Microchip logo
  • All
  • Products
  • Documents
  • Applications Notes

Secure Your World with Security-Focused MCUs

With the rapid expansion of 5G cellular networks and growing cloud computing infrastructure, developers of networking and data center equipment are seeking new ways to ensure that operating systems remain secure and uncompromised. Security threats are increasing exponentially in terms of frequency, targeted devices, malignancy and costs of attacks. In today’s vast interconnected world, the need to provide greater security within a product or system is becoming a standard requirement. You need to design robust, connected and secure systems to stay one step ahead of the criminal element and prevent theft of software, hardware, intellectual property and data, or communications services.

The CEC1302, CEC1702 and CEC1712 are full-featured 32-bit Arm® Cortex®-M4-based microcontrollers (MCUs) that enable secure boot of system firmware, providing an immutable identity and a root of trust to ensure that the firmware is untouched and hasn’t been corrupted. These devices can be used as stand-alone MCUs, while also providing easy-to-use firmware authentication, public key and customer-specific pre-provisioning flexibility to minimize your risk.

Soteria Custom Firmware

  • Designed to be used in conjunction with the CEC1702 and CEC1712
  • Speeds adoption and implementation of a secure pre-boot platform
  • Simplifies code development and reduces risk

CEC1712

CEC1712 Chip Image
  • Ensures in-field security and firmware updates with key revocation and code rollback protection
  • Complies with NIST 800-193 guidelines; protects, detects and recovers from corruption for total system platform firmware resiliency

CEC1302

CEC1302
  • Ensures firmware is untouched and uncorrupted with a quick pre-boot authentication of the system firmware
  • Protects the system from malware or memory corruption by authenticating firmware updates

CEC1702

CEC1702
  • Reduces compute time with the hardware cryptographic cipher suite
  • Protects secrets with encryption
  • Validates firmware has been digitally signed and untouched using public key cryptography

What Is Soteria Custom Firmware?

According to leaders in the industry, the pre-boot environment has come under attack via rootkits and bootkits. These types of attacks are insidious and not detectable by high-level operating systems or anti-virus software. Secure boot is a security standard to prevent against attacks to the pre-boot firmware environment.

Soteria is highly configurable custom firmware that runs on CEC17x2 devices to provide a complete platform to establish a chain of trust for platform firmware resiliency. Soteria-G1 runs on the CEC1702Q-S1 and Soteria-G2 runs on the CEC1712Q-S2. The Soteria solution is designed to work with virtually any application processor that meets two criteria:

  1. The application processor can be held in reset, and
  2. The application processor loads its first code from SPI-Flash

The Soteria secure boot firmware provides a platform firmware resiliency solution that meets the NIST SP 800-193 guidelines. It uses the immutable secure bootloader implemented in CEC1702/CEC1712 ROM as the system Root of Trust (RoT). The secure bootloader loads, decrypts and authenticates the firmware from the external SPI Flash. The validated CEC1702/CEC1712 code is designed to authenticate the application processor firmware in the same SPI Flash. Up to three additional SPI Flash components can be supported.

Soteria prevents the system from booting unless the application host’s firmware that is stored in the external SPI Flash is authentic code signed by the OEM. It offers security features to authenticate and optionally decrypt the SPI Flash image in the external SPI Flash device.

The application processor can utilize the crypto resources in the CEC1702/CEC1712 to authenticate other code in the system, thereby extending the chain of trust to ensure that all code running in the system is authorized. Soteria uses the same mechanisms to ensure that platforms only perform secure firmware updates.

By design, the Soteria can be a simple black-box secure boot solution or customizable firmware that provides secure boot, extended security features and runtime secure commands via a host interface.

Soteria is available under a Signed License Agreement (SLA). Contact a Microchip sales representative or authorized worldwide distributor to execute the SLA.

Security Capabilities

The CEC1x02 device family provides a variety of robust hardware based crypto algorithms to meet your protection needs.

What is Secure Boot?

Everybody today is worried about security. We see the market moving to authenticated boot as a way to protect your overall system. One of the worries is that when you try to boot your system, it won’t work because someone has compromised it.

One solution being adopted is secure boot which ensures the integrity of the software running on a platform. We provide secure boot capabilities to ensure the authentication of the embedded firmware prior to boot of the system. Secure boot relies on public/private keys to verify the digital signature of the code before execution. This confirms that only the code which you intend to be loaded is loaded and used, protecting your system from malicious code. Every time you boot the machine, you have the exact same expectation of the performance of your machine.

cpg mcu cips systemdiagram

What Is Key Revocation?

Key revocation allows public/private key pairs used for authentication to be permanently retired. This feature may be used as a preemptive solution for aging keys or as a defense mechanism if a private key becomes compromised, allowing the code image to be altered or hacked by an unauthorized entity.  Key revocation is a simple method for preventing code signed by a specific key from being used in the system.  The system must implement multiple keys to use the key revocation feature.

What Is Code Roll-back Protection?

Code roll-back is used when you need to prevent an old image from running.  This should be performed using a secure update process.

Which Crypto Curves Are Supported?

The types of crypto curves that are supported are AES256, SHA-512, RSA-4096, ECDSA, Curve25519, Ed25519, True Random Number Generator and Public Key Engine (PKE).

Crypto ParametricsCEC1302CEC1702CEC1712
Symmetric EncryptionAES128, AES192 and AES256
Modes: ECB, CBC, OFB, CFB, CTR
    
HashingSHA-1, SHA-256SHA-1, SHA-256, SHA-384, SHA-512
    
Public Key Engine (PKE) RSARSA-512 to RSA-2048RSA-1024 to RSA-4096
ECCKeys from 160 to 256 bits in GF(p)192 to 521 bits in GF(p)
160 to 571 bits in GF(2m)
Curve25519
DSANo ECDSA, EC-KCDSA, Ed25519
OtherNo Miller-Rabin Primality Testing
Modular Arithmetic Primitives
    
Random Number GeneratorTrue RNG
 1K FIFO for pre-calculation
    
Monotonic CounterNoYes
    
User Programmable OTP500 bits2.5 Kbits4 Kbits
Field ProgrammableNoYes
    
Memory Protection UnitNoYesYes
    
Secure Boot
IntegritySHA256SHA256SHA-384
AuthenticationNoECDSA-P256ECDSA-P384
Encryption (optional)NoECDH-P256/AES-256ECDH-P384/AES-256
    
Attestation
DICENo1st Mutable CodeIn ROM
UDINoFactory Provisioned (optional)