While hardware-based security is a proven way to protect secret keys from physical attacks and remote extraction, it requires extensive security expertise, development time, and costs to configure and provision each device. With companies producing anywhere from hundreds to millions of connected devices per year across the globe, scalability of architecture can be a major barrier to deployments, and as a result manufacturers typically have only been able to support configuring and provisioning for high-volume orders.
The new Trust Platform offering is designed to address the needs of companies with low- to mid-sized deployments of connected devices, which until now, says the company, have been left with low-performing options.
"The uptick in successful attacks on software-based security solutions underscores the need for companies to adopt industry best practices, including isolating private keys in secure elements," says Nuri Dagdeviren, vice president of Microchip's secure products business unit. "Microchip's Trust Platform makes hardware-based security simple and cost-effective for companies of all sizes to implement, removing the barriers traditionally associated with configuring and provisioning devices."
The Trust Platform consists of a three-tier offering - out-of-the-box pre-provisioned, pre-configured, or fully customizable secure elements - allowing developers to choose the platform best suited for their individual design. The first tier, called Trust&GO, provides zero-touch pre-provisioned secure elements with a minimum orderable quantity (MOQ) as low as 10 units.
Device credentials are pre-programmed, shipped and locked inside the company's ATECC608A CryptoAuthentication device, which provides Common Criteria Joint Interpretation Library (JIL) "high"-rated secure key storage, for automated cloud or LoRaWAN authentication onboarding. In parallel, corresponding certificates and public keys are delivered in a "manifest" file, which is downloadable via the company's e-commerce store and select distribution partners.
In addition to saving up to several months of development time, says the company, the solution significantly simplifies provisioning logistics, making it easy for mass market customers to secure and manage edge devices without the overhead cost of third-party provisioning