Microchip delivers IoT MCU with built-in security

By Brian Santo, contributing writer

Microchip Technology’s CEC1702 microcontroller (MCU) now supports the Device Identity Composition Engine (DICE) security technology developed by the Trusted Computing Group (TCG). Companies that develop devices for IoT applications can use the MCU to automatically imbue their products with hardware-level, cryptography-based security.

Security technology is complex: Attacks keep getting more sophisticated and the number of threat vectors keeps increasing. In addition, few developers have staff with the relevant security expertise. Furthermore, building effective home-grown security technology can be expensive, making the addition of security prohibitive.

As a result, several semiconductor companies, including Microchip, Micron, Arm, Intel, Qualcomm, and others, are building security directly into their products designed for the IoT market. Arm, for example, recently devised a security “platform” that covers processors, an operating system, and network connectivity.

TCG’s DICE architecture breaks the boot process into layers and creates unique cryptographic keys, providing a measure of integrity for each layer. If malware is detected, the system automatically re-keys.

According to Micron, one of the benefits of using the secure boot features of the CEC1702 with the DICE standard is that it enables equipment manufacturers to create a chain of trust for multiple loads of firmware, which is especially important for customers concerned with authenticating system-critical commands, such as in applications like power plants or online server databases.

Meanwhile, Microsoft has been positioning Azure as a secure network for IoT applications, which is context for the other part of Microchip’s recent announcement. Along with integrating DICE into its MCU, Microchip is also making available a new CEC1702 IoT development kit for Microsoft Azure IoT.

The kit comes with a programmable 32-bit Arm Cortex-M4 microcontroller and sample code to quickly develop a secure, cloud-connected solution (this is the Arm processor at the heart of the Arm security platform).

“As the IoT landscape continues to increase with security threats, customers can turn to Microchip’s IoT development kit to quickly and easily connect devices to the cloud and incorporate DICE security standards in their product,” said Sam George, director, Microsoft Azure IoT at Microsoft Corp., in a statement. “The development kit enables customers to implement the DICE standard into a device’s hardware while also benefiting from Microsoft Azure’s security and privacy features.”

The CEC1702Q-B2-I/SX is available in production volume for $3.14 each in 5,000-unit quantities. The CEC1702 IoT development kit (DM990013-BNDL) is available for $199.99.