Microchip logo
  • All
  • Products
  • Documents
  • Applications Notes

32-bit Embedded Security Solutions

With the rapid adoption of connected nodes and cloud-based infrastructures, the frequency of security threats is always increasing. Securing your embedded system is a necessity, but the solution you select will depend on the type of security you need, the cost of implementation, the level of risk tolerance and the ease of development. Our 32-bit microcontrollers (MCUs) offer some of the most comprehensive and scalable security options available in the market today. They are supported by a comprehensive ecosystem of hardware, software, tools and functions to make it easy to implement effective protection for your embedded application.

32-bit MCU Security Ecosystem

Hardware

Security begins with hardware. Our 32-bit MCU security portfolio has integrated hardware-based security features. Hardware-based security is faster, has higher performance and is more secure than software-only solutions.

  • Diverse security features and functions can be combined to meet your application’s unique security needs
  • Industry’s first low-power MCU with Arm® Trustzone® for secured partitioning
  • MCUs can also be hardened with the addition of a secure element

Tools and Software

Save time by starting your design process with our award-winning development ecosystems for 32-bit MCUs, MPLAB® Harmony and Atmel START. We also provide comprehensive cryptographic/security software support across development platforms.

  • Flexible, modular and robust embedded development environment with extensive software support
  • Support for cryptographic algorithms, TLS/Wi-Fi® stack fully integrated with hardware and demos for rapid prototyping

Third-Party Integration

Security measures can be further reinforced with third-party security software. We’ve worked with several third parties to provide easy-to-use security development options.

  • Arm TrustZone enablement software abstracts away complex security implementation and provides a simple smart user interface to securing embedded applications
  • Software supports secure key provisioning and life cycle management
  • Application Programing Interface (API) for common use cases like IP protection, cloud onboarding and anti-cloning

Security Functions

Our microcontrollers provide a variety of security functions that can be customized to meet a wide range of protection needs. 

Symmetric Cryptography (Secret Key)
+

Symmetric-key algorithms are algorithms for cryptography that use the same cryptographic keys for both encryption of plaintext and decryption of ciphertext.

Asymmetric Cryptography (Public Key)
+
Public-key cryptography, or asymmetric cryptography, is any cryptographic system that uses pairs of keys: public keys which may be disseminated widely, and private keys which are known only to the owner.
Integrity Check Monitors (Message Hash)
+
Message hashes transform variable-length data to a fixed-length piece of data. Integrity check monitors generate and validate message hash to preserve data integrity.
Hardware Root of Trust (Secure Boot)
+
A microcontroller that starts executing software from an internal, immutable memory (For example, ROM). The software stored in the microcontroller is considered inherently trusted (i.e., the root of trust) because it cannot be modified.
Secure Firmware Upgrade (Secure Bootloader)
+
A small section of code is added to the main application stored in the Flash of the MCU to provide the ability to download firmware upgrades. This code is called a bootloader, as its role is to load a new program at boot. Securing this code is essential to protect IP, assets and remote attacks and is the essential feature of secure bootloader.
True Random Number Generator
+
Hardware-based random generator offering a higher source of entropy for the generation of keys used in cryptographic applications.
Tamper Detection
+
Ability of a device to sense that an active attempt (mostly physical) to compromise the device integrity or the data associated with the device is active. The MCU can be programmed to take appropriate defensive actions upon detection.
Secure Key Storage
+
Protecting nonvolatile and volatile keys from remote and physical attacks.
Key Provisioning
+
Injection of secret identity data and cryptographic keys in a secure environment to maintain authenticity and integrity of an embedded application.
Hardware Isolation/IP Protection/TrustZone
+
Hardware-enforced isolation between the trusted and the untrusted resources of an application enabling IP protection.

Featured 32-bit MCUs for Security

SAM L11/SAM L11-KPH

Industry-leading security in its performance class

  • Industry’s first Arm Cortex®-M23 based MCU with robust chip-level security features and Arm TrustZone technology
  • Integrated hardware-based security in a small MCU
  • Comprehensive security software and support framework
  • Supports a host of security functions including secure boot, secure firmware upgrade, hardware isolation, secure IO, IP protection, tamper protection, key provisioning solutions and key protection
  • SAM L11-KPH includes a factory-provisioned unique root of trust (key) and Kinibi-M™ Trusted Execution Environment (TEE) to provide an immutable identity for secure application development
  • Industry-leading low-power performance
Learn More

SAM D5x/E5x

Mid-performance MCU with highly-integrated security

  • Arm Cortex-M4F-based with asymmetric and symmetric crypto accelerators
  • Public Key Cryptographic Controller (PUKCC) supporting RSA/ECC algorithms
  • Secure bootloader support
  • Integrity check monitors supporting Secure Hash Algorithms (SHA)
  • Excellent connectivity options including Ethernet and CAN-FD

 

 

 

Learn More

CEC1302 and CEC1702

Enable secure boot and updates of system firmware, providing an immutable identity and a root of trust

  • Easy-to-use authentication, private key and customer programming flexibility to minimize customer risk
  • Securely boot your system firmware
  • Reduce compute time with the robust hardware cryptographic cipher suite
  • Programming flexibility to minimize customer design risk
  • Easy-to-use encryption, authentication, private and public key capabilities

 

 

Learn More