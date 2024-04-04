New PSA Certified Level 4 iSE/SE raises the bar on chip security for secure design in the age of AI

Infineon becomes the first partner to be under evaluation in the lab for the new PSA Certified Level 4 iSE/SE

PSA Certified surpasses 200 certifications, as 75% of businesses say security has become a higher priority in the last 12 months1

PSA Certified, the global security and evaluation framework for the connected device ecosystem, has today announced its highest certification level to date as it accelerates its mission to build assurance in connected devices. The new PSA Certified Level 4 iSE/SE certification offers enhanced protection of high value assets that can secure valuable AI models, future-proofing systems against new attack methods and rising security threats linked to the rapid adoption of edge AI. Its launch follows a period of strong momentum for PSA Certified which has become a trusted route for demonstrating security best practice and the assurance of connected devices.

David Maidment, Senior Director, Secure Devices Ecosystem at Arm (a PSA Certified co-founder):

As the world embraces a new set of AI-enabled use cases, the value of data and assets has never been higher; nor has the importance of protecting them. The launch of PSA Certified Level 4 iSE/SE is testament to our commitment to helping the industry deploy security features that will protect devices and models from malicious changes and theft now, as well as over the next decade."

As security cements its position as a business imperative, forward-looking companies are uplevelling their investment in security-by-design. PSA Certified has now surpassed the milestone of 200 certifications from nearly 90 technology providers, making it one of the most successful schemes to address connected device security.

The newly launched PSA Certified Level 4 Integrated Secure Enclave Secure Element (iSE/SE) certification, already available at PSA Certified Labs, builds on the scheme's momentum further and underpins a step change that can be used to protect valuable models and data during device boot and at rest (when models reside in secure storage). The level recognizes the use of a highly robust integrated Secure Enclave (iSE) or Secure Element (SE) that acts as a trusted subsystem to the full Root of Trust (PSA RoT). By safeguarding critical cryptographic functions and key storage, OEMs can now ask for a RoT with a trusted subsystem that offers a 'high' level of attack resistance.

Benefits of PSA Certified Level 4 iSE SE Certification include:

Protecting ML models at rest with highly robust crypto and key storage

PSA Certified Level 4 iSE/SE considers more sophisticated attack methods in scope. Chips that achieve this new level could be used in an AI context to help protect valuable models and data at boot and rest: some chips will need protection from advanced fault injection and differential power analysis (up to and including EMFI, single laser and multi-glitching). PSA Certified Level 4 iSE/SE chips will also benefit from stronger cryptography of at least 128-bit strength. The new level offers a "high" level of protection of the PSA-RoT assets from physical or software attack.

A trusted subsystem that achieves PSA Certified Level 4 iSE/SE can be used through composition in a PSA Certified Level 3+SE certification of the full PSA RoT security functionality. The PSA Certified Level 3 document has been updated to allow this new certification level.

PSA Certified Level 4 iSE/SE will help protect emerging use cases from sophisticated security attacks

PSA Certified Level 4 iSE/SE offers additional security against more advanced attacks. Chips that offer this RoT provide a strong trust anchor that could be used to decrypt and verify OTA updates which help protect models in high-value systems.

Chips that offer this RoT provide a strong trust anchor that could be used to decrypt and verify OTA updates which help protect models in high-value systems. Industrial and safety-critical use cases need to support system recovery and stronger authentication: re-establishing integrity, confidentiality and availability are fundamental when rebooting systems and deploying OTA updates when faults are found, or upgrades are required. PSA Certified iSE/SE also mandates higher strength cryptography, which protects against more sophisticated attacks.

Trust anchor for Edge AI and infrastructure chips, providing a "High" level of protection against physical and software attacks on critical assets that require a more robust Root of Trust to maintain system integrity.

A transparent certification scheme with a route to High, Substantial, and Basic levels of robustness and assurance, purpose-built for the SoC market

PSA Certified offers a variety of robustness levels to match the market's needs, all specifically designed for the electronics industry. By allowing a trusted subsystem to be certified as a component, and that certificate reused as part of a complete PSA RoT many times, chip vendors benefit from significant time and cost savings.

The first partner to aim for the PSA Certified Level 4 iSE/SE standard is Infineon, showcasing its commitment to developing IoT devices to the highest security-by-design standards.

Erik Wood, Senior Director, IoT Secure MCU Products at Infineon comments:

"In the age of AI, the risks of insecurity are immense and increasing. I've backed PSA Certified since launch and I am impressed by its success in uniting the technology ecosystem around the common goal of improving trust and security within the connected device ecosystem, while aligning to emerging government standards and legislation. The launch of PSA Certified Level 4 iSE/SE takes that one step further. With this new level, the electronics industry is better able to protect against the growing advancement of attack methods driven by the explosion of machine learning, generative AI and LLM."

About PSA Certified

PSA Certified is a global partnership of security-conscious companies who are proactively building security best practices into devices at scale. Our security framework and independent third-party evaluation scheme was originally spearheaded by Arm and six other security ecosystem leaders (and now maintained by Applus+ Laboratories, CAICT, ECSEC Laboratory, ProvenRun, Riscure, SGS Brightsight, Serma, TrustCB, and UL) providing the resources needed to build upon the Root of Trust.

PSA Certified has scaled to become one of the fastest growing, most valued security ecosystems, globally. Being awarded 'Ecosystem of the Year' in the IoT Global Awards 2021 is testament to the role it has played in uniting industry, standards bodies, regulators and insurers together under one initiative. In doing so it's accelerating the cross-industry collaboration required to untap the full potential of the IoT.

With 200 certifications from 88 partners, PSA Certified has democratized the adoption of security across the electronics industry, giving the ecosystem the confidence to innovate, while protecting consumers from the most common hacks.

Find out more: psacertified.org

1A Certified Security Report 2023

