PSA Certified now available with GlobalPlatform’s SESIP evaluation methodology
By Rob Coombs, GlobalPlatform Vice Chair
The PSA Joint Stakeholders Agreement (PSA JSA) Members have officially published the PSA Certified Level 3 SESIP profile for the Root of Trust. Chip vendors can now achieve PSA Certified Level 3 using GlobalPlatform’s SESIP evaluation methodology, helping them to demonstrate the robustness of their security subsystem designed to protect against substantial physical and software attacks.
GlobalPlatform’s SESIP is an evaluation methodology intended for use by third party schemes such as PSA Certified, creating a ‘plug and play’ simplified approach to security evaluations. As an early adopter of the SESIP evaluation methodology, PSA Certified recognizes the need for harmonized evaluation methodologies across schemes, smoothing the route and reducing time to market for vendors requiring multiple product certifications.
The huge diversity found in IoT chips, software and products has long been an obstacle to creating secure by design connected products. To improve the situation, the PSA Certified founders (JSA members) defined a new chip-based security component, the Platform Security Architecture Root of Trust (PSA-RoT) by writing a Protection Profile and launching an independent security evaluation scheme, PSA Certified. Happily, market adoption has been swift. Now most major microcontroller vendors support this initiative, that is backed by open source software at www.trustedfirmware.org and easy to use Functional APIs that have been integrated into leading software platforms, such as FreeRTOS.
The chip’s PSA-RoT is a Secure Processing Environment that acts as the trust anchor for the device and services that depend upon it. It is usually created by combining trusted hardware (think crypto accelerators, private key stores and memories) with trusted firmware that is hidden from the main software by hardware isolation. It provides a small set of security services such as crypto, secure storage, attestation and trusted boot that must be trusted by the device and services. Consequently, the chip’s PSA-RoT has to be trustworthy and independent test lab-based evaluation can help build this trust across the value chain.
PSA Certified has three levels of progressively increasing assurance and robustness that chip vendors can use to categorize their chip’s PSA-RoT:
PSA Certified Level 1 – Cybersecurity baseline questionnaire
Approximately 50 security principle led requirements split into three sections for chip vendors, software platforms and device manufacturers. PSA Certified Level 1 maps to NIST 8259A and EN 303 645 (ETSI) device requirements.
PSA Certified Level 2 – Protection from scalable software attacks
25-day test laboratory led evaluation of the chip’s PSA-RoT using the published Protection Profile, Evaluation Methodology and Attack Methods.
PSA Certified Level 3 – Protection from substantial physical and software attacks
Physical attacker is in scope and the attack potential is raised to “substantial”. PSA-RoT assets such as cryptographic keys need protection from side channel attacks e.g. an attacker using Chipwhisperer.
The group of seven companies that form the PSA JSA have developed a Protection Profile (PP) for a generic System on Chip (SoC) Root of Trust, the PSA-RoT. Protection Profiles are independent of how developers create their implementations; they summarize the security problems and objectives, and conclude with a set of security requirements. The PSA-RoT can be implemented on any processor architecture, certified with an evaluation lab of the developer’s choice and validated by an independent certification body, TrustCB. The newest PSA Certified Level 3 PP has been developed to enable chip vendors to demonstrate that their PSA-RoT can protect against substantial physical and software attacks. The Level 3 PP is now available in two formats: a CSPN style set of documents (PP, Evaluation Methodology and Attack Methods) and with GlobalPlatform’s SESIP evaluation methodology.
When an OEM is choosing a SoC they should consider the robustness and assurance they need for the Root of Trust. A PSA Certified Level 2 chip has independent testing to prove that it can protect its PSA-RoT assets, such as cryptographic keys and trusted boot, from scalable remote software attacks. Real chips are evaluated in the laboratory through a controlled process of vulnerability analysis and penetration testing. For many IoT devices, a PSA Certified Level 2 chip will be ideal. However, there will be some applications where the value of the assets or services are so high that the device manufacturer will want to ensure that the sensitive assets in the PSA-RoT are protected from local physical attacks and side-channel attacks. This requires the chip to be hardened to protect it from more sophisticated attackers using techniques such as Differential Power Analysis (DPA) and voltage glitching, that can be applied against a single device. PSA Certified Level 3 helps the OEM choose a secure MCU or secure MPU for these more demanding applications.
The PSA JSA members are supportive of SESIP’s goal to provide a flexible evaluation methodology that can cope with the diversity of IoT chips, software and devices. GlobalPlatform has become the home of SESIP and works with approved Certification Bodies, such as TrustCB, which run evaluation schemes such as PSA Certified. One of the potential benefits of SESIP is its ability to create the effective re-use of certificates through layering (known as composition). The GlobalPlatform SESIP Task Force is mapping existing industry security requirements such as IEC 62443 into SESIP’s format to help this process and make certification more efficient for the electronics industry.
The PSA Certified Level 3 SESIP protection profile can be found here. It is now available for use at PSA Certified evaluation labs that support the SESIP evaluation methodology.
