We detect you are using an unsupported browser. For the best experience, please visit the site using Chrome, Firefox, Safari, or Edge. X
0
$0.00
Item Qty
Your cart is empty.

32-bit Embedded Security

With the rapid adoption of connected nodes and cloud-based infrastructures, the frequency of security threats is always increasing. Securing your embedded system is a necessity, but the solution you select will depend on the type of security you need, the cost of implementation, the level of risk tolerance and the ease of development. Our 32-bit microcontrollers (MCUs) offer some of the most comprehensive and scalable security options available in the market today. They are supported by a comprehensive ecosystem of hardware, software, tools and functions to make it easy to implement effective protection for your embedded application.

Hardware

Security begins with hardware. Our 32-bit MCU security portfolio has integrated hardware-based security features. Hardware-based security is faster, has higher performance and is more secure than software-only solutions.

  • Diverse security features and functions can be combined to meet your application’s unique security needs
  • Our first low-power MCU that integrates our Trust Platform secure subsystem and Arm® TrustZone® technology in a single package 
  • Industry’s first low-power MCU with Arm® TrustZone® technology for secured partitioning
  • MCUs can also be hardened with the addition of a secure element

Tools and Software

Save time by jump-starting your design process with MPLAB® Harmony, an award-winning embedded software framework for MIPS® and Arm® Cortex®-M based 32-bit MCUs. We also provide comprehensive cryptographic/security software support across development platforms.

  • Flexible, modular and robust embedded development environment with extensive software support
  • Support for cryptographic algorithms, TLS/Wi-Fi® stack fully integrated with hardware and demos for rapid prototyping

Third-Party Integration

Security measures can be further reinforced with third-party security software. We’ve worked with several third parties to provide easy-to-use security development options.

  • Arm TrustZone enablement software abstracts away complex security implementation and provides a simple smart user interface to securing embedded applications
  • Software supports secure key provisioning and life cycle management
  • Application Programing Interface (API) for common use cases like IP protection, cloud onboarding and anti-cloning

SAML11-KPH MCU Is Both PSA and SESIP Certified

The SAML11-KPH with Kinibi-M v1.0 has been both PSA and SESIP certified. This product offers a scalable security solution from secure boot to cloud onboarding to complete device lifecycle management. 

Learn More
Download Data Sheet

Security Functions

Our MCUs provide a variety of security functions that can be customized to meet a wide range of protection needs. 

Symmetric Cryptography (Secret Key)
Symmetric-key algorithms use the same cryptographic keys for the encryption of plaintext and the decryption of ciphertext.

Asymmetric Cryptography (Public Key)
Public-key cryptography, or asymmetric cryptography, is any cryptographic system that uses pairs of keys: public keys that may be disseminated widely and private keys that are known only to the owner.

Integrity Check Monitors (Message Hash)
Message hashes transform variable-length data to a fixed-length piece of data. Integrity check monitors generate and validate message hash to preserve data integrity.

Hardware Root of Trust (Secure Boot)
Secure boot is implemented by an MCU that starts executing software from an internal, immutable memory (for example, ROM). The software stored in the MCU is considered inherently trusted (i.e., the root of trust) because it cannot be modified.

Secure Firmware Upgrade (Secure Bootloader)
A bootloader is a small section of code that is added to the main application stored in the Flash memory of the MCU. Its role is to load a new program at boot that provides the ability to download firmware upgrades. A secure bootloader is essential to protect IP and assets from remote attacks.

True Random Number Generator
This hardware-based random generator offers a higher source of entropy for the generation of keys used in cryptographic applications.

Tamper Detection
An MCU can be programmed to take appropriate defensive actions upon detecting any primarily physical attempts to compromise a device’s integrity or the data associated with the device.

Secure Key Storage
This feature protects nonvolatile and volatile keys from remote and physical attacks.

Key Provisioning
Secret identity data and cryptographic keys are injected in a secure environment to maintain the authenticity and integrity of an embedded application.

Hardware Isolation, IP Protection and TrustZone Technology
IP can be protected by hardware-enforced isolation between the trusted and the untrusted resources of an application.

Device Identifier Composition Engine (DICE) 
DICE is a combination of hardware and software techniques for hardware-based cryptographic device identity, attestation and data encryption. It is an industry standard supported by Azure® IoT and one of the foundational roots of trust in the Azure data centers of Microsoft®.

Embedded Hardware Security Module (HSM) 
The embedded HSM comes in the form of a secure enclave with cryptographic hardware acceleration, a true random number generator, dedicated memory, dedicated processor, and factory provisioning.

Featured 32-bit MCUs for Security

PIC32CM LS60/PIC32CM LS00

Industry-Leading Security in its Performance Class

  • Industry’s first Arm Cortex-M23-based MCU with a robust secure subsystem and Arm TrustZone technology integrated in a single package
  • Trust Platform key provisioning services
  • Support for multiple security functions including secure boot, secure key storage, secure firmware upgrade, hardware isolation, secure IO, IP protection and tamper protection
  • Support for asymmetric and symmetric key cryptography
  • Support for DICE security standard
  • Protection against a wide class of known physical and remote attacks
  • Low-power and smart analog features

SAM D5x/E5x

Mid-Performance MCU With Highly Integrated Security

  • Arm Cortex-M4F-based MCU with asymmetric and symmetric crypto accelerators
  • Public Key Cryptographic Controller (PUKCC) supporting RSA/ECC algorithms
  • Secure bootloader support
  • Integrity check monitors supporting Secure Hash Algorithms (SHA)
  • Excellent connectivity options including Ethernet and CAN FD

CEC173x Trust Shield

Real-Time Platform Root of Trust Features for Upgraded Security

  • Arm Cortex-M4F 96 MHz embedded processor
  • NIST 800-193 platform firmware resiliency with fast CNSA secure boot and secure updates
  • Selection of new real-time security features including system bus protection, SPI monitoring and side-channel attack countermeasures
  • Life cycle management features including transfer of ownership, key revocation and code rollback
  • Hardware crypto accelerators that support symmetric key cryptography, asymmetric RSA and elliptic curve algorithms

PIC32CZ CA90

High-Performance MCU With an Embedded Hardware Security Module (HSM)

  • Arm Cortex-M7-based MCU
  • Embedded HSM as a secure enclave
    • Public key cryptography (ECC, RSA and DSA)
    • Private key cryptography (AES with ECB, CBC, CFB, OFB, CTR, GCM, CCM, XTS and CMAC modes)
    • HASH/MAC (MD-5, SHA-1, SHA-256, SHA-224, SHA-384, SHA-512 and SHA3 capability)
    • True Random Number Generator (TRNG)
    • Secure storage
  • A variety of connectivity options, including CAN FD and Gigabit Ethernet
  • Factory provisioning available

Report a Security Vulnerability

Contact our Product Security Incident Response Team (PSIRT) to report a potential security vulnerability in one of our products.

Learn More

Documentation

Title
PIC32CM LS00/LS60 Ultra Low-Power Secure LoRa Demonstration Download
PIC32CM LS00/LS60 Security Reference Guide Download
AN_42725 - AT16743: SAM V7/E7/S7 Safe and Secure Bootloader Download
AN_42703 - AT12869: ICM Usage on SAM S/E/V70/71 Microcontrollers Download
AN_42444 - AT10732: SAM L True Random Number Generator (TRNG) Driver Download

Security With 32-bit MCUs

Title
PIC32CM LE00/LS00/LS60 Family Data Sheet Download
SAM E70/S70/V70/V71 Family Data Sheet Download
CEC1302 Low Power Crypto Embedded Controller - Data Sheet Download
PIC32MZ Graphics (DA) Family Data Sheet Download
CEC1702 Cryptographic Embedded Controller - Data Sheet Download

Security With 32-bit MCUs

Title
CEC1702 Silicon Errata and Data Sheet Clarification Download
SAM L10_L11 Family Silicon Errata and Data Sheet Clarification Download

Security With 32-bit MCUs

Title
The Difference Between MPLAB Harmony v3 PLIBs and Drivers, and When to Use Them Download