6.3.4 Hardware Security

PIC32CM MCUs offer a wide range of hardware security peripherals and features, such as:

• Peripheral Access Controller (PAC)
  • Controls write access to peripheral registers to protect critical system resources
• Memory Protection Unit (MPU)
  • Defines memory regions with access permissions
• Device Service Unit (DSU)
  • Provides device identification and in-system programming support
  • Supports firmware updates and device authentication
• Lock bits and security fuses
  • Disable debug/programming interfaces or lock memory regions, preventing unauthorized access to code and data

Other PIC32CM device families with Arm Cortex-M23 offer additional security features, either as stand-alone peripheral/features or integrated into a Hardware Security Module Lite (HSM Lite) peripheral:

• Arm® TrustZone® support
  • Enables trusted execution environments, IP protection, and secure partitioning of resources
• TrustRAM (TRAM)
  • Controls volatile secret data
• Cryptographic Accelerators (AES, SHA, GCM, etc.)
  • Enable secure data encryption and authentication
• True Random Number Generator (TRNG)
  • Generates high-quality random numbers for cryptographically secure keys
• Secure boot
  • Verifies firmware integrity and authenticity before execution
• Tamper detection (Anti-Tamper)
  • Detects physical tampering attempts and triggers protective actions for sensitive data
• Device Identity Composition Engine (DICE)
  • Derives cryptographically strong device identities and keys
• Physical Unclonable Function (PUF)
  • Generates unique and unclonable fingerprints

Refer to each PIC32CM device family data sheet for more information on the supported security features.