Arizona electronics company Microchip has enhanced its TrustManager platform to address IoT security problems.

Firmware over-the-air (FOTA) updates and remote cryptographic key management provide scalable options to support CRA compliance and cyber-security regulations.

International cyber-security regulations continue to adapt to meet the evolving threat landscape. One major focus is on outdated firmware in IoT devices, which can present significant security vulnerabilities.

To address this, Microchip is enhancing its TrustManager platform (www.microchip.com/en-us/products/security/trust-platform/trustmanager) to include secure code signing and FOTA update delivery as well as remote management of firmware images, cryptographic keys and digital certificates. These advancements support compliance with the European Cyber Resilience Act (CRA), which mandates strong cyber-security measures for digital products sold in the EU.

Aligned with standards such as the Etsi EN 303 645 baseline requirements of cyber security for consumer IoT and the ISA/IEC 62443 security of industrial automation and control systems standards, the CRA sets a precedent that is expected to influence regulations worldwide.

Microchip’s ECC608 TrustManager leverages Kudelski IoT’s KeyStream software-as-a-service (SaaS) to deliver a secure authentication IC that is designed to store, protect and manage cryptographic keys and certificates. With the addition of FOTA services, the platform helps users securely deploy real-time firmware updates to patch vulnerabilities remotely and comply with cyber-security regulations.

“Evolving cyber-security regulations require connected device manufacturers to prioritise the implementation of mechanisms for secure firmware updates, lifecycle credential management and effective fleet deployment,” said Nuri Dagdeviren, vice president at Microchip. “The addition of FOTA services to Microchip’s TrustManager platform offers a scalable option that removes the need for manual and expensive static infrastructure security updates. FOTA updates allow customers to save resources while fulfilling compliance requirements and helping to future-proof their products against emerging threats and evolving regulations.”

Enhancing cyber-security compliance, the Microchip WINCS02PC wifi network controller module used in the TrustManager development kit is now certified against the Radio Equipment Directive (RED) for secure and reliable cloud connectivity. RED establishes strict standards for radio devices in the EU, focusing on network security, data protection and fraud prevention. Beginning next month, all wireless devices sold in the EU market must adhere to RED cyber-security provisions.

By incorporating these additional services, TrustManager – governed by KeyStream – tackles key challenges with IoT security, regulatory compliance, device lifecycle management and fleet management. This is designed to serve IoT device manufacturers and industrial automation providers. Learn more about Microchip’s Trust Platform at www.microchip.com/en-us/products/security/trust-platform.

The ECC608 TrustManager is compatible with the MPLab X integrated development environment (IDE) and supported by Microchip’s CryptoAuth Pro EV89U05A development board (www.microchip.com/en-us/development-tool/EV89U05A) and the CryptoAuthLib software library. The Trust Platform Design Suite (TPDS) contains a use case example including onboarding educational steps and a firmware code example to enable the KeyStream service to AWS with the ECC608 secure element running on a 32bit Arm Cortex-M4-based PIC32CX SG41 MCU and a WINCS02PC wifi module.

Headquartered in Chandler, Arizona, Microchip Technology (www.microchip.com) provides smart, connected and secure embedded control and processing products. Its development tools and products help users create designs that reduce risk while lowering total system cost and time to market. The company serves more than 100,000 customers across the industrial, automotive, consumer, aerospace, defence, communications and computing markets.