Go to section:
The following platform security resources help developers to achieve PSA Certified on Arm-based platforms. All resources on this page are designed for M- and A-profile IoT-devices and are developed and made freely available by Arm and its partners.
A set of free, editable example Threat Models and Security Analyses (TMSA) for three common IoT use cases
Asset Tracker TMSADownload bundle
Smart Water Meter TMSADownload bundle
Network cameraTMSADownload bundle
A set of freely available hardware and firmware specifications to design-in the necessary security requirements for M- and A-profile IoT devices
Top-level requirements for secure design of all products, outlining the key goals for designing products with known security properties. We recommend security leads to read this document first.Download
Platform Security Boot Guide
This specification, formerly called Trusted Boot and Firmware Update (PSA-TBFU), outlines the system and firmware technical requirements for firmware boot and update.
Platform Security Requirements
This document specifies the bare-minimum security requirements expected of System-on-Chips (SoC) across multiple markets.
Authenticated Debug Access Control Specification
This specification defines an extensible method for how to build strong authentication into the debug process.
Platform security for M-profile architecture:
Firmware Framework for M
Specification for a standard programming environment and fundamental Root of Trust (RoT) for secure applications on an M-profile product.
The FF-M Extensions document introduces a set of updates and extensions to the Firmware Framework for M specification (DEN 0063). This separate extensions document is to enable wider review and feedback on the proposed changes. When the proposed extensions are sufficiently stable, they will be integrated into the latest version 1.1 of DEN0063.Download
Trusted Base System Architecture for M
Specification for hardware requirements for Armv8-M products, including best practice recommendations for Armv6-M and Armv7-M.
Platform security for A-profile architecture:
Firmware Framework for A
Specification for a standard programming environment and fundamental Root of Trust (RoT) for secure applications on an A-profile product.
Trusted Base System Architecture for A
Specification for hardware and firmware requirements when designing systems based on Armv8-A processors.
Firmware architecture for firmware updates on A-class devices
This document defines the standard infrastructure to enable robust FW updates on A-class products.Download
An open-source firmware reference implementation, PSA Functional APIs, and an API test suite. Providing developers with a trusted code base that complies with platform security specifications, and security APIs that create a consistent interface to underlying Root of Trust hardware.
Provides reference implementation of secure world software to implement threat mitigations defined in common use cases
Provides reference implementation of secure world software for Armv7-A and Armv8-A processors.
Cryptography API provides symmetric and asymmetric key, Hash, RNG, and key storage services with support for different key lifetime policies.Download
Secure Storage API
Supports data protection services on the device, providing integrity and confidentiality protectionDownload
Provides a way to obtain a health check token from the device, attesting of its components and serial numbersDownload
Firmware Update API
Defines a standard firmware interface for installing firmware updatesDownload
API developer facing codes
Access PSA API developer facing codes on GithubAccess on GitHub
API test suite
A test suite to verify the correct implementation of APIs in your systemAccess on GitHub
PSA Certified is an independent evaluation and certification scheme developed by Arm and its security partners. The scheme tests and certifies that products meet PSA Certified security requirements.
Learn more about PSA Certified, access more resources, and find out how to get started with the certification process.Visit PSA Certified