Linaro Ltd, the open source collaborative engineering organization developing software for the Arm® ecosystem, today announced that the Zephyr Project has been awarded Level 1 certification in the Platform Security Architecture (PSA) certification scheme, PSA Certified™. Zephyr is a secure and scalable, real-time operating system (RTOS) optimized for resource-constrained devices, across multiple architectures.
PSA defines a security framework upon which products and features can be developed. It helps companies to ensure that their products reach different security standards through independent testing and a defined common language. This simplifies the process of building more secure devices, reducing time-to-market and development cycles, while ensuring data contributed to cloud services comes from trusted sources. There are three APIs to comply with in order to be awarded PSA Certified Level 1. Initial attestation is used to provide a snapshot of key details and can be used to verify device authenticity based on private/public keys. Secure storage allows for private or sensitive data to be securely stored and encrypted in isolation from the non-secure processing environment. Crypto isolates key cryptographic functions on the secure processing environment and ensures that best practices are made with key cryptographic operations. Secure boot practices have also been integrated using Trusted Firmware-M (TF-M) which supports Armv8-M, and several security features have been implemented to prevent malicious or vulnerable firmware images from being flashed to devices.
“We believe it is critical that an IoT operating system provides strong security out of the box and avoids common security issues,” said Vicky Janicki, Director of Linaro’s IoT and Embedded Group. “PSA Certified is a big milestone for Zephyr as it ensures the foundation for a secure device is already in place when Zephyr RTOS is combined with a certified hardware platform.”
“As we move closer to a world of a trillion connected devices, it’s important that our industry takes responsibility for ensuring trust in IoT devices, the data they collect and their deployment at scale,” said Andy Rose, chief system architect and fellow at Arm. “Through becoming PSA Certified Level 1, Zephyr has confirmed its RTOS has been designed in line with PSA principles, and has a good security foundation – a necessity for IoT device makers and developers.”
“Setting up secure communication from products based on IoT devices to the edge and clouds, requires secure boot practices to be used and trusted“, said Kate Stewart, Senior Director of Strategic Programs for the Linux Foundation. “Zephyr being PSA Certified using Trusted Firmware-M, is a welcome addition to the Zephyr ecosystem.“
“Nordic is a firm supporter of public, open standards as these help make compliant, compatible and interoperable solutions”, said Pål Ronny Kastnes, Technical Marketing Manager, Nordic Semiconductor. “Having a community developed open source solution for PSA as part of the Zephyr project RTOS will enable a lot of developers to make more secure solutions faster. They can also be confident that the solution can and will be updated in case problems are detected later.”
Linaro leads collaboration in the Arm ecosystem and helps companies work with the latest open source technology. The company has over 250 engineers working on more than 70 open source projects, developing and optimizing software and tools, ensuring smooth product roll outs, and reducing maintenance costs. Work happens across segments including datacenter & cloud, edge & fog, IoT & embedded, consumer, machine intelligence, autonomous vehicles, and high-performance computing. Linaro is distribution neutral: it wants to provide the best software foundations to everyone by working upstream, and to reduce nondifferentiating and costly low-level fragmentation. The effectiveness of the Linaro approach has been demonstrated by Linaro consistently being listed as one of the top ten company contributors, worldwide, to Linux kernels since 3.10.
To ensure commercial quality software, Linaro’s work includes comprehensive test and validation on member hardware platforms. The full scope of Linaro engineering work is open to all online. To find out more, please visit https://www.linaro.org and https://www.96Boards.org/.