Real-time platform root of trust provides an entire chain of trust

23-05-2022 | Microchip Technology | Subs & Systems

Microchip Technology Inc. has released its fully configurable microcontroller-based CEC1736 Trust Shield family that fixes this challenge by going beyond NIST 800-193 Platform Firmware Resiliency guidelines with runtime firmware protection that anchors the secure boot process while selecting an entire chain of trust for the system platform.

The solution extends its offering for providing the cyber resiliency of end equipment. It is a fully configurable real-time platform root of trust that allows runtime firmware protection in the SPI Flash and I2C/SMBus filtering against runtime attacks. The attestation element provides trustworthy evidence to ensure that critical devices in the platform are authentic. Lifecycle management and ownership transfer provide protect secrets through to the end product lifecycle and during the transfer of product ownership, enabling different operators to utilise the system platform securely with no compromise to information.

"The presumption of equipment trustworthiness is no longer acceptable, and it is imperative to both expect and guard against unauthorised firmware components while also distrusting peripheral components until proven trustworthy," said Ian Harris, vice president of Microchip's Computing Product business unit. "Our CEC1736 Trust Shield family provides a complete solution to these challenges that simplifies development and provisioning of keys and other secrets while speeding time to market and providing the flexibility to stay ahead of threats."

The family's advanced hardware crypto cipher suite is furnished with AES-256, SHA-512, RSA-4096, ECC with key size up to 571 bits and ECDSA with a 384-bit key length.

The 384-bit hardware PUF allows a unique root key and symmetric secret and private key generation and protection. The advanced root of trust and security solution, which fulfils the NIST 800-193 and OCP security guidelines, provides for quick adoption of the latest security advances and standards.

The Trust Shield family spans silicon, software, tools, a development board and provisioning capabilities that drive the end-to-end platform firmware protection that customers need.

"Security is an issue of business continuity, consumer privacy and national security, so it's everyone's responsibility to ensure it's protected," said Frédéric Thomas, chief technology officer of Kudelski IoT, a leading IoT security expert. "Microchip has taken important measures to ensure the CEC1736 Trust Shield family is robust against advanced attack methods by working with us to have their hardware independently assessed in our advanced security labs. This should give Microchip customers peace of mind that they are working with a secure, state-of-the-art microcontroller that contributes to the overall security of the connected world."

Related product news