Nordic Semiconductor announced that its nRF9160 low power system-in-package (SiP) with integrated LTE-M/NB-IoT (Long Term Evolution for Machines/Narrowband Internet of things) modem and GNSS (global navigation satellite system), and nRF5340 advanced multiprotocol system-on-chip (SoC) have achieved Platform Security Architecture (PSA) Certified Level 2. The certification provides Nordic customers with an assurance that the nRF9160 and nRF5340 offer a secure platform upon which to build their IoT products.
“While the cost of security doesn’t come cheap, the cost of inaction is far greater and growing by the day. PSA Certified says that the average penalty of a successful IoT device attack is more than $330,000,” says Tiago Monte, developer marketing manager with Nordic Semiconductor. “That’s why we want to ensure our customers base their IoT end products on silicon and software that has been independently verified to ensure a robust level of protection. PSA Certified Level 2 for the nRF9160 and nRF5340 proves the SiP and SoC have passed that stringent security testing against malicious software attacks.”
A framework for securing connected devices
PSA Certified provides a framework for securing connected devices, from analysis through to security assessment and certification. The framework provides standardised resources to help reverse the growing fragmentation of IoT requirements and ensure security is no longer a barrier to product development. The certification enables device makers to achieve the security required for their products through three levels of security assurance, each requiring hardware and software evaluation.
PSA Certified Level 2 provides a laboratory evaluation that a vendor’s PSA root of trust (PSA-RoT) can protect against scalable, remote software attacks. Evaluation Labs use vulnerability analysis and penetration testing of the PSA-RoT to establish if the nine security requirements of the PSA-RoT Protection Profile have been met. The SESIP (security evaluation standard for IoT platforms) evaluation methodology was used for this evaluation, which grants an additional SESIP Level 2 certification to the nRF9160 SiP and nRF5340 SoC. PSA Certified Level 2 incorporates Level 1. PSA Certified Level 1 assesses that a chip, software, or IoT device adheres to good security principles.
Internet-level encryption and application protection
Nordic Semiconductor’s nRF9160 SiP is based on an Arm Cortex-M33 CPU core, and it incorporates Arm TrustZone and Arm CryptoCell-310 security for Internet-level encryption and application protection. The nRF5340 features dual Arm Cortex-M33 cores and incorporates Arm CryptoCell-312, Arm TrustZone technology, and Secure Key Storage. The nRF5340’s combined security features enable advanced root-of-trust and secure firmware updates while protecting the SoC from malicious attack.
Comment on this article below or via Twitter: @IoTNow_OR @jcIoTnow