Building a safe and secure embedded world

Embracing the Internet of Things

Communication and connectivity without boundaries

Platform Security Architecture

Businesses are transforming the way they work, introducing new technologies to innovate and discover new opportunities. Connected devices are driving this digital transformation, generating data and insights that influence key decisions.

The value of all this new data relies solely on its trustworthiness, making security one of the greatest threats to digital transformation.

The Platform Security Architecture (PSA) offers a framework for securing connected devices. It provides a step-by-step guide to building in the right level of device security, reducing risk around data reliability, and allowing businesses to innovate on new ideas to reap the benefits of digital transformation.

The PSA was created to help ensure security is designed into a device from the ground up.

The Platform Security Architecture (PSA) is made up of four key stages: analyse, architect, implement, and certify.

The analyse stage offers a set of freely available example Threat Models and Security Analyses (TMSA) for three common IoT use cases. The goal of this stage is to analyse the threats that have the potential to compromise your device and generate a set of security requirements, based on the risks.


The architect stage contains a set of freely available hardware and firmware specifications to design-in the necessary security requirements for your product. The specifications include the PSA Security Model (PSA-SM), Trusted Boot Firmware Update (TBFU), Trusted Base System Architecture (TBSA), and the PSA Firmware Framework (PSA-FF). The PSA Security Model provides important terminology and methodology for PSA and informs the use of the other PSA specifications. 


The implement stage offers an open source firmware reference implementation, APIs and an API test suite. These collectively provide developers with a trusted code base that complies with PSA specifications, and APIs that create a consistent interface to underlying Root of Trust hardware.

Additionally, there are three sets of PSA APIs that ensure application interoperability across different hardware implementations of the device Root of Trust. These include the PSA Functional Developer APIs for RTOS and software developers, PSA Firmware Framework APIs for security specialists, and TBSA APIs for silicon manufacturers.


The certify stage, known as PSA Certified, is an independent evaluation and certification scheme, developed by Arm and its security partners. The scheme is split into two key areas: PSA Functional API Certification and PSA Certified.

PSA Functional API Certification checks that software uses PSA interfaces correctly, through an API test suite. 

PSA Certified consists of three progressive levels of assurance and robustness testing, enabling device makers to choose solutions appropriate to their use case.


Find out more...

To find out more, contact Trevor Martin on 024 7669 2066.

To top

Search formContactOnlineshop