“PSA is a set of threat models, security analyses, hardware and firmware architecture specifications, and an open source firmware reference implementation,” said Arm. “It provides a recipe, based on industry best practice, that allows security to be consistently designed in, at both a hardware and firmware level. PSA is scalable for all connected devices, offering common ground rules and a more economical approach to building more secure devices.”
According to Cypress, it is achieving the highest level of protection defined by the PSA using PSoC 6’s dual Cortex-M cores combined with configurable memory and peripheral protection units.
The MCUs provide three levels of hardware-based isolation to reduce the threat attack surface:
- an isolated execution environment for trusted applications using a dedicated Cortex-M0+ core
- secure element functionality that hosts root of trust operations and system services
- isolation for each trusted application.
There is also a true random number generator (TRNG), cryptographic accelerators, and the temain in Arm core (Cortex-M4) for while un-secure applications.
“As a direct result of the security features built into PSoC 6 MCUs and our collaboration with Arm, we have been able to quickly offer support for Trusted Firmware-M,” said Cypress v-p microcontrollers Sudhir Gopalswamy.
Trusted Firmware-M reference example for PSoC 6 MCUs allows designers to:
- Implement hardware-based isolation between secure and un-secure execution environments via configuration of the protection units
- Use Mbed operating system secure services
Future versions will include trusted boot with multiple images and full PSA API support, including root-of-trust installation with secure element functionality.
PSoC 6 Trusted Firmware-M will be available in March 2018.