Secure vault achieves PSA Certified Level 3
Silicon Labs has achieved PSA Certified’s highest level of IoT hardware and software security protection. PSA Certified – a respected security body for Internet of Things (IoT) hardware, software and devices co-founded by Arm – awarded PSA Certified Level 3 status to Silicon Labs’ EFR32MG21, a wireless SoC with Secure Vault.
This achievement cements Silicon Labs as a specialist in securing the IoT from bad actors. Secure Vault, which delivers the stringent security software and PUF hardware requirements as defined by PSA Certified Level 3, greatly reduces the risk of IoT ecosystem security breaches and the compromise of intellectual property or revenue loss from counterfeiting. Specifically, Secure Vault technology:
- Protects against scalable local and remote software attacks.
- Defends against local hardware attacks, which – although historically less common than software attacks – are on the rise due to the surge of affordable and easily accessible tools.
- Passes testing from independent third-party laboratories that attempt to infringe security functions for a specified amount of time with sophisticated equipment.
“As attacks on IoT applications continue to rise and grow in complexity, the importance of securing devices at the chip level remains crucial,” said Andy Rose, Chief System Architect and fellow at Arm. “Silicon Labs is the first silicon provider to achieve PSA Certified Level 3 status, demonstrating a proven PSA Root of Trust and a solution that offers substantial protection against an extensive range of sophisticated software and hardware attacks.”
Matt Johnson, Senior Vice President of IoT at Silicon Labs, added: “The continued growth of the IoT depends on trusting that devices are authentic and secure when they join ecosystems. Security certifications like PSA Certified Level 3 give IoT device makers and end users the assurances they need to know their IoT applications are protecting their secret identities used for authentication and prevent counterfeit or rogue devices from entering their supply chain, which can cause irreparable harm to brands and revenue.
“Silicon Labs is passionate about innovating the silicon, software and solutions needed to ensure the IoT grows safely and securely for the consumers, businesses, and industries we serve. We have made strategic investments to become the leading provider of secure IoT wireless solutions and becoming the world’s first silicon innovator to achieve PSA Certified’s highest level of security is strong validation we’re succeeding.”
Launched in 2020, Secure Vault is a suite of features designed to help connected device manufacturers address escalating and ever-evolving IoT security threats and regulatory pressures. Secure Vault includes its own security core with its own ROM, RAM, and Flash containing core crypto algorithms and True Random Number Generator (TRNG) functions, as well as secure key management and storage, physical tamper protection, as well as a secure identity created by the chip itself at manufacture and anchored by a Silicon Labs root certificate chain.
In 2020, Secure Vault achieved PSA Certified Level 2 status and was awarded a 2020 LEAP Awards gold medal for connectivity. Secure Vault also earned ioXt Alliance SmartCert certification for its strong IoT security protection. In October 2020, the ioXt Alliance selected PSA Certified as a foundational Root of Trust scheme in its certification program.
The PSA Certified program was co-founded by Arm in 2017 to provide a clear framework for securing connected devices, from analysis to security assessment and certification. The framework provides standardised resources to resolve the growing fragmentation of IoT requirements and remove security as a barrier for product development.
PSA Certified offers three levels of security assurance, with PSA Certified Level 3 demonstrating a significant commitment to device security. At PSA Certified Level 3, silicon vendors need to meet requirements on a complex protection profile which covers substantial protection from a range of sophisticated software and physical IoT attack vectors.