Microchip has announced the Trust platform of hardware and software elements that will simplify embedded system design for companies of all sizes. The expansion of the IoT and increased connectivity brings security concerns and highlights vulnerabilities.
Believing that every secure design requires secure key storage, and that hardware-based security is the only way to protect secret keys from attack or extraction, Microchip has launched an ambitious project to enable companies of all sizes to configure and provision device security.
The Trust platform for the company’s CryptoAuthentication family is a secure provisioning service and a suite of development tools that protect microcontroller or microprocessor designs without impeding the design flow. With a minimum order quantity of 10 units, it is designed to provide hardware based secure key storage for low, mid and high volume projects. Nicolas Demoulin, EMEA marketing manager, Secure Products Group, Microchip said the company wants to “break today’s market rules to support Microchip’s broad customer base,” describing the platform as “secure storage for the mass market”.
Customers can select the pre-configured Trust&Go silicon, the TrustFlex option, which is pre-configured and add their own use cases to meet the design criteria, or customers can elect to use TrustCustom which is a customised service.
All options are based on the ATECC608A secure element, which can be paired with any microcontroller or microprocessor, says the company. Demoulin said that other silicon and package options will be added before the end of the year.
With Trust & Go, device credentials are pre-programmed, shipped and locked inside the ATECC608A for either automated cloud or LoRaWAN authentication on-boarding. A manifest file includes corresponding certificates and public keys is downloadable via the e-commerce store and select distribution partners.
Development time is reduced to a few days and customers can manage edge devices without having the expense of third-party provisioning services or certification.
TrustFlex, like Trust&Go, has pre-configured security Transport Layer Security (TLS) hardened authentication and LoRaWAN authentication options and adds the flexibility of enabling the customer to add their own use cases, for example secure boot and IP protection.
For a full custom secure element, TrustCustom, customers can add customer-specific configuration capabilities and custom credential provisioning. Even then, says Demoulin, the secret keys remain secret, they are sent via an encrypted network and integrated into the customer’s secure element.
Amazon Web Services are Google Cloud provide the on-boarding process. The company is also in talks with Microsoft Azure.
Devices in the Trust Platform are Trust&Go for TLS (minimum 10 units), Trust&Go for LoRaWAN (minimum 2,000 units), TrustFlex for LoraWAN (minimum 10 units) and TrustFlex for TLS (minimum 2,000 units) and TrustCustom (minimum 4,000 units). The CryptoAuth Trust and ATECC608a Trust kit development tools are also available.