Platform Security Architecture

The Platform Security Architecture (PSA) is a holistic set of threat models, security analyses, hardware and firmware architecture specifications, and an open source firmware reference implementation. PSA provides a recipe, based on industry best practice, that allows security to be consistently designed in, at both a hardware and firmware level.

PSA is a contribution from Arm to the entire IoT ecosystem, from chip designers and device developers to cloud and network infrastructure providers and software vendors.

PSA is scalable for all connected devices, offering common ground rules and a more economical approach to building more secure devices.


Shifting the economics of security

Security is top of the agenda for anyone involved in the IoT industry. However, it is a difficult and potentially costly area to get right. With billions of connected devices and ever-greater complexity comes an increased threat of attack and the need to secure the data and infrastructure of the 'things' at multiple levels.

Arm provides an array of hardware IP and firmware to create more secure devices. Arm aims, with these enabling technologies, to make security quicker, easier and more affordable to design in, providing scalable security at the very heart of the device.

In addition we will provide a reference open source firmware implementation (similar to Arm’s existing Trusted Firmware project) to further minimize cost.



Security across the entire value chain

By defining a foundational framework, PSA will help to bring a more consistent, best practice approach to security. This will have impact beyond just device hardware and software designers, as companies involved in deploying and managing IoT at large scale will benefit from consistency around key security principles, such as device identification and a trusted boot sequence.

PSA is architecture agnostic, but we have prioritized the Armv8-M architecture, such as implemented in Cortex-M23 and M33 devices.

To find out more about the specifics of PSA, read the whitepaper:

Enabling 3 phases of creating more secure devices

PSA has three major components

  • Threat Models and Security Analyses derived from a range of typical IoT use cases.     
  • Architecture specifications for firmware and hardware.
  • An open source project, similar to Arm Trusted Firmware (for mobile clients).


What does PSA do?

  • Designed to secure low cost IoT devices, where a full Trusted Execution Environment (TEE) would not be appropriate.
  • PSA protects sensitive assets (keys, credentials and firmware) by separating these from the application firmware and hardware.
  • PSA defines a Secure Processing Environment (SPE) for this data, the code that manages it and its trusted hardware resources.
  • PSA is architecture agnostic and can be implemented on Cortex-M, Cortex-R and Cortex-A-based devices.
  • The initial focus is Cortex-M-based devices.


Standardized interfaces

  • PSA specifies interfaces to decouple components:
    • Enables reuse of components in other device platforms.
    • Reduces integration effort.
  • Partners can provide alternative implementations:
    • Necessary to address different cost, footprint, regulatory or security needs.
  • PSA provides an architectural specification:
    • Hardware, firmware and process requirements and interfaces.

Example of IoT device implementation

  • OEMs can choose their preferred implementations.
  • Arm Trusted Firmware-M will be a new OSS project:
    • To reduce rework across our partners.
    • To speed up device or component validation against standards such as Common Criteria EAL.
  • Open to any RTOS and other partners.

Platform Security Architecture FAQs

When will PSA be available?

PSA is continually evolving. Partners can gain access to the first draft specifications now and it will be made public in Q1 2018. Further specifications will continue to be created and made public throughout 2018. The reference firmware implementation will be public in Q1 2018.

What are the benefits of using PSA?

  • Cheaper and easier to design in security using off-the-shelf components, from analysis documents, through architecture specifications to an open source trusted firmware implementation.
  • A reduction in risk even with limited security knowledge.
  • Demonstrate to your customers that you are committed to building more secure devices.

Does PSA require TrustZone?

PSA is intended to be architecture agnostic. For instance, the Threat Models and Security Analyses are implementation independent, and most of the architecture specifications can be implemented on systems with or without TrustZone. However, TrustZone provides a reliable and easy method to better implement PSA-defined rules.

How does PSA fit in with other Arm security, such as CryptoCell and TrustZone?

Arm's IP and products, such as CryptoCell and TrustZone, are part of a menu of security technologies. PSA provides a recipe to implement Arm’s technology, allowing security to be designed in at the appropriate level.


Analyse

Threat models and security analysis. 

Architect

Architecture specifications.

Implement

Source code (OSS) and Hardware IP.