Microchip Technology Inc
Menu

Secure Boot use case
with ATECC608A

Why would you use a secure element for Secure Boot ?

Logo1

SECURE BOOT

Logo2

CODE

Logo3

IP PROTECTION

Logo4

REVENUE
PROTECTION

Very often the intellectual property (IP) of an embedded product lives within the code of the microcontroller. In today's market place, it only takes a few weeks to extract that code despite the usage of traditional "code protect" features. At a moderate expense, many third party options are widely available on the internet who are capable to obtain HEX files from the microcontroller. This type of conterfeit puts in danger companies IP and could consequently lead to significant revenue loss or open various backdoors to malicious firmware.

 

ATECC608A Secure Boot from Microchip Technology Inc. on Vimeo.

 

Validate your application code with a trusted secure element

Secure Boot for small microcontrollers

TrustedStorage@3x

PhysicalProtection@3x

Cryptography@3x

Provisioning@3x

SecureBootBoardThe ATECC608A offers a particularly interesting new set of features that enable secure boot capabilities to standard microcontrollers. Secure boot is now possible also for small and cost efficient micontrollers.

The example illustrated in the application note available in the "Getting Started" tab, will walk you through a use case using the ATSAMD21 (Cortex-M0+) and the ATECC608A. Once the system is booting, the secure element that holds the public key will use it to verify the image digest of the code has been signed by the matching and genuine private key. The signing process of the application image happens during the manufacturing phase. 

With this type of implementation, the public key used in the example becomes truly immutable by benefiting of the anti-tampering protections the ATECC608A offers against possible physical attacks and side channel attacks.

20 Years of Experience in Secure Provisioning

Microchip is here all the way through

Trust cannot rely only on the device but also on the manufacturing process. Exploiting third party weaknesses is one of the top targets for hackers. Isolating keys and secrets from manufacturing is equally vital. Customers can leave this burden to Microchip's secure factories and leverage our trusted provisioning service already used by thousands of companies.

Prototype@3x
Personalize@3x
MassProduction@3x
  • Educate yourself about the secure boot use case using a secure element
  • Understand why private key isolation is vital to your design
  • Learn how to code with CryptoAuthLib library
  • Learn how to configure the memory zone and set your expected policies
  • Memory configuration is defined and locked
  • Your public/private key pair is decided
  • Secret Exchange with Microchip completed
  • The ATECC608A is setup with your customized part number
  • All the provisioning – keys/certificates generation and manipulation is done within Microchip secure factories
  • Public key are protected and immutable in the ATECC608A
  • Elimination of any software or manufacturing backdoors
  • The device ships pre-provisioned with the secrets
Tabs / Cloud Authentication / Secure Boot
Products
Tools and Software
Getting Started

Tools and Software

  • Firmware and provisioning script downloadable HERE
  • Buy the hardware to start with HERE
The user guide to get started is available HERE