12.7 ATECC608B CryptoAuthentication Device (PIC32CM LS60 only)

The PIC32CM LS60 embeds a pre-provisioned variant of the ATECC608B, called ATECC608B-TFLXTLS.

The ATECC608B-TFLXTLS configuration of the PIC32CM LS60 family is identical to that of the TrustFLEX ATECC608B-TFLXTLS secure element, with the exception of a few device configurations, documented in this chapter, which are unique to the PIC32CM LS60.

Note: Refer to the ATECC608B-TFLXTLS CryptoAuthentication™ Data Sheet (DS40002138) for additional information.

Interconnect and Configuration

The ATECC608B is connected to the PIC32CM LS60 Microcontroller using a dedicated SERCOM I2C Host peripheral: SERCOM1.

The SERCOM1 signals are not available for the PIC32CM LS60 family as they are reserved for the ATECC608B interconnection. Therefore, no specific configuration is required on the I/O Pin Controller (PORT) peripheral to enable the SERCOM1 functionality for the ATECC608B.

Apart from the PORT configuration which is not required, the SERCOM1 I²C Host peripheral still needs to be configured like any SERCOM peripherals. Refer to the Chapter “I2C Interface” from the ATECC608B-TFLXTLS CryptoAuthentication™ Data Sheet for additional information.

Important: The I2C address of the secure element is 0xC0.

The ATECC608B SDA/SCL pull-ups are only enabled when the SERCOM1 is configured and enabled in I²C Host mode.

CAUTION: The SERCOM1 must be enabled immediately to remove the extra current consumption which may happen due to the SDA and SCK pins left floating.

Configuration Zone

The following section supersedes the “Device Configuration Information” section of the Chapter “ATECC608B-TFLXTLS Configuration Zone” from the ATECC608B-TFLXTLS CryptoAuthentication™ Data Sheet.

Device Configuration Information

  • The serial number for each device is unique and stored in bytes [0:3, 8:12].
  • The default 7-bit I2C address is 0x60. The I2C address cannot be overwritten using the UpdateExtra command.
  • The I/O levels are set to a fixed reference level. Therefore, the Host processor can operate at a lower voltage than the ATECC608B device.
  • The watchdog timer is set to a maximum timeout of 1.3s.
  • The use of an I/O Protection key is enabled with the key stored in Slot 6.
  • For the ATECC608B, the following individual slots may be uniquely configured to be slot lockable or not: slots 2-6, 8, 10-12, 13 and 15.
  • Stored Secure Boot (FullDig) mode of operation is enabled for the ATECC608B.
  • Random Nonce is required: Digest for the SecureBoot command is encrypted and the nonce used for the digest encryption uses the ATECC608B random number generator.
  • Monotonic counters are available for use by the system and are not attached to any keys.
  • The Health Test Failure bit is cleared after any time that a command fails as a result of a health test failure. If the failure symptom was transient, the command may pass when run a second time.

Secure Boot

The PIC32CM LS60 Boot ROM provides support for secure boot using the ATECC608B. The general approach is that the Boot ROM will use the ATECC608B to assist in authenticating and checking the integrity of an application code (usually a boot loader) that is to be subsequently executed. Refer to PIC32CM LS00/LS60 Boot ROM for additional information.