The full-featured CEC1712 Arm® Cortex®-M4-based microcontroller provides secure boot with hardware root of trust protection in a pre-boot mode for those operating systems booting from external SPI flash memory. In addition, the CEC1712 provides key revocation and code rollback protection during operating life, enabling in-field security updates.
Complying with NIST 800-193 guidelines, the CEC1712 protects, detects and recovers from corruption for total system platform firmware resiliency. The secure boot with hardware root of trust is critical in protecting the system against threats before they can load into the system and only allows the system to boot using software trusted by the manufacturer. The CEC1712 secure bootloader loads, decrypts and authenticates the firmware to run on the CEC1712 from the external SPI flash. The validated CEC1712 code subsequently authenticates the firmware stored in SPI flash for the first application processor. Up to two application processors are supported with two flash components supported for each. In addition to preventing malicious malware during pre-boot in 5G and data center operating systems, Microchip’s CEC1712 and Soteria-G2 combination is a security enabler for connected autonomous vehicle operating systems, automotive Advanced Driver Assisted Systems (ADAS) and other systems that boot out of external SPI flash.
CEC1712H-S2-I/SX works with Soteria-G2 firmware to provide secure boot with hardware root of trust protection in a pre-boot mode for operating systems booting from external SPI flash memory. Together, this solution allows designers to speed adoption and implementation of a secure pre-boot and secure firmware update platform. Soteria-G2 firmware simplifies risk reduction during code development by using the CEC1712 immutable secure bootloader, implemented in Read-Only Memory (ROM), as the system root of trust.
- Secure boot provides a hardware-based root of trust
- Easy-to-use, seamless authentication and encryption capabilities for connected applications
- Robust hardware cryptography cypher suite
- 4K bits User Programmable OTP
- AES128, AES192, AES256
- SHA-1, SHA-256, SHA-512
- RSA-1024 to RSA-4096
- ECDSA, EC-KCDSA, Ed25519
- True Random Number Generator
- Monotonic Counter