Achievement of SL 3 according to IEC 62443-4-2 with ls1021A

anna_geber · ‎02-08-2024

I am currently working on the ls1021A in conjunction with IEC 62443-4-2. My goal is to achieve SL3 certification. According to some CRs, hardware security is required for SL 3 certification. Is it possible to achieve SL 3 with the ls1021A and enabled security engine in conjunction with ARM TrustZone? Or are the hardware mechanisms provided by the ls1021A not sufficient and a secure element such as the SE 050 would have to be used in conjunction with the ls1021A?

#EdgeLock SE050 | Enhanced IoT Security | NXP Semiconductors, #Layerscape® 1021A | NXP Semiconductors

LFGP · ‎02-14-2024

I suppose it could be possible, but from my point of view, it will be necessary to implement the encrypted communications by software.

Please contact some person related to the SL 3 certification in order to explain this subject.

LFGP · ‎02-09-2024

If you need encrypted communications I recommend to use one of the followings SoC:

LS1088A, LS2088A, LX2160A,

because all of they have a functionality to encrypt and accelerate the communications through the DPAA module.

DPAA is relevant to Trust Architecture due to the DPAA’s role in enabling (and enforcing) software partitioning. The DPAA allows traffic arriving on a network interface to be classified and delivered to software partition 1, so that software partition 2 is unable to see this traffic or interfere with its reception or subsequent processing and transmission.

anna_geber · ‎02-14-2024

I cannot use a processor other than the ls1021A. Is it possible to achieve SL 3 according to IEC 62443-4-2 with the ls1021A (Security Engine enabled)? Is it possible to achieve SL 3 when using the ls1021A with an SE 050?