Arm announces PSA security architecture for IoT devices

Arm hopes the adoption of its new PSA system will help protect trillions of connected devices in the future.
Written by Charlie Osborne, Contributing Writer

Arm has unveiled PSA, a new systems architecture designed to help secure and protect today's connected devices.

The British semiconductor firm said on Monday ahead of TechCon 2017 that the new system, Platform Security Architecture (PSA), is intended to act as a common industry framework for developers, hardware, and silicon providers as a means to enhance the security of Internet of Things (IoT) devices built on system-on-a-chip (SoC) Arm Cortex processors.

Last year, Arm and SoftBank Chairman Masayoshi Son predicted a trillion connected devices could be in play by 2035.

These devices will require protection at not only the network but hardware level, to prevent them being used for more nefarious purposes such as in the case of the Mirai botnet.

This is where PSA comes in, according to Arm. The company, which expects to have shipped roughly 200 billion Arm-based chips by 2021, says that "security is no longer optional" for IoT and hopes that by introducing PSA, cost factors can be reduced and security can be implemented fully from device production to the cloud.

The PSA framework is a recipe which covers the basics for IoT security requirements. It includes threat models and security analysis, hardware and firmware architecture specifications, and firmware source code to implement better IoT security standards.

In addition, PSA provides direction for secure ways to identify devices and how to conduct secure over-the-air updates, certificate-based authentication -- rather than relying on traditional passwords to secure devices -- and ways to implement trusted boot sequences.

The architecture is OS agnostic and can be supported by Arm's RTOS and software vendor partners, including Arm Mbed OS.

In order to encourage the rapid adoption of PSA, Arm also plans to push forward open-source reference implementation firmware called Trusted Firmware-M which supports the PSA specification.

Trusted Firmware-M will target Armv8-M systems, to begin with, before the code is released to the open-source community in 2018.

Arm says that the new architecture represents a "fundamental shift" in the economics of IoT security, and by introducing a set of ground rules, developers and vendors alike will be able to reduce the cost, time, and risk associated with today's IoT security.

"Achieving this vision will require that we, the global population, become more knowledgeable in protecting our devices, while trusting the technology industry is doing everything it can to protect them and our data," says Paul Williamson, vice president and general manager of Arm's IoT Device IP unit. "No easy task as this trust will need to be earned while battling hackers who relentlessly seek vulnerabilities to find more entry points into our lives."

PSA as a whole will be released, together with its specifications, in Q1 2018. According to Rob Coombs, IoT Security Director at Arm, the development of PSA represents a "multi-year journey for Arm and its partners."

In addition to the release of PSA, Arm has also announced Arm TrustZone CryptoIsland, a new product range of security subsystems on-die and at the smartcard level designed for apps which need high levels of security -- such as LPWA communication and storage -- as well as the new Arm CoreSight SDC-600 Secure Debug Channel, which is used for debugging.

Internet of Things gadgets to make your home smarter

Previous and related coverage

Editorial standards