SlideShare a Scribd company logo

PSA Certified – building trust in IoT

Duncan Purves
Duncan Purves

PSA Certified – building trust in IoT - presentation by Rob Coombs,  Arm at the IoT Thames Valley Meetup on 19th June, 2019. https://www.meetup.com/Internet-of-Things-Thames-Valley/

Technology
1 of 17
Download to read offline
Rob Coombs, Arm Limited 13/06/19 PSA Certified: building trust in IoT A security certification scheme for IoT
2 © 2019 Arm Limited Agenda • Platform Security Architecture recap • PSA Certified – building trust in IoT
3 © 2019 Arm Limited Trust is essential for digital transformation Security Trust devices Trust their data Make impactful decisions Trust brings value Trusted devices Connecting and Managing devices Harnessing Data Insights & Actions
4 © 2019 Arm Limited IoT security is fragmented 100’s of chip vendors with different Roots of Trust of variable robustness, assurance, quality Many RTOS and software platforms struggling to make use of the RoT 10’000’s OEMs building products without a threat model or lab based evaluation PSA has been designed to make it easier and quicker for the value chain to build solutions on a standardised RoT that can scale to low cost microcontrollers SILICON PARTNER B OEM 1 OEM 2 OEM 3 SILICON PARTNER A SILICON PARTNER D SILICON PARTNER C
5 © 2019 Arm Limited Trust starts with a Root of Trust (PSA-RoT) Source of integrity and confidentiality Arm has defined a PSA-RoT and provided an open source reference implementation Separates critical security functions in a Secure Processing Environment (SPE) from rest of system Typically used for secure boot, storing secrets, crypto, attestation, audit logs… Developed by Chip vendors (e.g. by porting Trusted Firmware-M Open source software to secure hardware) PSA RoT Crypto Attestation Trusted boot Secure Storage CPU Memory Peripherals PSA Dev-API Microcontroller
6 © 2019 Arm Limited Making security easier to use (API Compliance) PSA Dev APIs Trusted boot Crypto Attestation Secure Storage Any RTOS/ SW Platform Any architecture PSA RoT Example security functions
7 © 2019 Arm Limited 4 parts to Platform Security Architecture Certify A complete security offering – Openly published. Independently tested.
8 © 2019 Arm Limited PSA next steps • Microcontroller with RTOS has been our first focus for PSA & TF-M • Building a standard RoT and API Compliance program • Creating a security certification program (next topic) • PSA for Application processor with Rich OS (e.g. Linux) based systems is planned • Making TEE easier to use with PSA Security Functions
9 © 2019 Arm Limited 9 PSA Certified Building trust in IoT
10 © 2019 Arm Limited PSA Certified – An overview Building trust through independent testing Dedicated to PSA-RoT enabled chips, devices and platforms Builds on IoT threat models, PSA Security Model & PSA-RoT Protection Profile Simple 3 level scheme Scalable to IoT ecosystem Backed by reputed experts Supporting complementary vertical evaluations
11 © 2019 Arm Limited Who developed PSA Certified? Six PSA Joint Stakeholder Members
12 © 2019 Arm Limited How it works PSA Certified provides 3 progressive levels of security assurance / robustness: PSA Certified Level 1, 2 & 3 PSA Functional API Certified enables ecosystem through a consistent high level interface to the PSA- RoT Robustness Depthoftesting PSA certified levels
13 © 2019 Arm Limited PSA Certified Levels Three assurance Levels Level 1: Document & Declare with lab check • Security Model goals • IoT Threat models – SFRs • Aligning with governments code of practice Level 2: Mid Level assurance/robustness • Time-limited white box testing (CSPN style) • PP, eval methodology & attack methods Level 3: Substantial – MCU PP Under development • More extensive attacks (AP similar to TEE) • Higher assurance • PP planned donation to GlobalPlatform PSA Certification Level Silicon RoT OS OEM L3 Months ü 3rd party evaluation schemes e.g. SESIP, UL2900L2 1 month ü L1 1 day ü ü ü
14 © 2019 Arm Limited www.psacertified.org now live Thank you to our lead partners! Great momentum for support PSA Certified Additional certified products online: Express logic Keil RTX Lierda
15 © 2019 Arm Limited Summary PSA Certified™ builds trust in devices and data Two components: f u n c t i o n a l A P I Security certification A multi-level scheme testing the security assurance/robustness of IoT chips, platforms & devices designed for systems that contain a PSA-RoT Functional API certification (API Compliance) Uses test kits to prove that PSA based solutions have a consistent set of APIs for essential security functions, ensuring a consistent developer experience
16 © 2019 Arm Limited 16 Questions? Get started with PSA Certified™ and visit www.psacertified.org
The Arm trademarks featured in this presentation are registered trademarks or trademarks of Arm Limited (or its subsidiaries) in the US and/or elsewhere. All rights reserved. All other marks featured may be trademarks of their respective owners. www.arm.com/company/policies/trademarks

Recommended

IoT security
IoT securityIoT security
IoT securityYashKesharwani2
 
Adaptive AUTOSAR - The New AUTOSAR Architecture
Adaptive AUTOSAR - The New AUTOSAR ArchitectureAdaptive AUTOSAR - The New AUTOSAR Architecture
Adaptive AUTOSAR - The New AUTOSAR ArchitectureAdaCore
 
AI for security or security for AI - Sergey Gordeychik
AI for security or security for AI - Sergey GordeychikAI for security or security for AI - Sergey Gordeychik
AI for security or security for AI - Sergey GordeychikSergey Gordeychik
 
Splunk Phantom SOAR Roundtable
Splunk Phantom SOAR RoundtableSplunk Phantom SOAR Roundtable
Splunk Phantom SOAR RoundtableSplunk
 
The 8 Layers of the OSI.pdf
The 8 Layers of the OSI.pdfThe 8 Layers of the OSI.pdf
The 8 Layers of the OSI.pdfssuserd67eb9
 
Presentation on IOT SECURITY
Presentation on IOT SECURITYPresentation on IOT SECURITY
Presentation on IOT SECURITYThe Avi Sharma
 
IOT Security
IOT SecurityIOT Security
IOT SecuritySylvain Martinez
 
Secure Design: Threat Modeling
Secure Design: Threat ModelingSecure Design: Threat Modeling
Secure Design: Threat ModelingCigital
 

Recommended

IoT security
IoT securityIoT security
IoT securityYashKesharwani2
 
Adaptive AUTOSAR - The New AUTOSAR Architecture
Adaptive AUTOSAR - The New AUTOSAR ArchitectureAdaptive AUTOSAR - The New AUTOSAR Architecture
Adaptive AUTOSAR - The New AUTOSAR ArchitectureAdaCore
 
AI for security or security for AI - Sergey Gordeychik
AI for security or security for AI - Sergey GordeychikAI for security or security for AI - Sergey Gordeychik
AI for security or security for AI - Sergey GordeychikSergey Gordeychik
 
Splunk Phantom SOAR Roundtable
Splunk Phantom SOAR RoundtableSplunk Phantom SOAR Roundtable
Splunk Phantom SOAR RoundtableSplunk
 
The 8 Layers of the OSI.pdf
The 8 Layers of the OSI.pdfThe 8 Layers of the OSI.pdf
The 8 Layers of the OSI.pdfssuserd67eb9
 
Presentation on IOT SECURITY
Presentation on IOT SECURITYPresentation on IOT SECURITY
Presentation on IOT SECURITYThe Avi Sharma
 
IOT Security
IOT SecurityIOT Security
IOT SecuritySylvain Martinez
 
Secure Design: Threat Modeling
Secure Design: Threat ModelingSecure Design: Threat Modeling
Secure Design: Threat ModelingCigital
 
Smart Fleet Management with IoT
Smart Fleet Management with IoTSmart Fleet Management with IoT
Smart Fleet Management with IoTAshish Saxena
 
Need of SIEM when You have SOAR
Need of SIEM when You have SOARNeed of SIEM when You have SOAR
Need of SIEM when You have SOARSiemplify
 
Cloud, Fog & Edge Computing
Cloud, Fog & Edge ComputingCloud, Fog & Edge Computing
Cloud, Fog & Edge ComputingEUBrasilCloudFORUM .
 
Guide to industrial control systems (ics) security
Guide to industrial control systems (ics) securityGuide to industrial control systems (ics) security
Guide to industrial control systems (ics) securityericv83
 
Iot Security, Internet of Things
Iot Security, Internet of ThingsIot Security, Internet of Things
Iot Security, Internet of ThingsBryan Len
 
Security Requirements in IoT Architecture
Security Requirements in IoT Architecture Security Requirements in IoT Architecture
Security Requirements in IoT Architecture Vrince Vimal
 
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETSDISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETSiQHub
 
Rtos concepts
Rtos conceptsRtos concepts
Rtos conceptsanishgoel
 
Julia For Smart IoT
Julia For Smart IoTJulia For Smart IoT
Julia For Smart IoTTiE Bangalore
 
CA_Module_1.pptx
CA_Module_1.pptxCA_Module_1.pptx
CA_Module_1.pptxYazanSalileh
 
CyberOps.pptx
CyberOps.pptxCyberOps.pptx
CyberOps.pptxAhmedRobaid1
 
Applying MBSE to the Industrial IoT: Using SysML with Connext DDS and Simulink
Applying MBSE to the Industrial IoT: Using SysML with Connext DDS and SimulinkApplying MBSE to the Industrial IoT: Using SysML with Connext DDS and Simulink
Applying MBSE to the Industrial IoT: Using SysML with Connext DDS and SimulinkGerardo Pardo-Castellote
 
ICS Security 101 by Sandeep Singh
ICS Security 101 by Sandeep SinghICS Security 101 by Sandeep Singh
ICS Security 101 by Sandeep SinghOWASP Delhi
 
Scalable Service-Oriented Middleware over IP
Scalable Service-Oriented Middleware over IPScalable Service-Oriented Middleware over IP
Scalable Service-Oriented Middleware over IPDai Yang
 
Cyber Defense Automation
Cyber Defense AutomationCyber Defense Automation
Cyber Defense Automation♟Sergej Epp
 
QRadar Architecture.pdf
QRadar Architecture.pdfQRadar Architecture.pdf
QRadar Architecture.pdfPencilData
 
Iot(security)
Iot(security)Iot(security)
Iot(security)Shreya Pohekar
 
Review of QNX
Review of QNXReview of QNX
Review of QNXRobert-Emmanuel Mayssat
 
TEE - kernel support is now upstream. What this means for open source security
TEE - kernel support is now upstream. What this means for open source securityTEE - kernel support is now upstream. What this means for open source security
TEE - kernel support is now upstream. What this means for open source securityLinaro
 
Tenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud SecurityTenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud SecurityMarketingArrowECS_CZ
 
HKG18-212 - Trusted Firmware M: Introduction
HKG18-212 - Trusted Firmware M: IntroductionHKG18-212 - Trusted Firmware M: Introduction
HKG18-212 - Trusted Firmware M: IntroductionLinaro
 
A practical approach to securing embedded and io t platforms
A practical approach to securing embedded and io t platformsA practical approach to securing embedded and io t platforms
A practical approach to securing embedded and io t platformsArm
 

More Related Content

What's hot

Smart Fleet Management with IoT
Smart Fleet Management with IoTSmart Fleet Management with IoT
Smart Fleet Management with IoTAshish Saxena
 
Need of SIEM when You have SOAR
Need of SIEM when You have SOARNeed of SIEM when You have SOAR
Need of SIEM when You have SOARSiemplify
 
Guide to industrial control systems (ics) security
Guide to industrial control systems (ics) securityGuide to industrial control systems (ics) security
Guide to industrial control systems (ics) securityericv83
 
Iot Security, Internet of Things
Iot Security, Internet of ThingsIot Security, Internet of Things
Iot Security, Internet of ThingsBryan Len
 
Security Requirements in IoT Architecture
Security Requirements in IoT Architecture Security Requirements in IoT Architecture
Security Requirements in IoT Architecture Vrince Vimal
 
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETSDISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETSiQHub
 
Rtos concepts
Rtos conceptsRtos concepts
Rtos conceptsanishgoel
 
Applying MBSE to the Industrial IoT: Using SysML with Connext DDS and Simulink
Applying MBSE to the Industrial IoT: Using SysML with Connext DDS and SimulinkApplying MBSE to the Industrial IoT: Using SysML with Connext DDS and Simulink
Applying MBSE to the Industrial IoT: Using SysML with Connext DDS and SimulinkGerardo Pardo-Castellote
 
ICS Security 101 by Sandeep Singh
ICS Security 101 by Sandeep SinghICS Security 101 by Sandeep Singh
ICS Security 101 by Sandeep SinghOWASP Delhi
 
Scalable Service-Oriented Middleware over IP
Scalable Service-Oriented Middleware over IPScalable Service-Oriented Middleware over IP
Scalable Service-Oriented Middleware over IPDai Yang
 
Cyber Defense Automation
Cyber Defense AutomationCyber Defense Automation
Cyber Defense Automation♟Sergej Epp
 
QRadar Architecture.pdf
QRadar Architecture.pdfQRadar Architecture.pdf
QRadar Architecture.pdfPencilData
 
TEE - kernel support is now upstream. What this means for open source security
TEE - kernel support is now upstream. What this means for open source securityTEE - kernel support is now upstream. What this means for open source security
TEE - kernel support is now upstream. What this means for open source securityLinaro
 
Tenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud SecurityTenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud SecurityMarketingArrowECS_CZ
 

What's hot (20)

Smart Fleet Management with IoT
Smart Fleet Management with IoTSmart Fleet Management with IoT
Smart Fleet Management with IoT
 
Need of SIEM when You have SOAR
Need of SIEM when You have SOARNeed of SIEM when You have SOAR
Need of SIEM when You have SOAR
 
Cloud, Fog & Edge Computing
Cloud, Fog & Edge ComputingCloud, Fog & Edge Computing
Cloud, Fog & Edge Computing
 
Guide to industrial control systems (ics) security
Guide to industrial control systems (ics) securityGuide to industrial control systems (ics) security
Guide to industrial control systems (ics) security
 
Iot Security, Internet of Things
Iot Security, Internet of ThingsIot Security, Internet of Things
Iot Security, Internet of Things
 
Security Requirements in IoT Architecture
Security Requirements in IoT Architecture Security Requirements in IoT Architecture
Security Requirements in IoT Architecture
 
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETSDISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
DISCUSSION ON SECURITY MEASURES FOR PIPELINE CYBER ASSETS
 
Rtos concepts
Rtos conceptsRtos concepts
Rtos concepts
 
Julia For Smart IoT
Julia For Smart IoTJulia For Smart IoT
Julia For Smart IoT
 
CA_Module_1.pptx
CA_Module_1.pptxCA_Module_1.pptx
CA_Module_1.pptx
 
CyberOps.pptx
CyberOps.pptxCyberOps.pptx
CyberOps.pptx
 
Applying MBSE to the Industrial IoT: Using SysML with Connext DDS and Simulink
Applying MBSE to the Industrial IoT: Using SysML with Connext DDS and SimulinkApplying MBSE to the Industrial IoT: Using SysML with Connext DDS and Simulink
Applying MBSE to the Industrial IoT: Using SysML with Connext DDS and Simulink
 
ICS Security 101 by Sandeep Singh
ICS Security 101 by Sandeep SinghICS Security 101 by Sandeep Singh
ICS Security 101 by Sandeep Singh
 
Scalable Service-Oriented Middleware over IP
Scalable Service-Oriented Middleware over IPScalable Service-Oriented Middleware over IP
Scalable Service-Oriented Middleware over IP
 
Cyber Defense Automation
Cyber Defense AutomationCyber Defense Automation
Cyber Defense Automation
 
QRadar Architecture.pdf
QRadar Architecture.pdfQRadar Architecture.pdf
QRadar Architecture.pdf
 
Iot(security)
Iot(security)Iot(security)
Iot(security)
 
Review of QNX
Review of QNXReview of QNX
Review of QNX
 
TEE - kernel support is now upstream. What this means for open source security
TEE - kernel support is now upstream. What this means for open source securityTEE - kernel support is now upstream. What this means for open source security
TEE - kernel support is now upstream. What this means for open source security
 
Tenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud SecurityTenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud Security
 

Similar to PSA Certified – building trust in IoT

HKG18-212 - Trusted Firmware M: Introduction
HKG18-212 - Trusted Firmware M: IntroductionHKG18-212 - Trusted Firmware M: Introduction
HKG18-212 - Trusted Firmware M: IntroductionLinaro
 
A practical approach to securing embedded and io t platforms
A practical approach to securing embedded and io t platformsA practical approach to securing embedded and io t platforms
A practical approach to securing embedded and io t platformsArm
 
LAS16-203: Platform security architecture for embedded devices
LAS16-203: Platform security architecture for embedded devicesLAS16-203: Platform security architecture for embedded devices
LAS16-203: Platform security architecture for embedded devicesLinaro
 
CompTIA CASP Objectives
CompTIA CASP ObjectivesCompTIA CASP Objectives
CompTIA CASP Objectivessombat nirund
 
RSA Conference Presentation–Creating a Modern AppSec Toolchain to Quantify Se...
RSA Conference Presentation–Creating a Modern AppSec Toolchain to Quantify Se...RSA Conference Presentation–Creating a Modern AppSec Toolchain to Quantify Se...
RSA Conference Presentation–Creating a Modern AppSec Toolchain to Quantify Se...Synopsys Software Integrity Group
 
Approach-to-Security-applications-running-from-different-HW-platforms-Daniel-...
Approach-to-Security-applications-running-from-different-HW-platforms-Daniel-...Approach-to-Security-applications-running-from-different-HW-platforms-Daniel-...
Approach-to-Security-applications-running-from-different-HW-platforms-Daniel-...AAnt87
 
“Open Standards Unleash Hardware Acceleration for Embedded Vision,” a Present...
“Open Standards Unleash Hardware Acceleration for Embedded Vision,” a Present...“Open Standards Unleash Hardware Acceleration for Embedded Vision,” a Present...
“Open Standards Unleash Hardware Acceleration for Embedded Vision,” a Present...Edge AI and Vision Alliance
 
Standardizing the tee with global platform and RISC-V
Standardizing the tee with global platform and RISC-VStandardizing the tee with global platform and RISC-V
Standardizing the tee with global platform and RISC-VRISC-V International
 
Eurotech M2M Building Blocks and Multi-Service Gateway Approach
Eurotech M2M Building Blocks and Multi-Service Gateway ApproachEurotech M2M Building Blocks and Multi-Service Gateway Approach
Eurotech M2M Building Blocks and Multi-Service Gateway ApproachEurotech
 
Removing Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessRemoving Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessMicrosoft Tech Community
 
Webinar: Synergy turbinado com o SSP1.4: criptografia elíptica, vídeo pela US...
Webinar: Synergy turbinado com o SSP1.4: criptografia elíptica, vídeo pela US...Webinar: Synergy turbinado com o SSP1.4: criptografia elíptica, vídeo pela US...
Webinar: Synergy turbinado com o SSP1.4: criptografia elíptica, vídeo pela US...Embarcados
 
Demystifying Security Root of Trust Approaches for IoT/Embedded - SFO17-304
Demystifying Security Root of Trust Approaches for IoT/Embedded - SFO17-304Demystifying Security Root of Trust Approaches for IoT/Embedded - SFO17-304
Demystifying Security Root of Trust Approaches for IoT/Embedded - SFO17-304Linaro
 
Industry_Day-2019-0010-Enabling_the_IoT_domain.pptx
Industry_Day-2019-0010-Enabling_the_IoT_domain.pptxIndustry_Day-2019-0010-Enabling_the_IoT_domain.pptx
Industry_Day-2019-0010-Enabling_the_IoT_domain.pptxAnil Bhat
 
IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future IBM
 
Pistoia Alliance European Conference 2015 - Stuart Robertson / Exostar
Pistoia Alliance European Conference 2015 - Stuart Robertson / ExostarPistoia Alliance European Conference 2015 - Stuart Robertson / Exostar
Pistoia Alliance European Conference 2015 - Stuart Robertson / ExostarPistoia Alliance
 
Supply Chain Security and Compliance for Embedded Devices & IoT
Supply Chain Security and Compliance for Embedded Devices & IoTSupply Chain Security and Compliance for Embedded Devices & IoT
Supply Chain Security and Compliance for Embedded Devices & IoTSource Code Control Limited
 
V&V Lessons Learnt under multiple Standards
V&V Lessons Learnt under multiple StandardsV&V Lessons Learnt under multiple Standards
V&V Lessons Learnt under multiple StandardsOak Systems
 

Similar to PSA Certified – building trust in IoT (20)

HKG18-212 - Trusted Firmware M: Introduction
HKG18-212 - Trusted Firmware M: IntroductionHKG18-212 - Trusted Firmware M: Introduction
HKG18-212 - Trusted Firmware M: Introduction
 
A practical approach to securing embedded and io t platforms
A practical approach to securing embedded and io t platformsA practical approach to securing embedded and io t platforms
A practical approach to securing embedded and io t platforms
 
LAS16-203: Platform security architecture for embedded devices
LAS16-203: Platform security architecture for embedded devicesLAS16-203: Platform security architecture for embedded devices
LAS16-203: Platform security architecture for embedded devices
 
CompTIA CASP Objectives
CompTIA CASP ObjectivesCompTIA CASP Objectives
CompTIA CASP Objectives
 
RSA Conference Presentation–Creating a Modern AppSec Toolchain to Quantify Se...
RSA Conference Presentation–Creating a Modern AppSec Toolchain to Quantify Se...RSA Conference Presentation–Creating a Modern AppSec Toolchain to Quantify Se...
RSA Conference Presentation–Creating a Modern AppSec Toolchain to Quantify Se...
 
Approach-to-Security-applications-running-from-different-HW-platforms-Daniel-...
Approach-to-Security-applications-running-from-different-HW-platforms-Daniel-...Approach-to-Security-applications-running-from-different-HW-platforms-Daniel-...
Approach-to-Security-applications-running-from-different-HW-platforms-Daniel-...
 
“Open Standards Unleash Hardware Acceleration for Embedded Vision,” a Present...
“Open Standards Unleash Hardware Acceleration for Embedded Vision,” a Present...“Open Standards Unleash Hardware Acceleration for Embedded Vision,” a Present...
“Open Standards Unleash Hardware Acceleration for Embedded Vision,” a Present...
 
Standardizing the tee with global platform and RISC-V
Standardizing the tee with global platform and RISC-VStandardizing the tee with global platform and RISC-V
Standardizing the tee with global platform and RISC-V
 
Eurotech M2M Building Blocks and Multi-Service Gateway Approach
Eurotech M2M Building Blocks and Multi-Service Gateway ApproachEurotech M2M Building Blocks and Multi-Service Gateway Approach
Eurotech M2M Building Blocks and Multi-Service Gateway Approach
 
Removing Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessRemoving Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment Success
 
Mobile Monitoring Best Practices
Mobile Monitoring Best PracticesMobile Monitoring Best Practices
Mobile Monitoring Best Practices
 
Webinar: Synergy turbinado com o SSP1.4: criptografia elíptica, vídeo pela US...
Webinar: Synergy turbinado com o SSP1.4: criptografia elíptica, vídeo pela US...Webinar: Synergy turbinado com o SSP1.4: criptografia elíptica, vídeo pela US...
Webinar: Synergy turbinado com o SSP1.4: criptografia elíptica, vídeo pela US...
 
Demystifying Security Root of Trust Approaches for IoT/Embedded - SFO17-304
Demystifying Security Root of Trust Approaches for IoT/Embedded - SFO17-304Demystifying Security Root of Trust Approaches for IoT/Embedded - SFO17-304
Demystifying Security Root of Trust Approaches for IoT/Embedded - SFO17-304
 
Industry_Day-2019-0010-Enabling_the_IoT_domain.pptx
Industry_Day-2019-0010-Enabling_the_IoT_domain.pptxIndustry_Day-2019-0010-Enabling_the_IoT_domain.pptx
Industry_Day-2019-0010-Enabling_the_IoT_domain.pptx
 
IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future
 
Pistoia Alliance European Conference 2015 - Stuart Robertson / Exostar
Pistoia Alliance European Conference 2015 - Stuart Robertson / ExostarPistoia Alliance European Conference 2015 - Stuart Robertson / Exostar
Pistoia Alliance European Conference 2015 - Stuart Robertson / Exostar
 
Gadgeon profile
Gadgeon profileGadgeon profile
Gadgeon profile
 
Supply Chain Security and Compliance for Embedded Devices & IoT
Supply Chain Security and Compliance for Embedded Devices & IoTSupply Chain Security and Compliance for Embedded Devices & IoT
Supply Chain Security and Compliance for Embedded Devices & IoT
 
Voip automation framework
Voip automation frameworkVoip automation framework
Voip automation framework
 
V&V Lessons Learnt under multiple Standards
V&V Lessons Learnt under multiple StandardsV&V Lessons Learnt under multiple Standards
V&V Lessons Learnt under multiple Standards
 

More from Duncan Purves

Supporting Elderly Independent Living with IOT devices
Supporting Elderly Independent Living with IOT devicesSupporting Elderly Independent Living with IOT devices
Supporting Elderly Independent Living with IOT devicesDuncan Purves
 
The Internet of Trees (IoTr) and is the IoT really sustainable?
The Internet of Trees (IoTr) and is the IoT really sustainable?The Internet of Trees (IoTr) and is the IoT really sustainable?
The Internet of Trees (IoTr) and is the IoT really sustainable?Duncan Purves
 
Insights into the IoT market
Insights into the IoT marketInsights into the IoT market
Insights into the IoT marketDuncan Purves
 
Meeting the NIS Directive with Distributed Ledgers
Meeting the NIS Directive with Distributed LedgersMeeting the NIS Directive with Distributed Ledgers
Meeting the NIS Directive with Distributed LedgersDuncan Purves
 
Extending the reach of IoT to address global scale challenges
Extending the reach of IoT to address global scale challengesExtending the reach of IoT to address global scale challenges
Extending the reach of IoT to address global scale challengesDuncan Purves
 
Smart Cities: A new development
Smart Cities: A new developmentSmart Cities: A new development
Smart Cities: A new developmentDuncan Purves
 
Can you trust your smart building
Can you trust your smart buildingCan you trust your smart building
Can you trust your smart buildingDuncan Purves
 
Saving lives on British Railways with IQRF
Saving lives on British Railways with IQRFSaving lives on British Railways with IQRF
Saving lives on British Railways with IQRFDuncan Purves
 
5G and Connected Communities
5G and Connected Communities5G and Connected Communities
5G and Connected CommunitiesDuncan Purves
 
AWS IoT and Alexa in the connected home
AWS IoT and Alexa in the connected homeAWS IoT and Alexa in the connected home
AWS IoT and Alexa in the connected homeDuncan Purves
 
Smart City Challenge calls
Smart City Challenge callsSmart City Challenge calls
Smart City Challenge callsDuncan Purves
 
Vodafone's NB-IoT Rollout
Vodafone's NB-IoT RolloutVodafone's NB-IoT Rollout
Vodafone's NB-IoT RolloutDuncan Purves
 
Are you prepared for R&D funding
Are you prepared for R&D fundingAre you prepared for R&D funding
Are you prepared for R&D fundingDuncan Purves
 
Thames Valley Berkshire Smart City Cluster Challenge
Thames Valley Berkshire Smart City Cluster ChallengeThames Valley Berkshire Smart City Cluster Challenge
Thames Valley Berkshire Smart City Cluster ChallengeDuncan Purves
 
World Bee Project - The Connected Hive & The Future of Farming
World Bee Project - The Connected Hive & The Future of FarmingWorld Bee Project - The Connected Hive & The Future of Farming
World Bee Project - The Connected Hive & The Future of FarmingDuncan Purves
 
Bridging the gap between hardware and the cloud
Bridging the gap between hardware and the cloudBridging the gap between hardware and the cloud
Bridging the gap between hardware and the cloudDuncan Purves
 
Cyber Academic Startup Accelerator Programme
Cyber Academic Startup Accelerator ProgrammeCyber Academic Startup Accelerator Programme
Cyber Academic Startup Accelerator ProgrammeDuncan Purves
 
The University of Sheffield AMRC
The University of Sheffield AMRCThe University of Sheffield AMRC
The University of Sheffield AMRCDuncan Purves
 
Supervised Manufacturing
Supervised ManufacturingSupervised Manufacturing
Supervised ManufacturingDuncan Purves
 

More from Duncan Purves (20)

Supporting Elderly Independent Living with IOT devices
Supporting Elderly Independent Living with IOT devicesSupporting Elderly Independent Living with IOT devices
Supporting Elderly Independent Living with IOT devices
 
The Internet of Trees (IoTr) and is the IoT really sustainable?
The Internet of Trees (IoTr) and is the IoT really sustainable?The Internet of Trees (IoTr) and is the IoT really sustainable?
The Internet of Trees (IoTr) and is the IoT really sustainable?
 
Insights into the IoT market
Insights into the IoT marketInsights into the IoT market
Insights into the IoT market
 
Meeting the NIS Directive with Distributed Ledgers
Meeting the NIS Directive with Distributed LedgersMeeting the NIS Directive with Distributed Ledgers
Meeting the NIS Directive with Distributed Ledgers
 
Extending the reach of IoT to address global scale challenges
Extending the reach of IoT to address global scale challengesExtending the reach of IoT to address global scale challenges
Extending the reach of IoT to address global scale challenges
 
Smart Cities: A new development
Smart Cities: A new developmentSmart Cities: A new development
Smart Cities: A new development
 
Can you trust your smart building
Can you trust your smart buildingCan you trust your smart building
Can you trust your smart building
 
Saving lives on British Railways with IQRF
Saving lives on British Railways with IQRFSaving lives on British Railways with IQRF
Saving lives on British Railways with IQRF
 
5G and Connected Communities
5G and Connected Communities5G and Connected Communities
5G and Connected Communities
 
AWS IoT and Alexa in the connected home
AWS IoT and Alexa in the connected homeAWS IoT and Alexa in the connected home
AWS IoT and Alexa in the connected home
 
Smart City Challenge calls
Smart City Challenge callsSmart City Challenge calls
Smart City Challenge calls
 
Vodafone's NB-IoT Rollout
Vodafone's NB-IoT RolloutVodafone's NB-IoT Rollout
Vodafone's NB-IoT Rollout
 
Are you prepared for R&D funding
Are you prepared for R&D fundingAre you prepared for R&D funding
Are you prepared for R&D funding
 
Thames Valley Berkshire Smart City Cluster Challenge
Thames Valley Berkshire Smart City Cluster ChallengeThames Valley Berkshire Smart City Cluster Challenge
Thames Valley Berkshire Smart City Cluster Challenge
 
World Bee Project - The Connected Hive & The Future of Farming
World Bee Project - The Connected Hive & The Future of FarmingWorld Bee Project - The Connected Hive & The Future of Farming
World Bee Project - The Connected Hive & The Future of Farming
 
Bridging the gap between hardware and the cloud
Bridging the gap between hardware and the cloudBridging the gap between hardware and the cloud
Bridging the gap between hardware and the cloud
 
Cyber Academic Startup Accelerator Programme
Cyber Academic Startup Accelerator ProgrammeCyber Academic Startup Accelerator Programme
Cyber Academic Startup Accelerator Programme
 
Digital buildings
Digital buildingsDigital buildings
Digital buildings
 
The University of Sheffield AMRC
The University of Sheffield AMRCThe University of Sheffield AMRC
The University of Sheffield AMRC
 
Supervised Manufacturing
Supervised ManufacturingSupervised Manufacturing
Supervised Manufacturing
 

Recently uploaded

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 

Recently uploaded (20)

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 

PSA Certified – building trust in IoT

  • 1. Rob Coombs, Arm Limited 13/06/19 PSA Certified: building trust in IoT A security certification scheme for IoT
  • 2. 2 © 2019 Arm Limited Agenda • Platform Security Architecture recap • PSA Certified – building trust in IoT
  • 3. 3 © 2019 Arm Limited Trust is essential for digital transformation Security Trust devices Trust their data Make impactful decisions Trust brings value Trusted devices Connecting and Managing devices Harnessing Data Insights & Actions
  • 4. 4 © 2019 Arm Limited IoT security is fragmented 100’s of chip vendors with different Roots of Trust of variable robustness, assurance, quality Many RTOS and software platforms struggling to make use of the RoT 10’000’s OEMs building products without a threat model or lab based evaluation PSA has been designed to make it easier and quicker for the value chain to build solutions on a standardised RoT that can scale to low cost microcontrollers SILICON PARTNER B OEM 1 OEM 2 OEM 3 SILICON PARTNER A SILICON PARTNER D SILICON PARTNER C
  • 5. 5 © 2019 Arm Limited Trust starts with a Root of Trust (PSA-RoT) Source of integrity and confidentiality Arm has defined a PSA-RoT and provided an open source reference implementation Separates critical security functions in a Secure Processing Environment (SPE) from rest of system Typically used for secure boot, storing secrets, crypto, attestation, audit logs… Developed by Chip vendors (e.g. by porting Trusted Firmware-M Open source software to secure hardware) PSA RoT Crypto Attestation Trusted boot Secure Storage CPU Memory Peripherals PSA Dev-API Microcontroller
  • 6. 6 © 2019 Arm Limited Making security easier to use (API Compliance) PSA Dev APIs Trusted boot Crypto Attestation Secure Storage Any RTOS/ SW Platform Any architecture PSA RoT Example security functions
  • 7. 7 © 2019 Arm Limited 4 parts to Platform Security Architecture Certify A complete security offering – Openly published. Independently tested.
  • 8. 8 © 2019 Arm Limited PSA next steps • Microcontroller with RTOS has been our first focus for PSA & TF-M • Building a standard RoT and API Compliance program • Creating a security certification program (next topic) • PSA for Application processor with Rich OS (e.g. Linux) based systems is planned • Making TEE easier to use with PSA Security Functions
  • 9. 9 © 2019 Arm Limited 9 PSA Certified Building trust in IoT
  • 10. 10 © 2019 Arm Limited PSA Certified – An overview Building trust through independent testing Dedicated to PSA-RoT enabled chips, devices and platforms Builds on IoT threat models, PSA Security Model & PSA-RoT Protection Profile Simple 3 level scheme Scalable to IoT ecosystem Backed by reputed experts Supporting complementary vertical evaluations
  • 11. 11 © 2019 Arm Limited Who developed PSA Certified? Six PSA Joint Stakeholder Members
  • 12. 12 © 2019 Arm Limited How it works PSA Certified provides 3 progressive levels of security assurance / robustness: PSA Certified Level 1, 2 & 3 PSA Functional API Certified enables ecosystem through a consistent high level interface to the PSA- RoT Robustness Depthoftesting PSA certified levels
  • 13. 13 © 2019 Arm Limited PSA Certified Levels Three assurance Levels Level 1: Document & Declare with lab check • Security Model goals • IoT Threat models – SFRs • Aligning with governments code of practice Level 2: Mid Level assurance/robustness • Time-limited white box testing (CSPN style) • PP, eval methodology & attack methods Level 3: Substantial – MCU PP Under development • More extensive attacks (AP similar to TEE) • Higher assurance • PP planned donation to GlobalPlatform PSA Certification Level Silicon RoT OS OEM L3 Months ü 3rd party evaluation schemes e.g. SESIP, UL2900L2 1 month ü L1 1 day ü ü ü
  • 14. 14 © 2019 Arm Limited www.psacertified.org now live Thank you to our lead partners! Great momentum for support PSA Certified Additional certified products online: Express logic Keil RTX Lierda
  • 15. 15 © 2019 Arm Limited Summary PSA Certified™ builds trust in devices and data Two components: f u n c t i o n a l A P I Security certification A multi-level scheme testing the security assurance/robustness of IoT chips, platforms & devices designed for systems that contain a PSA-RoT Functional API certification (API Compliance) Uses test kits to prove that PSA based solutions have a consistent set of APIs for essential security functions, ensuring a consistent developer experience
  • 16. 16 © 2019 Arm Limited 16 Questions? Get started with PSA Certified™ and visit www.psacertified.org
  • 17. The Arm trademarks featured in this presentation are registered trademarks or trademarks of Arm Limited (or its subsidiaries) in the US and/or elsewhere. All rights reserved. All other marks featured may be trademarks of their respective owners. www.arm.com/company/policies/trademarks