analyze

The first stage of PSA is to analyze the value of your assets and the scope of threats they face. Threat Models and Security Analyses (TMSA) documentation can help with this modelling, and provide the functional requirements needed to mitigate these threats. 

To speed up development, Arm provides freely available examples of TMSA documentation, created for three common IoT use cases. Learn more about the analyze phase and the TMSAs in this blog.

Asset Tracking

Asset Tracker TMSA

Water Smart Meter

Smart Water Meter TMSA

Webcam

Network Camera TMSA

Architect

The architect stage focuses on applying the security requirements developed in the analyze phase. Architecture specifications outline these requirements, and the PSA Security Model provides important terminology and methodology as part of the foundation for other PSA specifications. 

Implement

The implement stage provides an open source reference code and three sets of APIs that conform to the PSA architecture specifications for a consistent developer experience.

Certify

The certify stage uses the PSA CertifiedTM scheme to provide independent security evaluation of PSA-based IoT systems. It establishes trust through an assurance program for chips, OS and devices that use a Root of Trust (PSA-RoT) to provide security functions to the platform. There are three progressively increasing levels of assurance and robustness, so you can choose the appropriate solution.

Read the PSA Certified Overview

PSA Developer APIs help ensure the easy use of PSA-RoT security functions. Chip vendors and OS suppliers can use downloadable test suites to prove PSA API compliance. This program is called PSA Functional API certification.  Download resources and view PSA Certified products.

Application Guide: Smart Door Lock

For a real-life IoT use case designed to PSA specification, download the Smart Door Lock Application Guide. 

Download Application Guide