Secure Your World with Security-Focused MCUs
CEC1712
- Ensures in-field security and firmware updates with key revocation and code rollback protection
- Complies with NIST 800-193 guidelines; protects, detects and recovers from corruption for total system platform firmware resiliency
CEC1302
- Ensures firmware is untouched and uncorrupted with a quick pre-boot authentication of the system firmware
- Protects the system from malware or memory corruption by authenticating firmware updates
CEC1702
- Reduces compute time with the hardware cryptographic cipher suite
- Protects secrets with encryption
- Validates firmware has been digitally signed and untouched using public key cryptography
- Designed to be used in conjunction with the CEC1702 and CEC1712
- Speeds adoption and implementation of a secure pre-boot platform
- Simplifies code development and reduces risk
According to leaders in the industry, the pre-boot environment has come under attack via rootkits and bootkits. These types of attacks are insidious and not detectable by high-level operating systems or anti-virus software. Secure boot is a security standard to prevent against attacks to the pre-boot firmware environment.
Soteria is highly configurable custom firmware that runs on CEC17x2 devices to provide a complete platform to establish a chain of trust for platform firmware resiliency. Soteria-G1 runs on the CEC1702Q-S1 and Soteria-G2 runs on the CEC1712Q-S2. The Soteria solution is designed to work with virtually any application processor that meets two criteria:
- The application processor can be held in reset, and
- The application processor loads its first code from SPI-Flash
The Soteria secure boot firmware provides a platform firmware resiliency solution that meets the NIST SP 800-193 guidelines. It uses the immutable secure bootloader implemented in CEC1702/CEC1712 ROM as the system Root of Trust (RoT). The secure bootloader loads, decrypts and authenticates the firmware from the external SPI Flash. The validated CEC1702/CEC1712 code is designed to authenticate the application processor firmware in the same SPI Flash. Up to three additional SPI Flash components can be supported.
Soteria prevents the system from booting unless the application host’s firmware that is stored in the external SPI Flash is authentic code signed by the OEM. It offers security features to authenticate and optionally decrypt the SPI Flash image in the external SPI Flash device.
The application processor can utilize the crypto resources in the CEC1702/CEC1712 to authenticate other code in the system, thereby extending the chain of trust to ensure that all code running in the system is authorized. Soteria uses the same mechanisms to ensure that platforms only perform secure firmware updates.
By design, the Soteria can be a simple black-box secure boot solution or customizable firmware that provides secure boot, extended security features and runtime secure commands via a host interface.
Soteria is available under a Signed License Agreement (SLA). Contact a Microchip sales representative or authorized worldwide distributor to execute the SLA.
The CEC1x02 device family provides a variety of robust hardware-based crypto algorithms to meet your protection needs.
What is Secure Boot?
Everybody today is worried about security. We see the market moving to authenticated boot as a way to protect your overall system. One of the worries is that when you try to boot your system, it won’t work because someone has compromised it.
One solution being adopted is secure boot which ensures the integrity of the software running on a platform. We provide secure boot capabilities to ensure the authentication of the embedded firmware prior to boot of the system. Secure boot relies on public/private keys to verify the digital signature of the code before execution. This confirms that only the code which you intend to be loaded is loaded and used, protecting your system from malicious code. Every time you boot the machine, you have the exact same expectation of the performance of your machine.
What Is Key Revocation?
Key revocation allows public/private key pairs used for authentication to be permanently retired. This feature may be used as a preemptive solution for aging keys or as a defense mechanism if a private key becomes compromised, allowing the code image to be altered or hacked by an unauthorized entity. Key revocation is a simple method for preventing code signed by a specific key from being used in the system. The system must implement multiple keys to use the key revocation feature.
What Is Code Roll-Back Protection?
Code roll-back is used when you need to prevent an old image from running. This should be performed using a secure update process.
| Product | Description |
|---|---|
Clicker 2 for CEC1302Part Number: TMIK044
|
Whether loading code from a private or shared SPI Flash device, the cryptographic engine CEC1302 ensures a hardware-based root of trust, that is not easily thwarted via physical replacement attack, occurs before each boot of the host processor. Before execution of your code has been loaded from a SPI Flash device, the CEC1302 validates the code using a digital signature encoded according to PKCS #1. The signature uses RSA-2048 encryption and SHA-256 hashing, providing automated detection of invalid code that may be a result of malicious or accidental corruption. |
CEC1x02 Development BoardPart Number: DM990013
|
The PIM ships with the CEC1702, a full-featured Arm® Cortex®-M4F-based microcontroller with complete hardware cryptography accelerators enabled solutions in a single package. The CEC1702 can be used as a secure boot product for application processors and can also be used as the sole standalone MCU in embedded applications.
|
CEC1702 IoT Development KitPart Number: DM990013-BNDL
|
Easily incorporate security into designs with the CEC1702 IoT Development Kit, a Microsoft®-certified Azure IoT Starter Kit with DICE support for fast development. |
CEC1702Q-B2 Plug-in Module (PIM)Part Number: MA990004
|
The CEC1702Q-B2 PIM is included with the CEC1x02 Development Board and CEC1702 IoT Development Kit. It allows you to evaluate the CEC1702 and program its One-Time-Programmable (OTP) memory. |
MPLAB® XC CompilersMPLAB XC32/32++ |
Provides a comprehensive solution for your project’s software development and is offered in free, unrestricted-use downloads. When combined with Microchip’s award-winning, free integrated development environment, MPLAB X IDE, the full graphical frontend provides:
|
MPLAB PICkit™ 4 In-Circuit DebuggerPart Number: PG164140
|
The MPLAB PICkit 4 In-Circuit Debugger/Programmer allows fast and easy debugging and programming of PIC®, CEC and dsPIC® Flash microcontrollers, using the powerful graphical user interface of MPLAB X Integrated Development Environment (IDE), version 4.15. Featuring a powerful, 32-bit, 300 MHz SAM E70 MCU, the MPLAB PICkit 4 offers significantly faster programming speeds than its predecessor. |
MPLAB ICD 4 In-Circuit DebuggerPart Number: DV164045
|
The MPLAB ICD 4 In-Cicuit Debugger is Microchip’s fastest, cost-effective debugging and programming tool for PIC and CEC microcontrollers (MCUs) and dsPIC Digital Signal Controllers (DSCs).
|
- Application Notes
- Brochures
- Data Sheets
- Errata
- Technical Briefs
- User Guides
- Software Libraries
| Title | Download |
|---|---|
| AN2402 - AN2402 - PCB Layout Guide for CEC1702 | Download |
| Title | Download |
|---|---|
| CEC1702 Silicon Errata and Data Sheet Clarification | Download |
| Title | Download |
|---|---|
| CEC1302 Crypto API User's Guide | Download |
| CEC/MEC Family Devices ROM API User's Guide | Download |
| CEC1x02 Development Board User’s Guide | Download |
| CEC1302 Peripheral Interface User's Guide | Download |
| CEC1302 Addendum | Download |
| CEC1702 Quick Start Guide | Download |
| CEC1702 Efuse Generator Tool User's Guide | Download |
| Title | Download |
|---|---|
| Azure IoT SDK w/ DICE on CEC1702 IoT Development Kit - build 800 | Download |
