PSA Certified Level 3 is used by chip vendors to show that their PSA Root of Trust (PSA-RoT) can protect assets against substantial software and hardware attack. PSA Certified Level 3 + Secure Element is an additional PSA Certified certification that recognizes solutions that also have a high level of protection for their crypto and key store against physical and software attacks. A PSA Certified Level 3 + Secure Element certified Root of Trust (RoT) relies on a Secure Element or Secure Enclave that has itself been certified at higher attack resistance using PSA Certified Level 4 iSE/SE.
A High Level of Attack Resistance
Achieving PSA Certified Level 3 + Secure Element will enable chip vendors to demonstrate to their OEM customers a high level of protection from physical and software attacks to assets they care about the most – secret crypto keys and crypto functions.
Growing Applicability
Attack methods get more sophisticated every year as advances in hacking equipment come to market. OEMs who need to protect high value systems or protect their brand may want to consider chips that have achieved PSA Certified Level 3 + Secure Element.
Efficient Certification Through Composition – Certify the Trusted Subsystem First
PSA Certified Level 3 + Secure Element builds on a Secure Element (aka Secure Enclave when on chip) that has achieved a PSA Certified Level 4 iSE/SE certificate. The crypto and key storage security functions are tested in the laboratory at a higher Attack Potential (AP=25) and with higher assurance than PSA Certified Level 3.
PSA Certified Level 3 + Secure Element at a Glance
| Audience | Chip Vendors |
| Scope | PSA Root of Trust using a Secure Element / Secure Enclave* |
| Threats | See PSA Certified Attack Methods document |
| Security Functional Requirements | See PSA Certified Level 3 and Level 4iSE/SE SESIP Profiles |
| Evaluation Effort | Check with the evaluation lab (white box) |
*The Secure Element or Secure Enclave needs to be pre-certified using PSA Certified Level 4 iSE/SE