What is Platform Security Architecture?
Platform Security Architecture (PSA) is a security certification scheme for Internet of Things (IoT) hardware, software, and devices. It was created by Arm Holdings, Brightsight, CAICT, Prove & Run, Riscure, TrustCB, and UL as part of a global partnership. Arm Holdings first brought forward the PSA specifications in 2017 to outline common standards for IoT security, with the PSA Certified assurance scheme launching two years later in 2019. The application of the PSA consists of four key phases1:
Phase 1: Analyze. Carry out a risk analysis and create threat models, taking key factors into consideration such as assets that need protection, potential threats, the scope and severity of threats, and the different types of attacks and methods that may be used to exploit vulnerabilities. Develop security objectives and the functional requirements established to mitigate the threats.
Phase 2: Architect. Following analysis of a device, security recommendations are generated based on the value of the device assets and the list of potential attacks that threaten those assets. Phase two focuses on creating a system architecture that is capable of delivering the security requirements and describes this architecture in the PSA specifications.
Phase 3: Implement. Trusted Firmware-M (TF-M) is a reference implementation of the PSA specifications for IoT devices. TF-M is an open source, open governance project, and is available at www.trustedfirmware.org, alongside the existing Trusted Firmware-A project that targets Cortex-A-powered mobile devices.
Phase 4: Certify. The certify stage uses the PSA Certified scheme to provide independent security evaluation of PSA-based IoT systems. PSA Certified is an independent security testing program devised by several companies that make up the PSA Joint Stakeholder Agreement members. PSA Certified enables IoT chipsets and devices to be tested in laboratory conditions, to evaluate their level of security, and to help developers and customers trust that they can achieve the level of security they need. Working with leading test labs, PSA Certified provides multi-level assurance for devices, depending on the security requirements established through analysis of threats for a specific use case. There are two types of certification: Multi-level Security Certification and Functional API Certification. PSA Certified provides a multi-level assurance and robustness scheme, to meet the security needs of specific use cases. The certification scheme uses independent test labs to review the security requirements of the generic parts of IoT platforms and system-on-chips. There are three progressive levels of security certification:
- Level 1: The foundation of PSA Certified. Achieving the first level of PSA Certified requires completion of a critical security questionnaire, based on PSA security model goals and IoT threat models. There are different forms depending on if you are a chip maker, OS provider or device maker and, once complete, the questionnaire is reviewed alongside a PSA Certified lab check of your product.
- Level 2: Lab-based evaluation. Level 2 is aimed at chip makers and includes a 25-day lab-based evaluation against the PSA Root of Trust (PSA-RoT) protection profile. This time-limited evaluation makes the scheme affordable and efficient, and tests for both software and light-weight hardware attacks.
- Level 3: Currently under development. Level 3 will support more extensive attacks, such as side channel and physical tamper, and it will come to market in the near future. There is also room for additional device-level evaluation, such as market vertical-specific devices. We will share more information on this later in the year.
1 Sanasi, 2020, “Platform Security Architecture [2/2]: The Four Phases”