The framework for securing a trillion devices

The Platform Security Architecture (PSA) makes it quicker, easier and cheaper to design security into a device from the ground up. Built on industry best practices, it outlines common standards for security.

The Platform Security Architecture (PSA) is made up of four key stages: analyze, architect, implement, and certify. It offers:

  • A holistic set of resources. 
  • A contribution to the entire IoT ecosystem, from chip designers and device developers to cloud and network infrastructure providers and software vendors.
  • Common guidelines and a more economical approach to building secure devices.

Find out more about the four stages of PSA in our overview white paper.

Download

If you know the technical resources you are looking for, click on one of the following icons to jump straight to the right section:


Example Threat Model and Security Analyses.
Analyze


Architectural specifications aligning with PSA.
Architect


API specifications and Trusted Firmware-M.
Implement


More information about PSA Certified.
Certify

Analyze 

The analyze stage offers a set of freely available example Threat Models and Security Analyses (TMSA) for three common IoT use cases. The goal of this stage is to analyze the threats that have the potential to compromise your device and generate a set of security requirements, based on the risks.

Asset tracking application icon

Asset TrackerTMSA

Download analysis
Water smart meter application icon

Smart Water Meter TMSA

Download analysis
Webcam application icon

Network Camera TMSA

Download analysis

Architect 

The architect stage contains a set of freely available hardware and firmware specifications to design-in the necessary security requirements for your product. The specifications include the PSA Security Model (PSA-SM), Platform Security Boot Guide (formerly the Trusted Boot Firmware Update or TBFU), Trusted Base System Architecture (TBSA), and the PSA Firmware Framework (PSA-FF). The PSA Security Model provides important terminology and methodology for PSA and informs the use of the other PSA specifications. 

Application interoperability can be achieved using the PSA API specifications, these can be found in the implement section below.

Security Model (PSA-SM)

Top-level requirements for secure design of all products, outlining the key goals for designing products with known security properties. We recommend security leads to read this document first.

Download PSA-SM

Platform Security Boot Guide (BOOT-PSG)

This specification, formerly called Trusted Boot and Firmware Update (PSA-TBFU), outlines the system and firmware technical requirements for firmware boot and update.

Download BOOT-PSG

Platform Security Requirements (PSR)

This document specifies the bare-minimum security requirements expected of System-on-Chips (SoC) across multiple markets.

Download PSR

When using Arm architecture to build a PSA Certified product, different specifications are available for M-profile and A-profile architectures.

PSA Firmware Framework for M (PSA-FF-M)

Specification for a standard programming environment and fundamental Root of Trust (RoT) for secure applications on an M-profile product.

Download PSA-FF-M

The FF-M Extensions document introduces a set of updates and extensions to the Firmware Framework for M specification (DEN 0063). This separate extensions document is to enable wider review and feedback on the proposed changes. When the proposed extensions are sufficiently stable, they will be integrated into the latest version 1.1 of DEN0063.

Download FF-M Extensions specification

PSA Firmware Framework for A (PSA-FF-A)

Specification for a standard programming environment and fundamental Root of Trust (RoT) for secure applications on an A-profile product.

Download PSA-FF-A

PSA Trusted Base System Architecture for M (TBSA-M)

Specification for hardware requirements for Armv8-M products, including best practice recommendations for Armv6-M and Armv7-M.

Download TBSA-M

PSA Trusted Base System Architecture for A (TBSA-A)

Specification for hardware and firmware requirements when designing systems based on Armv8-A processors. 

Download TBSA-A

Authenticated Debug Access Control Specification (ADAC)

This specification defines an extensible method for how to build strong authentication into the debug process.

Download ADAC

Implement 

The implement stage offers an open source firmware reference implementation, APIs and an API test suite. These collectively provide developers with a trusted code base that complies with PSA specifications, and APIs that create a consistent interface to underlying Root of Trust hardware.

Additionally, there are three sets of PSA APIs that ensure application interoperability across different hardware implementations of the device Root of Trust. These include the PSA Functional Developer APIs for RTOS and software developers, PSA Firmware Framework APIs for security specialists, and TBSA APIs for silicon manufacturers.

Trusted Firmware-M (TF-M)

Trusted Firmware-M (TF-M) provides reference implementation of secure world software to implement threat mitigations defined in common use cases.

Based on the PSA Firmware Framework specification and providing the reference implementation of the PSA Functional APIs, TF-M supports quick adoption of PSA and gets security over a wide variety of hardware platforms. This makes security easier for the whole IoT ecosystem and accelerates the journey to PSA Certified.  

TF-M is an open source, open governance project, creating a platform for shared ownership of the codebase. This model provides easier maintenance and reduced time-to-market.

Download TF-M

 

Application interoperability with PSA Functional APIs

The PSA Functional APIs define the foundations from which security services are built, allowing devices to be secure by design. The three APIs provide a consistent developer experience for RTOS and software developers ensuring interoperability across different hardware implementations of the Root of Trust. Functional API Certification is part of PSA Certified and checks the correct functioning of the APIs using the API test suite. Please see the following information to find out more about the APIs and their benefits.

  • What are the PSA Functional APIs?

    The PSA Functional APIs are the developer-facing part of PSA offering security services for building secure end-to-end deployments.

    Developers writing the firmware application can rely on these APIs on any PSA-compliant platform regardless of the underlying implementations.

    Those interested in portability focuses on pure software solutions, whereas those interested in performance or resistance against physical attacks will favor a hardware-based implementation, potentially hosted inside a secure enclave. Regardless of this, developers can use the same functions, making their code portable and understandable.

    The most fundamental APIs are Cryptography, Secure Storage (for secure storage of internal objects, and protected storage for untrusted media) and Attestation.

  • What is the Cryptography API?

    The Cryptography API is a low-level cryptographic API optimized for microcontrollers. It provides symmetric & asymmetric key, Hash, RNG, and key storage services with support for different key lifetime policies.

    The Crypto API provides developers with an easy-to-use and easy-to-learn interface to crypto primitives. It is designed for usability and flexibility and is based on the notion of key store, where keys remain opaque in storage and only accessible for usage through crypto primitives.

    Learn more


  • What is the Secure Storage API?

    The Secure Storage API supports data protection services on the device, providing integrity and confidentiality protection.

    The Storage API provides two services: Internal Trusted Storage (ITS), and Protected Storage (PS). ITS provides a way for trusted services to store their most intimate secrets inside internal flash, considered the most secure storage place inside microcontrollers.

    PS provides convenience functions for developers who need to store trusted data onto untrusted storage, with guarantees about confidentiality, integrity, and rollback protection.

    Learn more


  • What is the Attestation API?

    The Attestation API provides a way to obtain a health check token from the device, attesting of its components and serial numbers. This works with a challenge/response exchange with a trusted verifier on the cloud to guarantee the token is fresh and not replayed. The properties or claims like device identity, lifecycle and software state are packaged, signed, and transmitted in a standard PSA Entity Attestation Token (EAT) format. Users of this token can validate all internal components of a device to associate it with a trust level.

    Learn more

PSA API Developer Facing Codes 

Access PSA API Developer Facing Codes on Github



Download code

Verify the implementation of the APIs

A test suite is available to verify whether the APIs have been implemented correctly into your system. This can be accessed via Github.

Download code
Platform Security Architecture Certified logo

Certify 

The certify stage, known as PSA Certified, is an independent evaluation and certification scheme, developed by Arm and its security partners. The scheme is split into two key areas: PSA Functional API Certification and PSA Certified.

PSA Functional API Certification checks that software uses PSA interfaces correctly, through an API test suite. 

PSA Certified consists of three progressive levels of assurance and robustness testing, enabling device makers to choose solutions appropriate to their use case.

Visit PSA Certified.org

Smart door lock application guide

The PSA smart door lock application guide walks through a real-life IoT use case, designed to PSA specifications. It offers a step-by-step guide of how to use the four stages of PSA to design a more secure IoT device.

Download now

Arm support

Arm training courses are available to help you realize maximum performance with lowest risk and fast time-to-market. Find out more about our specific training courses for Threat Modelling and security IP.

Arm training courses  Open a support case

Arm Community security blogs

Blog post image
Traveling beyond Moore’s Law – together

When the University of Michigan partnered with Arm Research on a project for DARPA, there was a remaining technical gap the team needed to bridge, and Arm Research knew the ideal partner.

1 months ago by Andrea Kells
Blog post image
Hardware backed security for multitenancy at the Edge with SPIFFE & PAR

Arm and VMware are bringing three powerful CNCF projects (SPIFFE, SPIRE and PARSEC) to show how cloud-native workloads can access the best hardware security facilities of any platform at the Cloud Native Security Days. Register for the event.

2 months ago by Marc Meunier
Blog post image
Arm Cortex-A78C CPU: Secure and scalable performance for next-generation…

This blog provides details about key features and benefits of the Arm Cortex-A78C CPU, which is the latest addition to the Cortex-A78 family.

2 months ago by Vincent Risson
3
Blog post image
Design for the IoT Connected World with Next-Generation eMRAM NVM

With digital transformation well underway across global industries, the need for more energy-efficient, secure, and scalable IoT connected world is essential. The adoption of embedded magnetoresistive random access memory (eMRAM) non-volatile memory…

4 months ago by Phil Morris
Blog post image
Hybrid Computer Vision Recognition for Security Applications

Read this blog, written by Elaine Lin from ZKTeco, about computer vision for security applications.

4 months ago by Alex Avramenko
Blog post image
AnchorZ: DZ Authentication: Re-thinking Traditional Authentication Technolo

In this blog, Masaaki Tokuyama, Founder & CEO, AnchorZ Inc. describes a different approach to device security by using biometrics combined with user behavior.

5 months ago by Mary Bennion