A Secure Platform Model Based on ARM Platform Security Architecture for IoT Devices

Abstract

The proliferation of Internet of Things (IoT) devices comes with many challenges among which security is one of the most serious issues. In order to address the security issue for low-end IoT devices, ARM recently proposed the platform security architecture (PSA), which provides execution isolation to safely manage and protect the computing resources of low-end IoT devices. However, developers implementing IoT services for PSA-based IoT devices need to follow complex development procedures and understand the PSA hardware, which dramatically increases the development time and cost of PSA-based IoT devices. This article analyzes vulnerabilities that may arise from general-purpose low-end IoT devices to derive the security requirements and essential security services for PSA-based IoT devices, and proposes a secure platform model based on the analysis results. The proposed secure platform model consists of System Security Services and Application Security Services based on the basic PSA model and essential trusted subsystems, and it is designed to be flexible and applicable to various types of PSA-based IoT devices. In addition, it provides secure platform services APIs to enable easy and fast development of IoT services. To evaluate the proposed secure platform model, two proof-of-concept implementations are provided by using both the basic PSA model with secure element (SE) and a reference device for ARM’s PSA. Finally, a case study shows that the development of IoT services can be done easily and quickly using the proposed security platform model.