Securely Provision Credentials in Your Products by Microchip

Written by Mike Benson

August 31, 2020

Trust Platform for the CryptoAuthentication™ Family

For deployments of as few as ten units to up to many thousands of devices, our Trust Platform is a cost-effective and flexible solution for onboarding our secure elements in your design and accelerating your product’s time to market. The Trust Platform is composed of a family of pre-provisioned, pre-configured or fully customizable secure elements. Credentials are generated inside each secure element’s boundary by leveraging our Hardware Secure Modules (HSMs) that are installed in our factories. The devices also come with hardware and software development tools to make prototyping easy and to fast track your development. The Trust Platform offers three tiers of secure elements—Trust&GO, TrustFLEX and TrustCUSTOM—to provide you with the options and flexibility to meet the requirements of your company’s security model.

 

When you use our Trust Platform, you will optimize your overall provisioning logistic costs by benefitting from an existing and amortized HSM infrastructure integrated into our factories. Generally, it is financially and technically challenging for third-party contractors that offer provisioning services to provide an efficient and cost-effective model, especially for smaller orders. When you leverage our provisioning service along with our Trust&GO, TrustFLEX or TrustCUSTOM secure elements, you can select the option that best meets your current needs, and then scale as your business or market share spreads across the globe. Trust&GO has a minimum orderable quantity of just ten units, making it easy for you to get started on a small scale.

 

What Are the Trust Platform Options?

The main differences between the three Trust Platform tiers include the level of involvement you have in choosing or defining a device configuration for your use case, deciding what credentials you want to provision, and selecting the Minimum Orderable Quantity (MOQ) that will best suit your requirements. You can also take advantage of our Trust Platform Design Suite to guide you through your development, from prototyping up to production. Here is an overview of the three options:

TRUST PLATFORM OPTIONS

  • Devices are pre-configured and pre-provisioned with keys and generic certificates for thumbprint authentication
  • MOQ is 10 units including provisioning
  • Code examples are available for the following use cases:
    • AWS IoT authentication
    • Microsoft Azure IoT Hub authentication
    • Google IoT authentication
    • LoRa® authentication
    • Third-party TLS authentication
  • Buy the device, claim it and you’re done
  • Devices are pre-configured and provisioned with default generic certificates for thumbprint authentication, but they can be replaced with your credentials
  • MOQ is 2,000 units including provisioning
  • These most commonly requested use cases are available:
    • Any cloud, any PKI
    • Certificate-based authentication
    • Token-based authentication
    • Secure boot
    • Over the Air (OTA) verification
    • Firmware verification
    • IP protection
    • Message encryption
    • I/O protection key
    • Accessory authentication
    • Key rotation
  • Devices are fully customizable if your needs go beyond the Trust&GO and TrustFLEX offerings
  • MOQ is 4,000 units including provisioning
  • Fully customizable
  • Start with a blank device

WHY CHOOSE TRUST PLATFORM?

Without secure key provisioning, as your sensitive keys are injected during manufacturing they are exposed to third-party software, microcontroller firmware, contract manufacturers and operators. With the risks so high in these mass-production conditions, it’s important that the credentials are placed inside secure storage using a process that follows good security practices. The objective of our Trust Platform provisioning service is to isolate credentials from being exposed any time during and after production while eliminating the need for you to have extensive knowledge about handling and securing keys.

Interested? Email us at sales@glyn.com.au

Information extracted from microchip.com (link)

Related Articles

The integration-ready Acconeer XM132 Entry Module

  The XM132 is an integration-ready low-power module with outstanding system cost, optimized for use cases such as presence detection and contactless monitoring of tank levels. With a solderable design featuring a land grid array and software adapted for specific...

Robustel R5020 – 5G Industrial IoT Router

 Robustel are pleased to announce our first 5G Industrial IoT router – the R5020, offering support for global 5G, 4G and 3G bands with support for 3GPP Release 15. With its on-board smarts, compact size and a competitive price point the R5020 is the perfect solution...

Stay Up to Date With The Latest News & Updates

Join Our Newsletter

Join our monthly newsletter for the latest updates in the electronics industry