6.3.3 Integrity Check Monitor (ICM)

Some PIC32CM device families include an Integrity Check Monitor (ICM) to ensure memory integrity using cryptographic hash functions. The ICM acts as a DMA controller that autonomously performs hash calculations over multiple memory regions, using transfer descriptors stored in memory (the ICM Descriptor Area). This is primarily used in applications that require high reliability, safety and security.

Key Features:

• DMA AHB host interface
• Multi-region monitoring—Up to four non-contiguous memory regions simultaneously
• Linked list support—Allows flexible block gathering and management of memory regions via linked list descriptors
• Two modes of operation:
  • Hash mode—Calculates hashes for a list of memory regions and stores the digests in memory (ICM Hash Area)
  • Active Monitoring mode—Continuously hashes memory regions and compares the result to a stored digest; if a mismatch is detected, an interrupt is raised
• Hash algorithms
  • Supports SHA1, SHA224 and SHA256
  • Compliant with FIPS Publication 180-2
• Configurable processing period
• Programmable bus burden