PSA Certified Level 2

For Chips That Protect Against Scalable, Remote Software Attacks

Skip to content

Time-efficient Testing

Time-boxed evaluation (ANSSI CSPN style) provides an efficient evaluation at reasonable cost. A fixed evaluation lab effort of 25 days can be done off the critical path from a product development point of view.

Independent Assurance

Moving from “trust me” to independent lab-based testing and review from the PSA Certified Certification Body provides customers with security assurance suitable for many mass market IoT solutions.

Widespread Applicability

Once a PSA-RoT is certified, multiple companies can use it in different use cases and markets.

PSA Certified Level 2 At a Glance

Audience

Chip Vendors
Scope

PSA Root of Trust
Threats

Seven – detailed in the PSA-RoT Protection Profile
Security Functional Requirements

Nine – detailed in the PSA-RoT Protection Profile
Evaluation Effort

25 days* – white box evaluation

Chips can achieve certification of PSA Certified Level 1 and PSA Certified Level 2 at once, because PSA Certified Level 2 assesses both requirements.

*The elapsed calendar time may differ depending on available resources and interactions with the certification body. The 25 days of evaluation efforts includes Security Target review, vulnerability assessment, test plan, testing and write-up of the Evaluation Technical Report.

Evaluation Methodologies and Attack Methods

Silicon vendors can choose between one of two equivalent evaluation methodologies providing the same level of assurance, assessing protection against scalable software attacks. For your first certification, the ANSSI CSPN route is simpler as you do not need to use formal language. If you want to use your certification in composition as part of a larger certification, you may choose the SESIP route.

For Device Manufacturers Using PSA Certified Level 2 Chips in End Products:

Cryptographic keys stored in the PSA-RoT should be unique per device to prevent creation of a honeypot for physical attacks, including side-channel attacks.

For further information on the attack methods for PSA Certified Level 2 evaluation, contact an evaluation lab.

PSA Certified Level 2 RoT Component

Showcase RoT components that provide protection against scalable, remote software attacks, by aligning to a sub-set of the PSA Certified Level 2 security functional requirements. This process uses the SESIP protection profiles and allows you to achieve an official PSA Certified certificate.

Learn More

PSA Certified Level 2 Ready Pre-Certification

PSA Certified Level 2 Ready reflects the unique requirements in the security ecosystem. It offers a pre-certification assessment for development systems with significant investment in security and assesses a sub-set of security requirements.

PSA Certified Level 2 Ready speeds the route to more comprehensive PSA Certified Level 2 certification of development systems.

Learn More
Level 2 steps

Start your Certification

Access the PSA Certified Level 2 protection profiles, attack methods and certification guidance resouces.

Read more

Related Links