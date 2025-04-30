The world’s first RISC-V MCU to achieve PSA-L2

Espressif’s ESP32-C6 is the world’s first RISC-V MCU to achieve PSA-L2 security certification, underscoring the company’s commitment to delivering robust, secure, and reliable IoT solutions.

The PSA Certified program provides a framework for confirming the security of IoT devices. Achieving PSA Level 2 certification signifies that the ESP32-C6’s PSA Root of Trust (PSA-RoT) has undergone laboratory evaluation, demonstrating its resilience against scalable software attacks. This certification validates that the ESP32-C6 meets industry-recognised IoT security standards, ensuring robust protection for connected devices.

The ESP32-C6, powered by a RISC-V processor, integrates Wi-Fi 6, Bluetooth 5 LE, and IEEE 802.15.4 (Thread/Zigbee) connectivity. The PSA Level 2 certification validates that ESP32-C6 meets stringent security requirements, including resistance to software attacks and protection of critical assets. The ESP32-C6 is equipped with a range of advanced security features, such as:

• Physical Memory Protection (PMP) and Access Permission Management (APM): The PMP and the APM in the ESP32-C6 enforce hardware-based access control, ensuring secure memory isolation and privilege separation.

• Digital signature peripheral: Enables secure cryptographic operations by generating digital signatures in hardware, ensuring that private keys remain protected and never exposed to software, thereby preventing unauthorised firmware modifications and tampering.

• Secure boot: Ensures that only authenticated firmware can be executed, preventing unauthorised code modifications.

• Flash encryption: Protects stored data from unauthorised access by encrypting the contents of external Flash memory.

• Hardware cryptographic accelerators: Provides optimised support for AES, SHA, RSA, and ECC, ensuring efficient and secure data processing.

• Secure JTAG mode: Enables authorised debugging of devices without compromising device security or exposing sensitive assets.

Credit(s)

