Microchip logo
  • All
  • Products
  • Documents
  • Applications Notes

Secure Boot use case with ATECC608A

Why would you use a secure element for Secure Boot ?


This solution is archived and will no longer be updated. We recommend that you use the TrustFLEX ATECC608A-TFLXTLS instead.

Very often the intellectual property (IP) of an embedded product lives within the code of the microcontroller. In today's market place, it only takes a few weeks to extract that code despite the usage of traditional "code protect" features. At a moderate expense, many third party options are widely available on the internet who are capable to obtain HEX files from the microcontroller. This type of conterfeit puts in danger companies IP and could consequently lead to significant revenue loss or open various backdoors to malicious firmware.

Validate your application code with a trusted secure element

Secure Boot for small microcontrollers

The ATECC608A offers a particularly interesting new set of features that enable secure boot capabilities to standard microcontrollers. Secure boot is now possible also for small and cost efficient micontrollers.
physical protection cryptography
The example illustrated in the application note available in the "Getting Started" tab, will walk you through a use case using the ATSAMD21 (Cortex-M0+) and the ATECC608A. Once the system is booting, the secure element that holds the public key will use it to verify the image digest of the code has been signed by the matching and genuine private key. The signing process of the application image happens during the manufacturing phase.
With this type of implementation, the public key used in the example becomes truly immutable by benefiting of the anti-tampering protections the ATECC608A offers against possible physical attacks and side channel attacks.

20 Years of Experience in Secure Provisioning

Microchip is here all the way through.

Trust cannot rely only on the device but also on the manufacturing process. Exploiting third party weaknesses is one of the top targets for hackers. Isolating keys and secrets from manufacturing is equally vital. Customers can leave this burden to Microchip's secure factories and leverage our trusted provisioning service already used by thousands of companies.


  • Educate yourself about the secure boot use case using a secure element
  • Understand why private key isolation is vital to your design
  • Learn how to code with CryptoAuthLib library
  • Learn how to configure the memory zone and set your expected policies
Learn More


  • Memory configuration is defined and locked
  • Your public/private key pair is decided
  • Secret Exchange with Microchip completed
  • The ATECC608A is setup with your customized part number
Learn More

Mass Production

mass production
  • All the provisioning – keys/certificates generation and manipulation is done within Microchip secure factories
  • Public key are protected and immutable in the ATECC608A
  • Elimination of any software or manufacturing backdoors
  • The device ships pre-provisioned with the secrets
Learn More

Tools and Software

Firmware and provisioning script downloadable HERE

Buy the hardware to start with HERE

The user guide to get started is available HERE