Microchip Enhances TrustMANAGER for CRA Compliance and IoT Security

| 30-06-2025 | By Matthew Walker

Key Takeaways:

  • Microchip updates TrustMANAGER with secure Firmware Over-the-Air (FOTA) updates and remote PKI management for IoT devices.
  • Designed for CRA and RED compliance, helping OEMs meet EU cybersecurity requirements for firmware and wireless connectivity.
  • ECC608 secure element with Kudelski keySTREAM SaaS supports in-field provisioning and automated certificate lifecycle control.
  • Full development support via MPLAB® X IDE, TPDS, and RED-certified Wi-Fi module for secure, scalable deployment.

With global cybersecurity regulations tightening, IoT device manufacturers face mounting pressure to secure devices beyond factory floors.

In response to the evolving threat landscape and increasing compliance demands, Microchip Technology has introduced a significant update to its TrustMANAGER platform. The upgrade adds support for secure Firmware Over-the-Air (FOTA) updates and remote cryptographic key and certificate management, delivering a scalable solution for connected device security.

This enhancement is designed to help OEMs and industrial automation providers meet the stringent requirements of the European Cyber Resilience Act (CRA), which mandates proactive lifecycle security for digital products sold within the EU. It also supports upcoming provisions of the Radio Equipment Directive (RED), due to take effect in August 2025, focusing on the cybersecurity of wireless devices.

“As evolving cybersecurity regulations require connected device manufacturers to prioritize the implementation of mechanisms for secure firmware updates, lifecycle credential management and effective fleet deployment, the addition of FOTA services to Microchip’s TrustMANAGER platform offers a scalable solution that removes the need for manual, and expensive, static infrastructure security updates,” said Nuri Dagdeviren, Corporate Vice President of Microchip’s Security Products business unit.

This positions TrustMANAGER as a forward-looking platform for future-proofing IoT security strategies and ensuring regulatory readiness across global markets.

ECC608 TrustMANAGER and keySTREAM SaaS – Enabling End-to-End IoT Protection

At the heart of Microchip’s enhanced security offering is the ECC608 TrustMANAGER secure element, tightly integrated with Kudelski IoT’s keySTREAM™ Software as a Service (SaaS). This combination delivers robust, scalable IoT security through in-field provisioning, automated fleet onboarding, and remote credential lifecycle management.

With built-in support for industry-standard cryptography, including ECC-P256 (ECDH/ECDSA), SHA256, and AES-128-GCM, the ECC608 ensures strong encryption and authentication for connected devices. Real-time key rotation, revocation, and renewal features allow engineers to maintain device integrity across the product lifecycle, without direct factory access or manual key handling.

The TrustMANAGER platform’s design supports full compliance with critical IoT security standards, including the ETSI EN 303 645 guidelines for consumer devices and the ISA/IEC 62443 framework for industrial automation and control systems. These regulatory alignments give developers a streamlined path to market in both commercial and industrial domains.

Further boosting compliance capabilities, the updated WINCS02PC Wi-Fi® module used in the TrustMANAGER development kit is now certified under the EU’s Radio Equipment Directive (RED). This ensures secure and reliable cloud connectivity, meeting the cybersecurity provisions that become mandatory for wireless devices sold in the EU starting August 1, 2025.

Developer Tooling and Embedded Integration for Quick Deployment

To accelerate secure product development, Microchip provides a full suite of integrated tools for implementing the TrustMANAGER platform. This includes support for the MPLAB® X Integrated Development Environment (IDE), the CryptoAuth Pro Development Board (EV89U05A), and the intuitive Trust Platform Design Suite (TPDS).

The TPDS includes comprehensive onboarding guides, use case examples, and firmware templates. One reference implementation showcases seamless integration with AWS® cloud services using the PIC32CX SG41 32-bit Arm® Cortex®-M4 microcontroller and the RED-compliant WINCS02PC Wi-Fi® module. This ready-to-use stack allows engineers to prototype, test, and deploy secure IoT applications without building security infrastructure from scratch.

Crucially, the TrustMANAGER platform eliminates the need for factory key injection, reducing both provisioning complexity and manufacturing costs. Devices can be provisioned securely in the field, ensuring that cryptographic materials never leave the developer’s control while enabling fleet-wide lifecycle management at scale.

For OEMs and embedded engineers navigating an increasingly regulated landscape, TrustMANAGER offers a streamlined path to cybersecurity compliance and future-ready device security architecture.

Facebook icon LinkedIn icon
ep-matt-walker-avatar.jpg

By Matthew Walker

Matthew Walker is the Editor at Electropages, a leading publication in the electronics industry. With over 15 years of expertise in digital marketing, Matthew specialises in developing powerful digital strategies that drive visibility and success in the tech sector. Throughout his career, Matt has led numerous impactful campaigns for Electropages and Electromaker, always aiming to keep businesses at the cutting edge of the rapidly evolving electronics landscape.