Seonghan Shin, Tomoyuki Ogawa, Ryo Fujita, Mari Itoh, Hirotaka Yoshida
{"title":"PSA认证的调查","authors":"Seonghan Shin, Tomoyuki Ogawa, Ryo Fujita, Mari Itoh, Hirotaka Yoshida","doi":"10.1145/3538969.3544452","DOIUrl":null,"url":null,"abstract":"PSA (Platform Security Architecture) Certified is a security certification scheme for IoT hardware, software, and devices. The scheme is composed of security certification (PSA Certified Level 1/2/3) and functional API certification (PSA Certified Functional API). Up to now, this scheme has been adopted by many chip manufacturers, system/software developers, and OEMs (Original Equipment Manufacturers). In this paper, we investigate the PSA security certification and PSA functional API (Cryptography API, Storage API, and Attestation API) with its reference implementation. Also, we analyze the source code of the reference implementation by using Polyspace Bug Finder. Specifically, we found 1,385 coding defects in the PSA functional API reference implementation where high, medium, and low impact defects take up 44, 90, and 1,251, respectively. Then, we compare the PSA functional API and its reference implementation in several aspects. Throughout this paper, we explain the obtained analysis results and our findings in detail.","PeriodicalId":306813,"journal":{"name":"Proceedings of the 17th International Conference on Availability, Reliability and Security","volume":"106 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-08-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"An Investigation of PSA Certified\",\"authors\":\"Seonghan Shin, Tomoyuki Ogawa, Ryo Fujita, Mari Itoh, Hirotaka Yoshida\",\"doi\":\"10.1145/3538969.3544452\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"PSA (Platform Security Architecture) Certified is a security certification scheme for IoT hardware, software, and devices. The scheme is composed of security certification (PSA Certified Level 1/2/3) and functional API certification (PSA Certified Functional API). Up to now, this scheme has been adopted by many chip manufacturers, system/software developers, and OEMs (Original Equipment Manufacturers). In this paper, we investigate the PSA security certification and PSA functional API (Cryptography API, Storage API, and Attestation API) with its reference implementation. Also, we analyze the source code of the reference implementation by using Polyspace Bug Finder. Specifically, we found 1,385 coding defects in the PSA functional API reference implementation where high, medium, and low impact defects take up 44, 90, and 1,251, respectively. Then, we compare the PSA functional API and its reference implementation in several aspects. Throughout this paper, we explain the obtained analysis results and our findings in detail.\",\"PeriodicalId\":306813,\"journal\":{\"name\":\"Proceedings of the 17th International Conference on Availability, Reliability and Security\",\"volume\":\"106 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-08-23\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 17th International Conference on Availability, Reliability and Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3538969.3544452\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 17th International Conference on Availability, Reliability and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3538969.3544452","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
PSA (Platform Security Architecture) Certified is a security certification scheme for IoT hardware, software, and devices. The scheme is composed of security certification (PSA Certified Level 1/2/3) and functional API certification (PSA Certified Functional API). Up to now, this scheme has been adopted by many chip manufacturers, system/software developers, and OEMs (Original Equipment Manufacturers). In this paper, we investigate the PSA security certification and PSA functional API (Cryptography API, Storage API, and Attestation API) with its reference implementation. Also, we analyze the source code of the reference implementation by using Polyspace Bug Finder. Specifically, we found 1,385 coding defects in the PSA functional API reference implementation where high, medium, and low impact defects take up 44, 90, and 1,251, respectively. Then, we compare the PSA functional API and its reference implementation in several aspects. Throughout this paper, we explain the obtained analysis results and our findings in detail.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
