In a trusted embedded system, the root of trust is protected in a secure environment. As the critical foundation for securing an application, this concept of trust relies on using key-based authentication to validate transactions in systems. If a key is spoofed, your  system’s transactions can be controlled by unauthorized or malicious users. To protect your  embedded system and secure authentication keys against this type of threat, it is critical that you correctly implement trust in your  embedded system right from the start.

To eliminate creating backdoors that would allow access to keys, both the crypto-primitive functions and keys used for implementing authentication schemes need to be stored in a container that is secure by design. Microchip's secure elements are configurable companion devices that can be used next to any microcontroller or microprocessor. They provide hardware-based crypto-accelerators and secure key storage, plus some anti-tampering and side channel attack protections to make it easy to embed trust in any system. Offering flexibility, advanced features, cost-effective architectures and robust hardware defense mechanisms, Microchip's security devices are an excellent choice for adding trust by design and at scale.

In addition to supplying secure containers for authentication keys and credentials, Microchip also offer secure provisioning services for large- to small-scale device deployments. Microchip's Trust Platform for the CryptoAuthentication™ Family is a three-tier service that provides pre-provisioned, pre-configured or fully customizable secure elements to enable you to easily implement secure authentication in projects of all sizes. Microchip's secure manufacturing facilities will safely provision keys in the devices, ensuring that keys are not exposed when being provisioned at the manufacturer, during field deployment of devices, or throughout the lifetime of the device.

Choosing the Right Secure Key Storage Option for your  Application

Since each application has unique requirements, Microchip offer a comprehensive portfolio offering the best option for implementing trust in your  design, freeing up time so you can focus on your  application development.

Trust Platform for the CryptoAuthentication™ Family

Leverage Microchip's Secure Manufacturing Infrastructure to Provision Credentials in your  Products

For deployments of as few as ten units to up to many thousands of devices, Microchip's Trust Platform is a cost-effective and flexible solution for onboarding Microchip's secure elements in your  design and accelerating your  product’s time to market. The Trust Platform is composed of a family of pre-provisioned, pre-configured or fully customizable secure elements. Credentials are generated inside each secure element’s boundary by leveraging Microchip's Hardware Secure Modules (HSMs) that are installed in Microchip's factories. The devices also come with hardware and software development tools to make prototyping easy and to fast track your  development. The Trust Platform offers three tiers of secure elements—Trust&GO, TrustFLEX and TrustCUSTOM—to provide you with the options and flexibility to meet the requirements of your  company’s security model.

When you use Microchip's Trust Platform, you will optimize your  overall provisioning logistic costs by benefitting from an existing and amortized HSM infrastructure integrated into Microchip's factories. Generally, it is financially and technically challenging for third-party contractors that offer provisioning services to provide an efficient and cost-effective model, especially for smaller orders. When you leverage Microchip's provisioning service along with Microchip's Trust&GO, TrustFLEX or TrustCUSTOM secure elements, you can select the option that best meets your  current needs, and then scale as your  business or market share spreads across the globe. Trust&GO has a minimum orderable quantity of just ten units, making it easy for you to get started on a small scale.

A New Day in Automotive Cybersecurity

The latest OEM cybersecurity specs require improved security measures including hardware-based secure boot and CAN message authentication. Implementing these new specs can be burdensome for Tier 1 suppliers. The first investigation typically involves switching out their existing host microcontroller (MCU) to a higher-horsepower dual-core 32-bit MCU with crypto. This can introduce significant additional silicon cost, software development expense and design risk in correctly implementing new security software in the MCU.

Industry’s First Automotive Cryptographic Companion Security IC

The TrustAnchor100 (TA100) CryptoAutomotive™ security IC provides a way for you to implement security into existing systems without requiring costly redesigns. The TrustAnchor100 provides external Hardware Security Module (HSM) support for secure boot, CAN message authentication, Electric Vehicle (EV) battery authentication, Transport Layer Security (TLS), Wireless Power Consortium (WPC) 1.3 Qi® authentication, High-Bandwidth Digital Content Protection (HDCP) and more.

Key Advantages

Significant cost and time savings compared to redesigning with a new MCU

Minimal MCU code updates resulting in little to no impact to existing host MCU functional safety ratings

Preprogrammed with built-in security measures to eliminate the need for in-house security expertise

Elimination of risk associated with significant MCU code updates

More whole-chip tampers with a higher level of certifiability

True hardware key isolation

Trusted Platform Module

Complete Security for PCs and Embedded Systems

The FIPS 140-2 Certified Trusted Platform Module (TPM) provides strong hardware-based public key (RSA) security for both personal computers and embedded processors on a single chip. It is a complete turnkey system that integrates Microchip's industry-leading AVR® microcontroller architecture, EEPROM technology and security technology. Implementing version 1.2 of the Trusted Computing Group (TCG) specification for TPMs, the chip supports secure boot via platform integrity measurements, intellectual property protection, authentication, and secure communications. The AT97SCx series is offered in three different interfaces: SPI, LPC, and I2C. All revisions are supported in both Commercial and Industrial grades.

Download the TPM Selection Guide

Key Features

Turnkey solution: The TPM includes integrated, protected nonvolatile storage for cryptographic keys, secrets, and authorization information

Full TCG compliance: According to TCG, applications based on the trusted computing infrastructure exhibit superior security governance and risk management

Hardware security: The TPM includes a high-quality hardware random number generator, active shielding, and a variety of tamper-detection and response circuits

High performance: The TPM’s cryptographic accelerator can compute a 2048-bit RSA signature in 200 ms

Energy savings: The TPM supports SIRQ for interrupts and CLKRUN to permit clock stopping for power savings in mobile computers

Software support: BIOS and hardware drivers are available for both Windows® and Linux® operating systems; third-party system and application software is also available

Two interfaces: There is a 33 MHz LPC interface for PC integration and a 2-wire interface for non-PC and embedded computing systems.

Do you know more about Microchip's product uses, technical documents, and solutions related to Security ICs? Then quickly get in touch with Microchip Distributor - NHE!