PSA Certified is important to Nordic Semiconductor because it provides what I like to call a seal of approval – a stamp to say, ‘this device provides a level of security that you need’
Svein-Egil Nielsen, Chief Technology Officer, Nordic Semiconductor
Below we explore six ways the comprehensive framework and assurance program ease the path to security
1: Shifting the Economics of Security
PSA Certified dramatically reduces the upfront cost of security, by making it quicker and easier to design-in security. It offers a full framework and technical support, as well as certification scheme. As the framework has been curated by security experts and aligned with government standards and legislation, it also reduces risk whilst lowering the total cost of ownership (TCO).
2: Encouraging Right-Sized Security
The scheme gives you the tools you need to identify the right level of security for your product or device. That means you can filter out options that do not meet your requirements, which helps you reduce time-to-market.
3: Reducing Security Complexities
PSA Certified comprises an easy-to-use security framework and common security components such as APIs that are supplied by world-leading organizations. This makes security easy to implement. It also helps you check you’re doing the right things and creates an audit trail.
4: Aligning Multiple Requirements and Regulations
It can be challenging to make sense of the expanding set of IoT standards, framework and laws. PSA Certified aligns to key regulations from the US and Europe and continues to map to emerging regulations. Ship at scale while conforming to local regulations and showing compliance across georgraphies.
5: Removing IoT Security Fragmentation
The IoT is diverse, which creates significant opportunities for innovators but also increases the complexity of securing a connected device. PSA Certified provides clarity with different levels of security and a common language that is easy to understand. It helps you address your day-to-day security challenges without limiting the potential of the technology.
6: Providing Certainty
Most chips and products aren’t independently tested but PSA Certified offers impartial evaluation and certification.
PSA Certified makes it easy to communicate with our partners across the industry. We can ask them what level of security they need and that means we know what protection to build into the chip. It also gives consumers certainty – they know what kind of security that device provides.
Jason Lin, VP, MCU Business Group, Nuvoton
Today IoT security challenges are driven by a climate of continuous change and rapid evolution for both the technology and the threats, multiplied by the larger number of devices in operations, as well as a growing numbers of security frameworks from public and private organizations. PSA Certified is looking to address those challenges, helping to meet the promise of security by design.
Carlos Serratos, Senior Director Strategy, Policy and Advocacy, Brightsight
There is a good match between software and hardware, which makes it easier to implement and also easier to ensure the security gaps between the two are closed.
Dragos Davidescu, Chief System Architect, Fellow, ST Microelectronics
Who Benefits from PSA Certified?
The framework and assurance scheme have been designed to support the entire value chain.
The scheme aligns with the key government requirements to give you a head-start on adherence with emerging laws and standards, and helps you showcase your investment in security.
PSA Certified helps you prove you have a well-designed Root of Trust (RoT) in your products and provides evidence of your investment in security.
System Software Providers
It provides streamlined access to chip security functions and evidence of your security proficiency. Align to security regulations and showcase your security expertise
Middleware and IoT Application Developers
It offers key reusable code to make use of complex security with improved time-to-market and without needing specific security expertise.
The scheme gives you a better understanding of the devices you are procuring for your business and how secure they really are.
Cloud Service Providers
It is an easy way to understand a device’s credentials before it connects to your network through Entity Attestation Tokens.
PSA Certified is an existing and well-developed scheme built by industry experts, which means you don’t have to reinvent the wheel, or invest in new research.