Platform Root of Trust
Establish System Chain of Trust With Our Platform Root of Trust Controllers
Trust Shield Family Updates Registration
We are expanding our platform root of trust portfolio with the Trust Shield family, including TS1800 and TS50x controllers designed for post‑quantum‑ready secure boot and platform resiliency aligned with NIST SP 800‑193 and OCP requirements.
We are working with leading industry customers ahead of release, with general availability and TrustFLEX enablement forthcoming. Register to receive updates and request priority access to product resources.
Tools, documentation and TrustFLEX configurations will be available at general availability.
Platform Root of Trust Controllers
TS1800 TrustFLEX for Data Centers
- High‑end external platform root of trust for complex, multi‑component systems
- Advanced PQC and classical cryptographic support for hybrid security architectures
- Designed to meet NIST SP 800‑193 Platform Firmware Resiliency and Open Compute Project (OCP) requirements
- USB 2.0 support for significantly faster firmware update times
- Supports up to three Quad Serial Peripheral Interface (QSPI)[SS2.1] or Serial Peripheral Interface (SPI), with single, dual and quad lane operation
- Available in 100- and 144-pin WFBGA packages
- Powerful Arm® Cortex®‑M4F processor running up to 192 MHz
- Key revocation, rollback protection, crisis recovery, secure update and lifecycle management mechanisms
TS500 TrustFLEX Root of Trust IC
- Hardware‑based secure boot controller with firmware located with Basic Input/Output System (BIOS) in external Flash
- Hold the main System-on-Chip (SoC) until PQC signature verification is successful
- Architected to sit in line between the SoC and SPI flash
- Advanced PQC and classical cryptographic support for hybrid secure boot implementations
- Designed to help meet NIST SP 800‑193 Platform Firmware Resiliency guidance
- Compatible with both x86‑ and Arm Cortex‑based systems
- Available in a compact 132‑pin DQFN package
- Arm Cortex‑M4F‑based security controller running at 96 MHz
- Support for secure update flows, crisis recovery, key revocation and rollback protection
TS501 TrustFLEX Root of Trust IC with Internal Flash
- Hardware‑based secure boot controller with firmware stored in integrated internal SPI flash
- Hold the main SoC until PQC signature verification is successful
- Architected to sit in-line between the SoC and SPI Flash
- Simplifies system design by reducing external Flash dependency compared to TS500
- Advanced PQC and classical cryptography for hybrid secure boot architectures
- Designed to help meet NIST SP 800‑193 Platform Firmware Resiliency guidance
- Supports both x86‑ and Arm Cortex‑based systems
- Arm Cortex‑M4F‑based security controller running at 96 MHz
- Available in a compact 132‑pin DQFN package
- Supports secure update flows, crisis recovery, key revocation and rollback protection
CEC1736 for Data Centers
- Active tamper countermeasures for enhanced physical attack resistance
- Expanded security features for high‑assurance platforms and critical infrastructure
- Real-time platform root of trust for data center and compute platforms
- Arm Cortex‑M4F processor running up to 96 MHz
- Secure boot with embedded hardware root of trust
- Real-time SPI Flash monitoring and runtime firmware integrity protection
- Support for dual SPI Flash channels (package‑dependent)
- Platform resiliency aligned with NIST SP 800‑193 and OCP guidelines
- High‑performance cryptography, including NIST P‑384 elliptic curve support
- Integrated flash options for reduced Bill of Materials (BoM) and faster secure boot
- Flexible debug and development interfaces for platform bring‑up
CEC1734 for Data Centers
- Cost‑optimized platform root of trust for mainstream data center designs
- Single‑ or dual‑SPI Flash support without active tamper countermeasures
- Real-time platform root of trust for servers, networking and accelerator platforms
- Arm Cortex‑M4F processor running up to 96 MHz
- Secure boot with hardware‑based root of trust
- Real-time SPI Flash monitoring and firmware integrity protection
- eSPI host interface for modern data center architectures
- Platform resiliency aligned with NIST SP 800‑193 and OCP guidelines
- High‑performance cryptography including NIST P‑384 elliptic curve support
- Integrated Flash options for cost‑sensitive security designs
- Flexible debug and development interfaces for system integration
CEC1712 for Automotive and 5G
- High security rating with hardware RoT (CEC1712H-S2-I/SX with Soteria-G2)
- Arm Cortex-M4 at 96 MHz
- eSPI host interface
- Secure boot with immutable ROM-based bootloader
- NIST 800-193-compliant platform firmware resiliency
- Key revocation and rollback protection for secure in-field updates
- Supports up to two application processors and two SPI Flash components
- SPI Flash authentication and firmware integrity validation
TrustFLEX for Platform Root of Trust Devices
TrustFLEX simplifies adoption of hardware‑based platform root of trust across our portfolio of platform and secure boot controllers. Available for selected platform root of trust and Trust Shield family devices, TrustFLEX provides partially pre‑configured security features for common secure boot, firmware integrity and device identity use cases. Using the Trust Platform Design Suite (TPDS), you can configure devices through an intuitive GUI and generate provisioning packages that integrate with our secure provisioning services, accelerating deployment and reducing development effort.
Post-Quantum Cryptography
The goal of our post-quantum cryptography solutions is to safeguard embedded systems against future quantum threats by providing hardware with algorithms that enable secure, long-term protection without requiring deep expertise in quantum security.
