Platform Security Architecture
The Platform Security Architecture offers a framework for securing connected devices. The PSA provides a step-by-step guide to building in the right level of security for a device. We recommend familiarizing yourself with the framework before you begin any SoC design for a secure IoT device.
The PSA is broken down into four stages as a project progresses:
- An analysis stage where device assets are analyzed and threats are assessed. This process defines the security requirements.
- An architecture stage where the device is designed based on the security requirements that are identified in the first stage. The design process includes the SoC, firmware, and software. This guide helps you to complete this stage by concentrating on the IP that a secure IoT device needs. This guide also explains how the selected IP are put together.
- An implementation stage that involves the implementation of software that meets the security requirement. The software must also work with the hardware that is defined during the architecture stage specifications.
- A certification stage where checks are made, through a PSA Certified scheme, that the product adheres to the security requirements.
We recommend learning more about the four stages in the Platform Security Architecture Overview Whitepaper. The whitepaper describes the Trusted Base System Architecture (TBSA), which is a set of SoC requirements for Armv6-M, Armv7-M, and Armv8-M processors.
The PSA Trusted Base System Architecture for M (TBSA-M) uses the Trusted Base System Architecture as a theoretical foundation. Putting together a secure IoT system involves selecting pieces of Arm IP based on this foundation.
The PSA Whitepaper provides example Threat Models and Security Analyses for three common IoT use cases:
The examples provide some use cases that you can compare against the secure IoT coffee maker use case. Each example contains a set of security objectives that mitigates one or more of the identified threats. Security Model (PSA-SM) defines a security architecture that is designed to address a generic set of threats.
To allow your firmware and software development to start before the hardware platform is available, use the following specifications and guidelines:
- A PSA Firmware Framework for M (PSA-FF-M) specification, which defines a standard programming environment and firmware interfaces. These definitions are for implementing and accessing security services within the Root of Trust for a device.
- The requirements for a Trusted Boot and Firmware Update (PSA-TBFU). The Trusted Boot requirements describe how to validate whether an image is authorized before booting it. The firmware update requirements describe how to validate an update before storing it to flash memory.
- Trusted Firmware-M (TF-M), which is an open-source firmware implementation for Cortex-M series processors.