What are the PSA Certified Levels?
The PSA Certified framework and certification program guides you to security best practice and enables device makers to choose a chip with the appropriate level of security assurance and robustness for their market.
- PSA Certified Level 1 is for device, software and chip vendors who want to demonstrate that good security principles have been applied
- PSA Certified Level 2 is for chip vendors who want to use independent testing to show that their PSA Root of Trust (PSA-RoT) security component can protect against software attacks
- PSA Certified Level 2 + Secure Element is an additional PSA Certified certification which recognizes solutions that also have substantial physical protection for the cryptographic keys and cryptographic operations.
- PSA Certified Level 3 is for chip vendors who want to provide evidence that the PSA-RoT protects against substantial hardware and software attacks.
- PSA Certified Level 3 + Secure Element is an additional PSA Certified certification which recognizes solutions that also have substantial physical protection for the cryptographic keys and cryptographic operations.
- PSA Certified Level 4 iSE/SE is for chip vendors who use an integrated Secure Enclave or external Secure Element that provides a high level of robustness to physical and software attacks
- PSA Certified Level 2 or PSA Certified Level 3 RoT Component is a certification for IP components that provide a subset of the full PSA-RoT Security Functional Requirements.
How Does My Company or Product Become PSA Certified?
To become PSA Certified you first need to select a PSA Certified evaluation laboratory. Each PSA Certified lab set their own pricing structure, so it’s recommended to speak to a couple of a different labs to get quotes. From there, the process looks a little bit different depending on which PSA Certified level you’re aiming for, and what type of product you are responsible for. For PSA Certified Level 1, you will be expected to fill in the PSA Certified Level 1 questionnaire and then get a lab to review and feedback. For any of the other levels, the product will need to have vulnerability assessment in the lab.
There is more information in the sections below which describes the testing for different types of organizations.
-
For Device Manufacturers
Read moreGain compliance of global regulations and demonstrate best practice. PSA Certified offers peace of mind, trust and a lower total cost of ownership, putting security at the heart of your product. Align to major regional cybersecurity baseline requirements such as NIST 8259A and ETSI EN 303 645.
Read more -
For Silicon Vendors
Read moreSecurity starts at the heart of a device: the silicon. PSA Certified defines a PSA Root of Trust security component and provides a scalable certification program that is cost-effective and fast-to-market. Demonstrate the value added security features of your chip to the whole IoT ecosystem.
Read more -
For System Software Providers
Read morePSA Certified expands security adoption by hiding security complexities of the chip’s PSA Root of Trust behind easy-to-use high-level APIs. Provide sophisticated security without the time, effort and costs. Demonstrate good security practice with PSA Certified Level 1.
Read more -
For IP Providers
Read morePSA Certified gives confidence and assurance of security best practice in IoT components. Certify your software platform, security solution, development boards, FPGA or test chips to ease adoption of your IP into PSA Certified devices.
Read more -
Find a PSA Certified Evaluation Lab
Read moreThe PSA Certified evaluation labs provide industry-leading security assurance for chips, software and devices. With locations around the world, the labs make security accessible globally. A certification body oversees the program to ensure independence and quality assurance is upheld across the labs.
Read more