PLEASE ROTATE ME
February 8, 2022
PSA certification is a reliable way for developers to ensure their products offer improved data safety to consumers.
The proliferation of Internet of Things (IoT) devices brings both innovation and risks to the technological landscape. A majority of IoT developers and companies are aware of security risks that can occur, yet 53 percent of hardware manufacturers do not run sufficient security checks when producing a product, in large part because they are dealing with conflicting security standards. That’s why Platform Security Architecture (PSA) certification guidelines for hardware security exist — they offer hardware developers and consumers evidence that their products include proper security measures.
PSA certification was established in 2017 by seven security organizations to address the lack of industry-standard security principles needed to assess the defensive capability of a system on a chip (SoC). Since the IoT industry is already familiar with the importance of root of trust (RoT) in hardware development, PSA certification works harmoniously with it to align with existing expectations for security.
PSA certification involves an in-depth questionnaire, lab evaluation, and extensive board review. Certification is classified into three levels, depending on the degree of investment developers are willing to engage in:
Over 50 companies have already gauged their products’ security with PSA standards, and this number is expected to grow as IoT becomes further ingrained in our digital world.
Attacks on software programs take up to 90 days to resolve, while it can take years for hardware flaws to be patched. Chips of varying models and microcodes make these issues complicated to fix, especially if they were not comprehensively checked for potential weaknesses during the development process. PSA certification saves developers and consumers time and money by thoroughly testing chips’ RoT capabilities to reduce the risk of a malware attack in the first place.
RoT is the backbone of hardware security, so it’s important for consumers to know just how dependable it is for the device they’re using. Consumers interested in IoT devices but apprehensive about cyber threats are likely to be interested in products with PSA certification.
Additionally, developers and vendors need to comply with government cybersecurity regulations, but there’s often no transparency regarding a device’s current level of security or how it is achieved. Moreover, smaller businesses may have difficulty integrating quality security solutions into their products. According to PSA Certified, only 33 percent of smaller companies admit to running threat analyses. This lack of security can severely tarnish a business’ reputation.
PSA certification provides all hardware companies with an easy and accessible guide for quality protection, while granting consumers more visibility into the safety of their data.
Telink can help you quickly develop your products while minimizing security risks. Telink’s TLSR9 chip is the world-first PSA certified IC with RISC-V ISA. Developers can reduce time-to-market (TTM) and garner consumer confidence by using a chip that already complies with the highest security standards in the market.
Please visit our wiki to learn more about all our development tools, or ask us a question through our Technical Forum or by contacting us directly today.