PSA Certified Security Framework overview

The PSA Certified IoT Security Framework offers a standardized approach to create secure IoT devices, covering everything from analysis to certification. It also provides free resources and training material to educate developers about threat modeling, certification, and other security topics.

The framework divides security design into a simple four-step process to guide product developers into implementing the appropriate level of security in their IoT devices:

Analyze the threats that have the potential to compromise your device and generate a set of security requirements based on these risks.
Architect the right level of security for your product by using unique security requirements to identify and select components and specifications.
Implement the trusted components and firmware, making use of high-level APIs to build-in security and create an interface to the hardware Root of Trust (RoT).
Certify device, platform, or silicon by following independent security evaluation.

This page focuses on the implementation step (specifically the PSA Certified APIs) that establishes the separation between security-critical firmware and application firmware. To learn more about security by separation, Non-Secure Processing Environment (NSPE) and Secure Processing Environment (SPE), see the Security by separation and processing environments page.

What are PSA Certified APIs 

The PSA Certified APIs are a set of high-level standardized software interfaces that aim to enhance the security of IoT devices. They are designed to support a range of different use cases and are organized around the following groups:

Using the PSA Certified APIs has the following benefits:

Enhanced security - PSA Certified APIs enable devices to meet industry-standard security requirements and enhance the overall trustworthiness of IoT devices.
Implementation agnostic - When using PSA Certified APIs, developers do not need to be concerned about the underlying hardware and software implementation.
Reduce time-to-market - Using an API standard can accelerate development time and reduce costs associated with developing, testing, and certifying custom solutions.
Flexible and scalable - The various use cases supported ensure that the PSA Certified APIs can be used across multiple devices, from very simple ones to more complex systems.
Future-proof - PSA Certified APIs are designed to be updated over time as security threats evolve, ensuring that devices remain secure throughout their lifecycle.

Supported PSA Certified APIs 

The following table provides an overview of the PSA Certified APIs support status in the nRF Connect SDK:

PSA Certified APIs support in the nRF Connect SDK
PSA Certified API	Support status in the nRF Connect SDK	Latest version supported
PSA Certified Crypto API	Supported	PSA Certified Crypto API 1.3.1 for IronSide Secure Enclave firmware for nRF54H20 PSA Certified Crypto API 1.4.0 for nRF54L cryptography and PSA Crypto API builds with and without TF-M
PSA Certified Attestation API	Supported	PSA Certified Attestation API 1.0 (not supported for IronSide Secure Enclave firmware for nRF54H20)
PSA Certified Secure Storage API	Supported	PSA Certified Secure Storage API 1.0
PSA Certified Firmware Update API	Not supported	n/a

PSA Crypto API 

This section summarizes some of the features of the PSA Crypto API and how they can be specific to the implementation in the nRF Connect SDK. For a full explanation, see the PSA Certified Crypto API official documentation. For definitions of the PSA Crypto API functions, see crypto.h.

Among the advantages of the PSA Crypto API are the following:

The PSA Crypto API is a single API for all cryptographic drivers, which means that you can use the same functions for the nRF52840, nRF5340, nRF54H20, nRF54L Series and nRF91 Series devices, as well as future ones. The API will work for applications with and without Trusted Firmware-M (TF-M).
The PSA Crypto API will automatically select cryptographic libraries based on project configurations. This way, the codebase for cryptography can easily be reused across multiple projects.

The PSA Crypto API is designed to be safe, lowering developers’ possibility of introducing vulnerabilities into their end devices. For example, following the Keystore interface design goal, the functions in the PSA Crypto API use opaque Key identifiers to handle keys, so developers do not have to handle keys manually. See Key management reference in the PSA Crypto API documentation for a detailed overview.

PSA Crypto API in the nRF Connect SDK 

The PSA Crypto API is used to request cryptographic operations in the nRF Connect SDK. It is mandatory for use in the nRF Connect SDK.

Supported operations include the following:

Hashing
Encryption and decryption
Authenticated encryption
Signature generation and verification

The PSA Crypto API has the following implementations in the nRF Connect SDK:

Oberon PSA Crypto - which provides a direct PSA Crypto API interface for applications that do not require TF-M.
TF-M Crypto Service- which provides PSA Crypto API access through TF-M for applications that require enhanced security.
IronSide Secure Enclave - which provides PSA Crypto API interface for the Secure Domain of nRF54H20.

Depending on the implementation you are using, the nRF Connect SDK build system can use different versions of the PSA Crypto API.

PSA Crypto API versions by implementation
Implementation	PSA Crypto API version
Oberon PSA Crypto	v1.4.0
TF-M Crypto Service	v1.4.1
IronSide Secure Enclave	v1.3.1

The implementations in the nRF Connect SDK can use different driver libraries, depending on hardware capabilities and user configuration.

The cryptographic drivers are organized into hardware and software drivers. Hardware drivers take precedence over software drivers, which provide fallback options in case the hardware drivers are not available for a wanted cryptographic operation for a given hardware platform.

Note

Do not use the drivers directly. Use them only through the supported PSA Crypto API implementations and nRF Security. For configuration steps, see Configuring PSA Crypto API.

PSA Crypto drivers in the nRF Connect SDK
Driver	Driver type	Distribution	Supported hardware platforms	Description
nrf_cc3xx (CC310 and CC312)	Hardware	Closed-source binary	nRF52840, nRF5340, nRF91 Series devices	Drivers for the CryptoCell 310 and CryptoCell 312 hardware accelerators.
CRACEN	Hardware	Open-source	nRF54L Series devices, nRF54H20	Security subsystem providing hardware acceleration for cryptographic operations through the CRACEN hardware peripheral. For more information, see the KMU and CRACEN hardware peripherals overview. On nRF54H20, the driver is used indirectly through the IronSide Secure Enclave.
nrf_oberon	Software	Closed-source binary	nRF devices with Arm Cortex®-M0, -M4, or -M33 processors	Optimized software library for cryptographic algorithms created by Oberon Microsystems, based on the sdk-oberon-psa-crypto library.

For specific cryptographic operations, the PSA Crypto API uses the driver configured for the given operation. See Supported cryptographic operations in the nRF Connect SDK for a list of supported functionalities for each driver and Cryptographic samples for usage examples.

PSA Attestation API 

This section summarizes some of the features of the PSA Attestation API. For a full explanation, see the PSA Certified Attestation API official documentation. See PSA’s initial_attestation.h file for versioning.

See also the official Device Attestation and Entity Attestation Tokens Explained blog post from PSA Certified, which gives an overview of attestation. This blog post explains well when to use the PSA Attestation API:

“Cloud service providers need to make informed judgements on end devices to ensure the data they are providing can be trusted. EAT has the capabilities to provide this source of trust, using a cryptographically signed piece of data containing claims that are generated in the device RoT. There are many ways it can be useful, but most importantly it can be read by the relying party. The relying party can verify the claims made by the device such as:

The unique identity of the device

Installed software on the device and its integrity status

Security assurance and certification status

Manufacturer of the device hardware

Using this information, the relying party can make informed decisions such as whether the device is legitimate and should be onboarded, or what services should be enabled based on its security credentials.”

PSA Attestation API in the nRF Connect SDK 

The Attestation API is mandatory for certification.

See the TF-M PSA template for reference implementation of the PSA Attestation API in the nRF Connect SDK.

PSA Secure Storage API 

This section summarizes some of the features of the PSA Secure Storage API and how they can be specific to Nordic Semiconductor hardware. For a full explanation, see the PSA Certified Secure Storage API official documentation. See PSA’s protected_storage.h file for versioning.

The Secure Storage API consists of the following components:

Internal Trusted Storage (ITS) - The Internal Trusted Storage API is used internally by the SPE to store data persistently in secure flash. The Internal Trusted Storage API is one of the Platform RoT Services and is not available by default in the Non-Secure Callable interface. It is possible to expose the Internal Trusted Storage API to the NSPE, but it is not recommended.
Protected Storage (PS) - The Protected Storage API is used for securely storing data in non-volatile memory. It provides authenticity and integrity checks to the stored data. The Protected Storage API is one of Application RoT Services and is available in the Non-Secure Callable interface, making the Protected Storage API callable from either the SPE or the NSPE. Data in Protected Storage has ownership, so data stored from the SPE is only available to the SPE.

The following table provides an overview over features in Internal Trusted Storage and Protected Storage:

	Internal Trusted Storage (ITS)	Protected Storage (PS)
Persistent Storage	Yes	Yes
Root of Trust (RoT)	Platform RoT Service	Application RoT Service
Available in the SPE	Yes	Yes
Available in the NSPE	No (by default - see note below)	Yes
Encryption	No (see note below)	Yes
Integrity Check	No (see note below)	Yes

Note

The PSA ITS API is invoked by other APIs that are available from the NSPE. For example, the PSA Protected Storage API or the PSA Crypto API’s psa_import_key and psa_generate_key functions.
Internal Trusted Storage has experimental support for encryption with the CONFIG_TFM_ITS_ENCRYPTED Kconfig option.

PSA Secure Storage API in the nRF Connect SDK 

The following implementations of the PSA Secure Storage API are available:

TF-M’s Internal Trusted Storage service and Protected Storage service services - This option can only be used when building with TF-M and if the ARM TrustZone technology and hardware-accelerated firmware isolation are supported by the hardware platform in use. Using this option, the Internal Trusted Storage and the Protected Storage are working with security by separation.
The Trusted storage library - This option enables you to provide features like integrity, confidentiality, and authenticity of the stored data when building without TF-M. Using this option, you can use the PSA Secure Storage API without TF-M.

Note

In the nRF Connect SDK, the PSA Protected Storage implementation is one of the available data storage options. It does not support storing data to external flash.

For more information, see Secure storage in the nRF Connect SDK.

PSA Firmware Update API 

The nRF Connect SDK does not implement the PSA Firmware Update API.

Instead, other options are available for the immutable bootloader and the upgradable bootloader. See Bootloaders and DFU for more information on available bootloaders.

The bootloaders supported in the nRF Connect SDK fulfill requirements by PSA Certified, and several of Nordic Semiconductor devices are already among PSA Certified Nordic Products.