I am currently working on the ls1021A in conjunction with IEC 62443-4-2. My goal is to achieve SL3 certification. According to some CRs, hardware security is required for SL 3 certification. Is it possible to achieve SL 3 with the ls1021A and enabled security engine in conjunction with ARM TrustZone? Or are the hardware mechanisms provided by the ls1021A not sufficient and a secure element such as the SE 050 would have to be used in conjunction with the ls1021A?
#EdgeLock SE050 | Enhanced IoT Security | NXP Semiconductors, #Layerscape® 1021A | NXP Semiconductors
I suppose it could be possible, but from my point of view, it will be necessary to implement the encrypted communications by software.
Please contact some person related to the SL 3 certification in order to explain this subject.
If you need encrypted communications I recommend to use one of the followings SoC:
LS1088A, LS2088A, LX2160A,
because all of they have a functionality to encrypt and accelerate the communications through the DPAA module.
DPAA is relevant to Trust Architecture due to the DPAA’s role in enabling (and enforcing) software partitioning. The DPAA allows traffic arriving on a network interface to be classified and delivered to software partition 1, so that software partition 2 is unable to see this traffic or interfere with its reception or subsequent processing and transmission.