Part Number:
Quantity:
Price per Unit (in USD):
Total Amt:
Log in to myMicrochip to access tools and benefits. Sign up in just one minute.
Maximize Your Experience: Reap the Personalized Advantages by Completing Your Profile to Its Fullest. Update Here
Stay in the loop with the latest from Microchip. Update your profile while you are at it. Update Here
Complete your profile to access more resources. Update Here
true
TrustMANAGER
Manage the Security of Connected Devices with TrustMANAGER
Our ECC608 and TA101 devices, provisioned through TrustMANAGER, help you manage the trust of connected devices in an IoT network. Combined with the Kudelski IoT keySTREAM SaaS, TrustMANAGER sets up a self-serve Public Key Infrastructure (PKI) that provisions your devices in the field and activates them within your account once they are connected.
TrustMANAGER also supports bulk credential uploads, either with a single action or through automated processes, and charges only for devices that connect. After an IoT device is connected, keySTREAM can remotely provision a range of cryptographic credentials. In addition, keySTREAM provides managed Firmware Over-The-Air (FOTA) updates to dynamically manage the security lifecycle of a product, from deployment through end-of-life.
Together, TrustMANAGER and keySTREAM SaaS support an end-to-end approach to IoT security, simplifying key and certificate management as well as FOTA updates for ATECC608‑ and TA101‑based designs.
Featured Products
ECC608
The ATECC608 is our widely adopted secure IC, delivering robust hardware‑based protection using both asymmetric and symmetric cryptography. It supports ECC‑P256 (ECDH, ECDSA), SHA‑256, and AES‑128‑GCM. The device connects through single‑wire or I²C interfaces.
Designed for Internet of Things (IoT) security—including home automation, industrial networks, medical devices and accessory/consumable authentication—the ATECC608 provides a flexible security foundation for a wide range of designs.
TA101
The TA101 is an advanced secure IC, designed for applications that require strong cryptographic strength and resilience, with support for remote configuration through TrustMANAGER. It supports a broad suite of asymmetric and symmetric algorithms, including ECC, RSA, AES, SHA, HMAC, CMAC, and Ed25519. Interface options include SPI or I²C.
Engineered for automotive, industrial and IoT systems, the TA101 delivers robust trust‑anchor capabilities for platforms demanding long‑term security and high‑assurance authentication.
Featured
TA101 TrustMANAGER and TrustFLEX Early Adopter Program
Get early access to TA101‑TFLX (TrustFLEX) and TA101‑TMNG (TrustMANAGER) beta silicon devices.
TA101‑TFLX is a robust secure key storage device paired with a set of predefined security protocols for teams who want to integrate TA101 into their own public key infrastructure (PKI) systems.
TA101‑TMNG includes the same key storage and protocol capabilities, but adds the keySTREAM cloud platform for remote configuration, PKI creation, key management, and firmware updates —removing the burden of building a managed IoT security infrastructure in‑house.
TrustMANAGER Device and keySTREAM Services
Custom PKI Setup
- Root Certificate Authority (CA) creation
- Self-service PKI
- Protection with IT-grade Hardware Security Modules (HSMs)
- Kudelski HSM with 99.99% SLA
- Quick to set up, in minutes
- Cost-effective managed PKI
Automated Device Onboarding
- Automated bulk upload of certificates for quick onboardings
- Take ownership of the fleet with in-field provisioning
Certificate Management
- Expiration date
- Rotation
- Revocation
- Renewal
Managed FOTA Update
- Code signing
- Create and protect signing key in keySTREAM HSM
- Bring your own signing key
- In-field provisioning of verification public key
- SaaS-based firmware delivery
- Management of FOTA campaigns
Benefits of Using a TrustMANAGER Device
- Prepare for European Cyber Resilience Act (CRA) and US Trust Mark compliance
- Use the keySTREAM-managed FOTA updates to comply with the CRA- mandated patch updates
- Set up your IT-grade, custom PKI in minutes using a proper HSM with no expertise
- Protect your root certificate and associated private key in keySTREAM HSMs
- Reduce onboarding time and cost by leveraging the auto-claim process and scale of the keySTREAM
- Remove the need for customization during manufacturing with in-field provisioning to reduce the risk of mishandled keys and only pay for the provisioning of devices that connect
- Manage keys remotely to keep your IoT device security up to date
White Paper
Cyber Resilience Act: Key Insights for Manufacturers
The Cyber Resilience Act (CRA) sets strict security requirements for digital products in the EU with penalties for noncompliance. We offer secure product solutions, cryptographic tools and provisioning services to help manufacturers achieve compliance.
Our white paper explores CRA guidelines, affected markets and security use cases. Learn how our TrustMANAGER security ICs and solutions with Kudelski IoT keySTREAM SaaS can simplify CRA compliance.
Development Tools
- Host Evaluation Boards
- TA101 Add-On Boards
- ATECC608 Add-On Boards
- Software Tools
The Microchip CryptoAuth Pro Trust Platform is an enhanced version of the CryptoAuth Trust Platform Board containing and has a Arm® Cortex®-M4F Microcontroller, four on-board CryptoAuthentication devices, two mikroBUS™ sockets, and an on-board 10/100 Mbit Ethernet phy. Programming can be done via the on-board PKoB4 debugger which is compatible with MPLAB®X IDE. The board has been developed to work with Microchip's Trust Platform Development Suite of tools.
The CryptoAuth Trust Manager provides a compact development solution for developing IoT solutions with the ECC608-TMNGTLS device. The kit works in combination with the keySTREAMTM Software-as-a-Service (SaaS) powered by Kudelski IoT.
The TA100 8-PIN SOIC Socket board is a mikroBUS extension board used to develop applications for the TA100 CryptoAutomotiveTM device. The board supports both I2C and SPI versions of the device.
The ATECC608 Trust is an add-on board for the CryptoAuth Trust Platform and other Microchip development platforms that contain a mikroBUS header For IoT Applications.
The board has ATECC608C-TFLXTLS, ATECC608C-TNGTLS, ATECC608C-TCSM and ECC608-TMNGTLS devices.
The AT88CKSCKTSOIC-XPRO is an XPRO extension board that attaches 8-pin SOIC CryptoAuthentication™ devices to Microchip MCU's that support an XPRO interface. All Microchip CryptoAuthentication™ devices regardless of interface can be used with this board.
The Trust Platform Design Suite (TPDS) is our onboarding tool for our security-related solutions. The full onboarding experience includes, but is not limited to:
- Training and education about security concepts
- Prototyping, including dummy key generation and code examples, available via our interactive application notes
- Access to our provisioning system through a secure sub-system configurator and secure exchange process
MPLAB X IDE is a highly configurable software platform that provides powerful, free tools for developing, debugging and qualifying embedded designs that use microcontrollers and digital signal controllers.
Scalable Manufacturing Solution
The keys, certificates and data to be loaded in the ECC608 will be provisioned in the field at the time of connection, so there is no need to expose those credentials to contract manufacturers or spend test time and infrastructure cost in their factories.
Although you will have a custom root CA associated with your company name, there are no custom part numbers involved. As a result, you can better manage your inventory across multiple product lines. Financially, charges for in-field provisioning only occur if your customer connects the device; you only pay for the devices your customer connects.
Ready to Go to Production with TrustMANAGER?
Auto Claiming
- Create a Microchip e-commerce account
- Create a keySTREAM account
- Select Auto Claiming workflow in keySTREAM
- Order ECC608-TMNGTLS; no manifest upload is required
Claiming Devices With a Manifest
- First order the ECC608-TMNGTLS and download the manifest
- Open a keySTREAM account
- Upload the manifest into keySTREAM
Resources
Understanding the Role of ECC608 TrustMANAGER and Kudelski IoT SaaS
In this blog post, we will explore the significance of the ECC608 TrustMANAGER combined with the keySTREAM™ Software as a Service (SaaS) from Kudelski IoT, its functions and its role in establishing security and reliability in an Internet of Things environment.
How to Set up the ECC608 TrustMANAGER with keySTREAM from Kudelski IoT
This video will guide you through the step-by-step process of setting up the ECC068 TrustMANAGER with the keySTREAM SaaS from Kudelski IoT. You will learn how to create your custom root certificate authority and associated PKI, trigger the in-field provisioning, and get ready for certificate management services.
keySTREAM Trusted Agent (KTA) Library
This GitHub page contains the keySTREAM Trusted Agent Library (KTA_LIB) Configurations and an example application. Here are the primary folders:
- apps - Example application to demonstrate useage of KTA_LIB with MPLAB® Harmony
- config - KTA_LIB module configuration files
- docs - KTA_LIB help documentation