As the market’s security needs change, platforms must also evolve to defend against cyber-attacks during startup, real-time phases, and system updates. Faced with new market threats, designers need to assume that the endpoints they use are not trustworthy and must find new technologies to protect the system. Microchip Technology Inc. announced the CEC1736 Trust Shield family of fully configurable microcontroller-based products that address these challenges with runtime firmware protection that exceeds the NIST 800-193 Platform Firmware Resilience Guidelines, enabling system platforms Ensure a secure boot process while establishing a complete chain of trust.
The CEC1736 solution complements Microchip's product lineup to ensure cyber resilience in end equipment. It has a fully configurable real-time platform root of trust, enabling runtime firmware protection in SPI flash and I2C/SMBus filtering against runtime attacks. Authentication features provide credible evidence to ensure the authenticity of key devices in the platform. Lifecycle management and ownership transfer functions protect confidentiality throughout the end product life cycle and product ownership transfer process, enabling different operators to safely use the system platform without revealing information.
"Assuming device trust is no longer acceptable, unauthorized firmware components must be anticipated and protected, while peripheral components must not be trusted until proven trust," said Ian Harris, vice president of Microchip's Computing Products Business Unit. Our CEC1736 Trust Shield family The product provides a complete solution to these challenges, simplifying the development and configuration of keys and other secrets, while accelerating time to market and providing the flexibility to stay ahead of threats."
The advanced hardware cipher suite of the CEC1736 Trust Shield family is equipped with AES-256, SHA-512, RSA-4096, ECC with key sizes up to 571 bits, and Elliptic Curve Digital Signature Algorithm (ECDSA) with key lengths of 384 bits. 384-bit hardware Physical Unclonable Function (PUF) enables unique root key, symmetric secret, private key generation and protection. This advanced root of trust and security solution complies with NIST 800-193 and OCP security guidelines for rapid adoption of the latest security achievements and standards.
Microchip's CEC1736 Trust Shield family of products covers silicon, software, tools, development boards and configuration functions to provide customers with the end-to-end platform firmware protection they need.
Frédéric Thomas, CTO of Kudelski IoT, a leading IoT security company, said: “Security is about business continuity, consumer privacy and national security, and ensuring it is everyone’s responsibility. By partnering with us, in our state-of-the-art security lab Microchip has taken significant steps to ensure that the CEC1736 Trust Shield family of products is resistant to advanced attacks by independently evaluating their hardware. This reassures Microchip customers that they are using a secure and advanced microcontroller that contributes to the integrity of the connected world Safety."
Development tools
Microchip provides easy-to-use development tools for the CEC1736 Trust Shield family of products, including the Trusted Platform Design Suite (TPDS), a graphical user interface (GUI) configurator for exploring features, defining security configurations, and prototyping and Production encryption. Other development tools include Microchip's MPLAB® Harmony, a fully integrated embedded software development framework that simplifies device setup, library selection and application development. Additional support includes the CEC1736 development board.