At the Embedded World show in Nuremberg last week ARM announced a security certification system for PSA with security testing lab partners Brightsight, CAICT, Riscure, Underwriters Laboratory and security consultants Prove&Run as the entities that will perform the testing. These six companies have developed PSA Certified jointly.
The PSA was announced in 2017 and has now been fleshed out as a three-level framework that shows IoT designers how to create a secure connected device. It provides a methodology for security but goes beyond instructions and principles, and includes threat models and security analysis documentation, hardware and firmware architecture specifications, downloadable trusted-source firmware and API test kits.
An example of the three-level system is the security around a temperature sensor. In a field it may require different level of security robustness (level 1) compared to a sensor in a home environment (level 2) or in an industrial plant (level 3). Following the testing, all PSA Certified devices have electronically signed report cards (attestation tokens) for the level of security that has been achieved, allowing system developers and service providers to make risk-based decisions.
The first PSA certified products are now becoming available in the form for particular microcontrollers and SoCs from the likes of Cypress, Microchip, Nordic, Silicon Labs, STMicroelectronics. Not surprisingly these are all based on ARM processor cores.
However, at the show John Ronco, vice president and general manager of embedded and automotive business for ARM, pointed out to eeNews Europe, that PSA is open to other processor architectures. “The PSA does not mandate particular IP blocks or technology or crypto IP cores and so on. It doesn’t have to be ARM. It is not ISA-specific,” Ronco said.
Next: Administration, copyright and trademark issues
When asked if chips made from processor cores and secure IP from RISC-V and others could be PSA certified, Ronco re-iterated that PSA Certified is not ISA-specific. Right now, PSA Certified is gaining traction from the ARM ecosystem partners because it gives them a point of differentiation, Ronco said.
“The PSA is a methodology for security and covers things like roots of trust, methods of authentification, threat models and so on. What is also important is that it provides a consistency around the language,” he said. The language consistency is important for helping engineers understand and communicate the issues around security.
The three defined security levels are there because one size does not fit all and maintaining security is about managing risk and applying the appropriate level of engineering resources, Ronco said.
Similarly given that security threats will change over time it becomes necessary that there is over-the-air updating of security, Ronco said, which in turn means there needs to be a secure method for managing the updating of security.
Paul Williamson, general manager of emerging businesses at ARM, also stressed the open nature of PSA, in a statement. “PSA gave the industry a framework for standardizing the design of secure IoT devices, and PSA Certified brings together the leading global independent security testing labs to evaluate the implementation of these principles.”
One thing that would probably have to change before other IP providers would be ready to get involved is the status of the PSA administration. Right now such things as copyrights, trademarks and logos are owned by ARM. It would probably be necessary to set up an independent, consortium-owned collaborative engineering group to take control of these things.
Related links and articles: