This solution has attained the SESIP Profile and passed the PSA Certified Level 3 RoT Component.
The new certified solution is intended for semiconductor companies looking for a reliable Root of Trust subsystem and who are under pressure to attain PSA Certified Level 3. For this PSA Certified Level 3 RoT Component certification, PUFcc was combined with the Arm Corstone -300 IoT reference design platform and evaluated under the SESIP (Security Evaluation Standard for IoT Platforms) profile.
This evaluation (including penetration testing) was then carried out by an independent laboratory using five mandatory and five optional security functional requirements (SFR) as the main criteria.
The mandatory requirements are verification of platform identity, secure update of platform, physical attacker resistance, secure communication support, and secure communication enforcement - optional requirements include verification of platform instance identity, attestation of platform genuineness, cryptographic operation, cryptographic random number generation, and cryptographic key generation.
“As the number of connected devices continues to ramp up in the age of AI, embedded security has never been more important,” said Paul Williamson, SVP and GM, IoT Line of Business at Arm. “PSA Certified has become the platform of choice for our partners to swiftly meet regional cybersecurity and regulatory requirements and the combination of PUFsecurity’s IP with Arm Corstone demonstrates how effective these reference designs can be in speeding up design without compromising security.”
"As the IoT landscape continues to expand, prioritising security is essential to comply with new regulations and ensure the safety of all users. Security protection must be rooted in hardware, which is why we are dedicated to delivering the best-in-class PUF-based security product. Thanks to Arm's support, this certification marks another significant milestone for us. The combination of PUFcc and Arm Corstone provides the most complete and robust security framework, which comes about just at the right time during the AI era,'' added PUFsecurity president Charles Hsu.
The PSA Certified framework is a globally recognised safety standard platform to ensure that the security features of IoT devices are guaranteed during the design phase. It provides practical implementation guidance, tools, and verification services to support this goal.
The PSA Certified framework is a common language for the ecosystem to meet international cybersecurity laws, ensuring that all connected devices are built upon a Root of Trust and as more security regulations are defined, fast-tracking the adoption of PSA-certified solutions is now seen as essential for the industry going forward.
