Hello,
Calling psa_crypto_init() initializes the random generator. This fails if no entropy sources are configured.
If your board has a hardware random generator, you need to enable the compilation option MBEDTLS_ENTROPY_HARDWARE_ALT and implement the function mbedtls_hardware_poll().
If your board does not have a hardware random generator, you need to enable the seed file. To do that, to enable the compilation option MBEDTLS_ENTROPY_NV_SEED, and if necessary implement the seed file functions. See https://mbed-tls.readthedocs.io/en/latest/kb/how-to/how_to_integrate_nv_seed... for more details. Then, when you provision each board, you need to inject an initial seed file. The initial seed file must be generated on a trusted device, must be fully random, and must be confidential.
Best regards,