PSA Certified scheme has two types of certification and hence there are two logos available:
The first, PSA Certified, is for products passing the security evaluation by the test lab and awards a logo with a padlock in the middle of a green diamond and indicates the achieved level of product certification (level 1, 2 or 3).
The second is awarded to products that use the PSA Certified APIs and pass the test suites, “PSA Certified API Compliance”, this is indicated by a logo without the padlock.
Solutions with the “PSA Certified APIs” logo use some well-designed, high level, easy to use APIs to interface to the PSA Root of Trust security functions such as crypto services, attestation, secure storage and secure boot. Chip vendors and RTOS providers supporting the APIs will help device makers and software developers make use of the PSA RoT trusted services in a secure and consistent way and help provide secure foundations for IoT products at scale.
To facilitate chip vendors and software developers adopt the APIs at a pace that fits in with their product development cadence as well as accommodating legacy solutions, the PSA JSA members have decided to keep the two parts of the certification scheme independent for the rest of 2019. This means that PSA Certified Level 1 certification can be achieved with optional API compliance.
To realise the full value of PSA Certified it is highly recommended that chip vendors, software providers and OEMs make use of both parts of the scheme: PSA Certified and PSA Certified API (the API compliance part).
Blog post updated in Dec 2023 to reflect new API naming and compliance scheme.