Microchip simplifies hardware-based IoT security
A pre-provisioned solution that provides secure key storage for low-, mid- and high-volume device deployments using the ATECC608A secure element is now available from Microchip Technology. According to the company, the Trust Platform for its CryptoAuthentication family enables companies of all sizes to implement secure authentication.
The platform consists of a three-tier offering, providing out-of-the-box pre-provisioned, pre-configured or fully customisable secure elements, allowing developers to choose the platform best suited for their individual design. As the first solution to provide ready-to-go secure authentication for the mass market, the first tier – Trust&GO – provides zero-touch pre-provisioned secure elements with a minimum orderable quantity (MOQ) as low as 10 units.
Device credentials are pre-programmed, shipped and locked inside the ATECC608A for automated cloud or LoRaWAN authentication onboarding. In parallel, corresponding certificates and public keys are delivered in a “manifest” file, which is downloadable via Microchip’s purchasing e-commerce store and select distribution partners.
With the ability to authenticate to any public or private cloud infrastructure, Microchip’s Trust Platform is also flexible and customisable. For customers who want more customisation, the program includes the TrustFlex and TrustCustom platforms.
The solution helps simplify provisioning logistics, says the company, making it easy for mass market customers to secure and manage edge devices without the overhead cost of third-party provisioning services or certificate authorities.
The second tier in the program, TrustFlex, offers the flexibility to use the customer’s certificate authority of choice while still benefiting from pre-configured use cases.
These use cases include baseline security measures such as transport layer security (TLS) hardened authentication for connecting to any IP-based network using any certificate chain, LoRaWAN authentication, secure boot, Over-the-Air (OTA) updates, IP protection, user data protection and key rotation. This can reduce the time and complexity involved in customising the device without requiring customised part numbers.
For customers who would like to customise their designs entirely, the third tier in the program – TrustCustom – provides customer-specific configuration capabilities and custom credential provisioning.
Join 97,426 other subscribers