The certification demonstrates independent security assessment of the platform and will assure device makers and consumers that the technology meets a recognised security baseline.
PSA Certified (co-founded by Arm, Brightsight, CIACT, Prove & Run, Riscure, TrustCB and UL) provides a comprehensive approach to security evaluation that comprises of a multi-level scheme that is aligned to NIST and ETSI cybersecurity baseline requirements.
The security testing is based on third-party lab evaluation that builds trust through independent checking of generic IoT platform components, including the PSA Root of Trust (source of integrity and confidentiality), the system software and the device application.
The EmSPARK Security Suite has been designed to address solutions in industries where embedded security is paramount -- such as industrial control, building automation, the smart home, machine vision, automotive communication, and medical devices. By becoming PSA Certified, Sequitur is looking to provide a 'demonstrable level' of capabilities to device manufacturers that EmSPARK’s embedded firmware, keys and security-critical assets will remain trusted and secure throughout the entire lifecycle.
“We understand the nuance between our saying the EmSPARK Security Suite provides a robust security framework and having an independent security consortium affirm the same claim,” said Philip Attfield, Co-founder and CEO, Sequitur Labs. “By gaining PSA Certified status, we are helping to provide manufacturers interested in leveraging EmSPARK with a tangible way to ensure their devices remain secure with the firmware, tools and APIs needed to properly execute IoT protection. While the level of protection that we offer hasn’t changed, IoT manufactures now have increased confidence that their devices are properly secured to a declared industry-standard.”
Built on three pillars of product security – design, build and sustain – EmSPARK uses the Arm TrustZone architecture extension to create a safe-and-secure environment for critical device data and applications.
Supporting security functions for encryption, storage, data transmission and key/certificate management are delivered by EmSPARK and housed in the secure environment.
IoT hardware manufacturers use EmSPARK to implement device-level security by addressing all the technical, IP, supply chain and business process challenges and, as a result, developers can more easily build applications that use secure resources without having to become experts in cryptography and complex hardware security technologies.
