PSA Certified

What is PSA Certified?

PSA Certified is a well-rounded assurance scheme that has been methodically developed using threat models, security goals and worldwide government and industry standards. It builds on the foundations of the Platform Security Architecture (PSA), which was a framework introduced in 2017 to make security easier to implement and manage at scale, even if you are not a security expert.

The program has been designed to ensure that security is not a barrier to getting your products to market quickly. Instead, it will help you ensure you have the right level of security for your requirements, and help you showcase the robustness of the security your offer to your customers.

Here, we take you step-by-step through the four stages of the framework, which has evolved to form the basis of the current program.

Analyze

Identify the threats to your device and your security requirements with published and editable threat models and security analyses derived from a range of typical IoT use cases.

Architect

Use freely available architecture specifications from the PSA Certified ecosystem for firmware and hardware to help you design-in security and, therefore, build trust.

Implement

Access an open-source reference implementation of the firmware architecture specifications, APIs and an API test suite, which provide a trusted code base and interface to the security functions.

Certify

Independent evaluation scheme for chips, devices and software platforms to offer assurance to customers. Three levels of increasing robustness and certification ensure the right level of security is built into IoT chips.

PSA Certified enables a chip manufacturer, software platform or device maker to transition from saying ‘Trust me – I’ve applied good security principles’ to one who can say, ‘I took my product to a test lab and got it independently assessed and here is the evidence’

Rob Coombs, Business Development Director at Arm

Why PSA Certified?

Developed by Security Experts

PSA Certified was founded by seven industry-leading partners. It was created with the aim of providing a clear and common language and standard approach to reduce fragmentation in the IoT security market.

Aligned with Market Requirements

The program aligns with major industry standards and government regulations, across geographies.

Supported by Free Software and Resources

The framework and resources have been built systematically and donated by the PSA Certified ecosystem. They include threat models, security goals and a number of worldwide standards, as well as easy-to-follow and freely available guidance and documentation.

Security for the Entire Ecosystem

The scheme is designed to be applicable to the whole ecosystem, from chip designers, software vendors and device developers, providing clarity of security to cloud and network infrastructure providers and IoT application developers.

Showcase the Robustness of Your Security

The independent multi-level evaluation process is overseen by trusted labs that have a global footprint, as well as an impartial certification body.

Provides Access to World-leading Security Expertise

PSA Certified continues to evolve – it is subject to ongoing review and it is updated regularly by a team of security experts.