Arm PSA Certification
Our EFRxG21B SoCs with Secure Vault are the first chips in the world to achieve Arm PSA Level 3 certification – PSA Certified's highest level of IoT security protection. This certification is proof of our commitment to protect devices from hardware and software attacks, and it cements our leadership in IoT security.
PSA Level 3 certification requires testing the prescribed “Hardware Root of Trust” security features in an approved 3rd party security lab against not only software attack vectors (the scope of PSA Level 2) but also hardware attack vectors (the additional scope of PSA Level 3). “Hardware Root of Trust”, a proven technology, has become a highly desired feature in IoT devices as it creates an anchor to security capabilities.
PSA Level 2 certification ensures several security features are robust by ensuring separation between a secure processing environment and a non-secure processing environment, a secure boot process with integrity and authenticity checks, secure debug ports that cannot be unlocked without cryptographic authorization, an ability to update software securely, secure storage of assets (e.g., secret keys) that must maintain confidentiality, and strong proven cryptographic functions.
PSA Level 3 adds protection against various physical manipulations of hardware and data, as well as operation outside of normal operating conditions.
Read more about the Level 3 PSA Certification – What it is and Why it Matters
Independent Security Evaluation by Riscure
Silicon Labs has completed extensive independent vulnerability penetration testing from the industry established Riscure Security Certification Services.
For this evaluation, Riscure performed a vulnerability analysis of our secure boot and secure debug and determined that it was infeasible for them to break. Our ECC and AES encryption were also evaluated for side-channel leakage with very high grades. The AES engine was further evaluated using Differential Fault Analysis (DFA) and the ECC engine was evaluated using Correlation Power Analysis (CPA) and again scored very well. Other areas evaluated by Riscure in the report were our Secure Element mailbox and tamper detection which again showed strong resistance to attacks.
This report can be shared as needed by Sales with customers under NDA and can be reviewed with the customer in a Video chat with our Security Apps team if required.
Security Evaluation Standard for IoT Platforms (SESIP)
SESIP provides a common and optimized approach for evaluating the security of connected products that meet the specific compliance, security, privacy, and scalability challenges of the evolving IoT ecosystem.
This evaluation scheme is based on Common Criteria (ISO/IEC 15408) which was developed in the mid-1990s by Canada, France, Germany, the UK, the USA, and the Netherlands to address creating a standard way to define a computer product security claims and then a standard way for security labs to evaluate the products to determine if they actually meet the claims.
SESIP evolved out of Common Criteria as a security assurance scheme that was more adept at addressing the diverse and varied products being developed for the IoT market. The major difference between SESIP and PSA certification is that PSA certification requires strict adherence to the Platform Security Architecture (PSA) and its security functional requirements. Whereas SESIP allows for some flexibility in defining what security functions are in scope for evaluation.
There are three primary assurance Levels in SESIP, which are:
- SESIP Assurance Level 1 (SESIP1) is a self-assessment-based level that provides a basic level of assurance.
- SESIP Assurance Level 2 (SESIP2) is a black-box penetration testing level that provides a moderate level of assurance.
- SESIP Assurance Level 3 (SESIP3) is a traditional white-box vulnerability analysis that provides a substantial level of assurance. This evaluation is structured around a time-limited source code analysis combined with a time-limited penetration testing effort.
Leap Awards Winner 2020
A distinguished independent panel of engineering and academic professionals at LEAP (Leadership in Engineering Achievement Program) awarded Secure Vault the gold medal in the 2020 LEAP Awards Connectivity category, citing it as a “new contemporary solution to an ever-evolving problem in privacy and security.” The annual LEAP Awards celebrate the most innovative and forward-thinking products serving the design engineering space.
Have you Discovered a Vulnerability?
Our Product Security Incident Response Team (PSIRT) is responsible for ensuring the vulnerabilities discovered in our products are mitigated and communicated responsibly. If you detect a security threat, let us know.