Platform Security Overview#

Platform Security includes a fork of Mbed TLS, which includes a reference implementation of the PSA Crypto API. The PSA Crypto API provides a portable interface to cryptographic operations and is the recommended interface to be used by any SDK or application code that needs to use cryptographic keys or secrets. For an overview over usage of PSA Crypto in the Simplicity SDK, see PSA Crypto Usage.

SE Manager#

The Simplicity SDK also includes a Secure Engine (SE) Manager module. This module provides an interface to the Secure Engine's mailbox. The available features vary depending on the capabilities of the target device. Use the PSA Crypto API whenever possible, as it is more portable across devices.

Keep a device up to date with the latest SE Firwmare. The SE Firmware releases can be found in the Simplicity SDK.

TrustZone#

TrustZone is an ARM security technology that has been integrated into the hardware- and software platform provided by Silicon Labs. TrustZone enables separating the sensitive application code and data from less sensitive parts, while enforcing a strict interface between the two worlds. The Simplicity SDK allows using TrustZone for separating cryptographic key material from the normal execution context. Several wireless technology stack implementations provided by Silicon Labs have integrated this solution and provide example applications showcasing this mode of operation.

Note: While the TrustZone solution in the Simplicity SDK uses parts of TrustedFirmware-M, the Simplicity SDK does not fully support TF-M. This is because at the time of evaluation, the TF-M implementation could not be used by small devices.