| Julian Hall | 6ff788e | 2022-04-12 13:21:18 +0100 | [diff] [blame] | 1 | PSA Certified |
| 2 | ============= |
| 3 | PSA Certified provides a framework for securing connected devices. Certification demonstrates |
| 4 | that security best practices have been implemented, based on an independent security assessment. |
| 5 | For more information, see: `PSA Certified`_. |
| 6 | |
| 7 | PSA Certified defines ten security goals that form the foundation for device security. The |
| 8 | certification process involves an assessment that these security goals have been met. The |
| 9 | Trusted Services project includes service provider components and reference integrations |
| 10 | that a system integrator may use as the basis for creating a platform that meets these goals. |
| 11 | |
| 12 | PSA Goals |
| 13 | --------- |
| 14 | The following table lists the ten security goals and how the Trusted Services |
| 15 | project helps to achieve them: |
| 16 | |
| 17 | .. list-table:: |
| 18 | :widths: 1 2 |
| 19 | :header-rows: 1 |
| 20 | |
| 21 | * - PSA Certified Goal |
| 22 | - Trusted Services Contribution |
| 23 | * - Unique Identification |
| 24 | - | A unique device identity, assigned during manufacture, may be stored securely |
| 25 | | using the Secure Storage trusted service with a suitable platform provided backend. |
| 26 | * - Security Lifecycle |
| 27 | - | The Attestation trusted service provides an extensible framework for adding claims |
| 28 | | to a signed attestation report. The security lifecycle state claim is planned to be |
| 29 | | added in a future release. |
| 30 | * - Attestation |
| 31 | - | A remote third-party may obtain a trusted view of the security state of a device by |
| 32 | | obtaining a signed attestation token from the Attestation service. |
| 33 | * - Secure Boot |
| 34 | - | Secure boot relies on a hardware trust anchor such as a public key hash programmed into |
| 35 | | an OTP eFuse array. For firmware that uses TF-A, all firmware components are verified |
| 36 | | during the early boot phase. |
| 37 | * - Secure Update |
| 38 | - | Involves cooperation of a trusted service with other firmware components such as the |
| 39 | | boot loader. |
| 40 | * - Anti-Rollback |
| 41 | - | The Secure Storage service provider can be used with arbitrary storage backends, allowing |
| 42 | | platform specific storage to be used. Where the necessary hardware is available, roll-back |
| 43 | | protected storage can be provided with a suitable backend. |
| 44 | * - Isolation |
| 45 | - | The trusted services architectural model assumes that service isolation is implemented using |
| 46 | | a hardware backed secure processing environment. A secure partition managed by a Secure |
| 47 | | Partition Manager is one method for realizing isolation. |
| 48 | * - Interaction |
| 49 | - | The FF-A specification defines messaging and memory management primitives that enable |
| 50 | | secure interaction between partitions. Importantly, the secure partition manager provides |
| 51 | | a trusted view of the identity of a message sender, allowing access to be controlled. |
| 52 | * - Secure Storage |
| 53 | - | The Secure Storage service provider uses a pre-configured storage backend to provide |
| 54 | | an object store with suitable security properties. Two deployments of the secure storage |
| 55 | | provider (Internal Trusted Storage and Protected Storage) are included with platform |
| 56 | | specific storage backends. |
| 57 | * - Cryptographic Service |
| 58 | - | The Crypto service provider implements a rich set of cryptographic operations using |
| 59 | | a protected key store. Key usage is controlled based on the least privileges principle |
| 60 | | where usage flags constrain permitted operations. |
| 61 | |
| 62 | Conformance Test Support |
| 63 | ------------------------ |
| 64 | To support API level conformance testing, the `PSA Arch Test project`_ provides a rich set |
| 65 | of test suites that allow service implementations to be tested. To facilitate running of |
| 66 | PSA functional API tests, the psa-api-test deployment (see: :ref:`Test Executables`) is |
| 67 | supported which integrates test suites with service clients. This can be used to run tests |
| 68 | on a platform and collect tests results to provide visibility to an external assessor. |
| 69 | |
| 70 | -------------- |
| 71 | |
| 72 | .. _`PSA Certified`: https://www.psacertified.org/ |
| 73 | .. _`PSA Arch Test project`: https://github.com/ARM-software/psa-arch-tests.git. |
| 74 | |
| 75 | *Copyright (c) 2022, Arm Limited and Contributors. All rights reserved.* |
| 76 | |
| 77 | SPDX-License-Identifier: BSD-3-Clause |