This article is part of the TechXchange: Cybersecurity
Microchip Technology introduced a secure 32-bit Cortex-M23 microcontroller (MCU) that it claims is the first to combine a hardware-based security subsystem with Arm’s TrustZone technology in a single package.
The unique combination in the PIC32CM LS60 lowers the bar for baking advanced security into Internet of Things (IoT) devices, according to the company. Such IoT devices range from smart home devices, medical devices, and wearables to connected appliances and industrial robots.
The new secure MCU could help in fixing the relatively lax security in IoT devices, which have become highly vulnerable to hackers trying to infiltrate or take control of hardware or steal information stored inside them.
Rod Drake, VP of the 32-bit MCU business unit at Microchip, claims the combination is step up from the hardware security modules (HSMs) many of its rivals are incorporating into new generations of wired and wireless MCUs. “With its integration of Arm TrustZone technology and Microchip’s secure subsystem in one package, the PIC32CM LS60 is an offering that the market hasn't seen before.”
Doubling Down on Security
The MCU unites Arm TrustZone with Microchip’s proprietary “Trust Platform” secure subsystem, giving its customers the ability to build better hardware protections for remote and physical attacks into IoT devices.
Arm’s TrustZone is a hardware mechanism integrated into many of Arm’s Cortex-M MCUs. It is used to break the execution environment of the CPU into “secure” and “non-secure” regions. Each is equipped with separate memories, peripherals, and functions to isolate firmware and sensitive data stored in the chip. TrustZone aims to act as a deterrent for attackers trying to steal information by tampering with the hardware.
Microchip said its Trust Platform, which is rated “high” under the Common Criteria JIL standard, shares the task of protecting hardware against the most devastating attacks. Since it is a separate secure element—or “enclave” as some refer to it—inside the package, the Trust Platform helps to cordon off the most sensitive data housed in the IoT device, providing safe storage for private keys used in cryptography and secure boot.
Packing everything in a single MCU instead of several chips ultimately saves real estate on the circuit board, as well as cost. It comes with memory configurations of up to 512 KB of flash and 64 KB of SRAM.
The new MCU is supported by a wide range of development tools, including MPLAB Code Configurator TrustZone Manager and Trust Platform Design Suite to simplify configuration of the secure subsystem.
Microchip’s Trust Platform provisioning service is also supported to securely provision keys and certificates.
Keeping Power in Check
While more companies are trying to upgrade the underlying security of IoT devices, they are having to do so without burning through precious battery life. To keep power in check, Microchip said the MCU can run in so-called “sleep-walking” mode. This mode allows a peripheral to temporarily wake up to perform a task without waking the 48-MHz Cortex-M23 MCU from standby mode, unless the MCU is needed to carry out operations.
These peripherals keep the MCU in sleep mode for prolonged periods of time to curb power. The chip uses under 60 μA per MHz in active mode and under 45 nA in shut-off mode, with fast wake-up times of 1.5 μs.
The chip also contains a proprietary power-saving feature that enables on-chip peripherals to communicate directly, independently of the CPU. With it, the output of one peripheral can be shared with many others.
Microchip said the new MCU works with development tools including MPLAB Data Visualizer and Power Debugger to fine-tune the power consumption in real-time, helping prolong the battery life of the device.
It also comes with on-chip analog peripherals such as operational amplifiers (op amps), digital-to-analog converters (DACs), and analog-to-digital converters (ADCs) that can run in sleep modes and interface with different sensors.
In addition, Microchip said that it upgraded the peripheral touch controller (PTC) inside to make it simple to add more accurate capacitive touch interfaces such as buttons, wheels, sliders, and surfaces to IoT devices.
The MCU, housed in 48-, 64-, or 100-pin TQFP packages, is priced at $5.48 each in orders of 10,000 units.
Read more articles in the TechXchange: Cybersecurity