We have recently heard the detailed explanation of the Arm’s vision for connected devices and a Neoverse platform, which was to enable it. Then the vision started developing and we have seen many advancements on the server side of things with them announcing Neoverse N1 and E1 platforms.
These have been designed to enable the next generation of SoCs for 5G base stations to networking and data centers.
In 2017 Arm introduced the PSA, which is a framework for streamlining the security in Internet of things (IoT) devices with a consistent, simple standard.
These models and specifications were published on the Arm website and they have gained wide recognition and appraisal as well as support from players in the industry, Arm says that only a very small number of IoT devices is a subject to these security tests and that there is a lack of access to simple frameworks. This is slowing the IoT development down and decreasing its growth.
The next step for Arm is the PSA certified program, which is a new and independent certified program for IoT devices which will implement the platform security architecture.
This certification is built for ease of development, secure for the design which is based on a certain level of security expected from the product. It enables scaled deployment of trusted IoT and allows companies to verify that they meet the right level of security for the use case.
PSA program has two parts – one of them is the API certification that is functional and adds to the assurance and the robust feel of the certification based on the levels of how much the assurance progressed.
One is the minimum level of security. The API certification is specifically designed to ensure that all of the chips follow a common API to offer better software and independent of hardware. Arm also says that this is already available with OS vendors, silicon vendors, and OEMs as well as many other vendors.
Arm is a partner with many test labs because they want to ensure that the PSA certifications are enabled in the widest range possible.
The certification process can be done retroactively on the chips that are already out there.
Like all of the IoT devices that are secure, at the heart of the platforms is the architecture which is a specification for PSA root of trust which uses several important security services like secure storage, attestation, secure boot, crypto and so on. The PSA offers a nice interface for the OS as well which can significantly simplify the access to these services.
There are three levels based on the PSA-RoT where each one of those levels is more strict in terms of the assurance. In this case, assurance means the depth of testing which is involved and the robustness is there for the referring of the scope of the protection against many different threats.
Someone can start with a level one certification and it can go on for a long evaluation or controlled testing. It can go to level three which is more extensive and exhaustive a measure and the level of assurance and robustness.
These levels are there and designed to match the needs of use cases with an appropriate level of security in the IoT device and Arm already gave several examples of use cases for this measure. You can imagine and consider the temperature sensors being used in agriculture or home security.
You would think that manufacturing earns the highest level of security and that security of the data being generated from the systems is the most critical component in this system.
It’s generally the most important in agriculture where it can sense and detect various changes and then inform the systems that can do what needs to be done to help the crops.
Level one is the minimum level of assurance and it’s designed to make sure that the chip meets all of the basic goals that the platform needs. This includes ten foundational security features and so on.
Level two certification is also available and it moves the user from the level one after the first month of usage. You can move o the actual penetration testing, source code review and so on. It’s the mid-level of assurance and robustness.