Arm Community
Arm Community
  • Site
  • User
  • Site
  • Search
  • User
Arm Community blogs
Arm Community blogs
Architectures and Processors blog Platform Security Architecture – Scalable Security for the IoT
  • Blogs
  • Mentions
  • Sub-Groups
  • Tags
  • Jump...
  • Cancel
More blogs in Arm Community blogs
  • AI blog

  • Announcements

  • Architectures and Processors blog

  • Automotive blog

  • Embedded and Microcontrollers blog

  • Internet of Things (IoT) blog

  • Laptops and Desktops blog

  • Mobile, Graphics, and Gaming blog

  • Operating Systems blog

  • Servers and Cloud Computing blog

  • SoC Design and Simulation blog

  • Tools, Software and IDEs blog

Tell us what you think
Tags
  • Arm Trusted Firmware
  • Architecture
  • IoT Device Platform
  • Platform Security Architecture (PSA)
  • Security
  • Processors
  • Internet of Things (IoT)
Actions
  • RSS
  • More
  • Cancel
Related blog posts
Related forum threads

Platform Security Architecture – Scalable Security for the IoT

Berenice Mann
Berenice Mann
October 23, 2017
3 minute read time.

Arm releases a white paper on the Platform Security Architecture

The recent deployment of connected devices, as part of the evolution of the Internet of Things (IoT), has led to a major increase in the number of IoT-based cyber-attacks. These attacks have highlighted the very real need for better security measures to be implemented, throughout the value chain of connected devices, covering high-level infrastructure, such as energy supply and connected vehicles to low-cost devices, such as webcams and smart lighting. Breaches in security present a host of issues for those operating in the IoT. Leaks in confidential information, theft of personal data, a loss of control of connected systems and the shutting down of critical infrastructure, all represent major areas at risk.

The growth of IoT-based services is founded on a diversity in the nature and type of device being connected to the internet, whether sensors, actuators or gateways. Not all of these devices, however, are high value, high specification appliances, with the vast majority likely to be small and built to a budget. Despite this, as recent high-profile attacks have demonstrated, even the cheapest of devices needs to be secure as they can act as portals into much larger systems. Overall, as the number of connected assets in the Internet of Things increases, the attack surface is expanding and so is the need for more robust, scalable defence systems.

Threat Categories IoT

Figure 1. Threat Categories

Enter: Arm’s Platform Security Architecture (PSA) 

The Platform Security Architecture is an holistic set of threat models, security analyses, hardware and firmware architecture specifications. The PSA provides a framework, based on industry best practice, that allows security to be consistently designed in, at both a hardware and firmware level. It offers common ground rules and a more economical approach to building more secure devices. Additionally, Arm is delivering an open source reference implementation of PSA firmware for Armv8-M based devices. The components of PSA can be framed in three general design stages: Analyse, Architect and Implement.

  1. Analyse
    The recipe starts with a set of threat models and security analyses, considering multiple IoT use cases with respect to their assets and potential threats. PSA includes model analyses that can serve as both examples and guidelines for developing a similar approach to additional use cases. This approach is modelled on the formal security certification processes used across the industry.
  2. Architect
    The hardware and firmware architecture specifications are designed to cover the core set of security principles, as identified in the security analyses. These can be used to design silicon and devices that include these principles with a consistent set of capabilities and interfaces. These common principles include concepts such as device identity, trusted boot, secure over-the-air software update, and certificate based authentication.
  3. Implement
    Arm provides a variety of security technologies and silicon IP to help designers build more secure systems – and the open source Trusted Firmware-M project will provide a reference implementation for PSA as a starting point for the industry on the software side.

Analysis Architect Implement

The value of the Arm ecosystem is to provide diversity and choice to end-customers and this benefit extends to the IoT and its broad range of technologies and providers. Arm recognises this potential, alongside the risks that threaten the devices, systems and infrastructures operating within the IoT. PSA provides the common framework for the ecosystem, from chip designers and device developers, to cloud and network infrastructure providers and software vendors.

Shifting the Economics of Security

Arm is creating a cost-effective, scalable, easy-to-implement security framework that provides a basis for the industry to build more secure devices. Security can no longer be optional, and as an industry we have a shared responsibility to protect our connected world.

For more in-depth information, we have written a white paper Platform Security Architecture Overview covering:

  • PSA Building Blocks
  • Threat Models and Security Analyses
  • Architecture Specifications Documents
  • Trusted Firmware-M reference implementation
  • Ecosystem Enabling

To find out more on the PSA

Download PSA White Paper

Anonymous
  • Richbake
    Richbake over 4 years ago in reply to adrianlshaw

    Thanks for your advice!

    • Cancel
    • Up 0 Down
    • Reply
    • More
    • Cancel
  • adrianlshaw
    adrianlshaw over 4 years ago in reply to matt-ma

    Hi Matt.

    1. Any unmodified RTOS will work in the normal world

    2. No changes are required in the RTOS to support TF-M. All requests from the normal world are treated under a single context. If there are multiple, mutually distrusting tasks in the non-secure world, then the RTOS can take advantage of a TF-M APIs to manage multiple client contexts. More information can be found here https://developer.trustedfirmware.org/w/tf_m/design/ns_client_management/

    3. It depends on what your definition of a complete OS is. TF-M is highly modular and can be configured as an event-driven library or can support multiple scheduled threads. The choice depends on application needs.

    4. Mbed is an open source organisation that has multiple projects and are one of the first to use PSA. MbedOS uses TF-M services if they are available. TF-M uses MbedTLS to provide the PSA Crypto API.

    • Cancel
    • Up 0 Down
    • Reply
    • More
    • Cancel
  • matt-ma
    matt-ma over 6 years ago in reply to Carl Williamson

    Thank you Carl very much. Yes, I have got the paper.

    • Cancel
    • Up 0 Down
    • Reply
    • More
    • Cancel
  • Carl Williamson
    Carl Williamson over 6 years ago in reply to matt-ma

    Hi Matt, just to clear up this thread, our systems indicate the email was delivered to you (mine was caught in a filter). I've provided the direct download link via pm as well.

    • Cancel
    • Up 0 Down
    • Reply
    • More
    • Cancel
  • matt-ma
    matt-ma over 6 years ago

    Great to see Trusted Firmware-M reference implementation.

    I have some questions before I read the source code in Trusted Firmware-M reference implementation..

    1. whether I can use another RTOS such as RTX/ThreadX in normal world while the Trusted Firmware-M reference implementation running in secure world or not?

    2. And if yes, what changes should the third RTOS do to incorporate with Trusted Firmware-M reference implementation?

    3. Is there a complete os running in secure world in the Trusted Firmware-M reference implementation?

    4. what is the role of the mbed in the Trusted Firmware-M reference implementation.?

    • Cancel
    • Up 0 Down
    • Reply
    • More
    • Cancel
>
Architectures and Processors blog
  • Introducing GICv5: Scalable and secure interrupt management for Arm

    Christoffer Dall
    Christoffer Dall
    Introducing Arm GICv5: a scalable, hypervisor-free interrupt controller for modern multi-core systems with improved virtualization and real-time support.
    • April 28, 2025
  • Getting started with AARCHMRS Features.json using Python

    Joh
    Joh
    A high-level introduction to the Arm Architecture Machine Readable Specification (AARCHMRS) Features.json with some examples to interpret and start to work with the available data using Python.
    • April 8, 2025
  • Advancing server manageability on Arm Neoverse Compute Subsystem (CSS) with OpenBMC

    Samer El-Haj-Mahmoud
    Samer El-Haj-Mahmoud
    Arm and 9elements Cyber Security have brought a prototype of OpenBMC to the Arm Neoverse Compute Subsystem (CSS) to advancing server manageability.
    • January 28, 2025