4 Secure Element Provision Prototyping

Kit Protocol within Melody Crypto Authentication Library

With Kit Protocol enabled within the Crypto Authentication Library, the device can communicate with Trust Platform Design Suite (TPDS) to provision a Secure Element configured within MCC Melody.

Trust Platform Design Suite (TPDS) Installation

• Go to TPDS.
• Select Download TPDSv2 for your operating system.
• Follow the steps on the installer and installation guide.
• After installation complete the following steps:
  • Ensure TPDS is version 2.3.9 or higher
  • For dsPIC33 devices:
    • Open the Trust Platform Design Suite application.
      • Select the "Utilities" tab.
      • Select "Package Manager".
      • Find the extension named "tpds-extension-dspic33-support" and select the check box to install the content.
      • Select the "Install Selected Packages" button at the top.
      • Restart the application.
      • The version 1.0.1 or higher is now installed.
• Some Secure Elements require a request from the Secure Document Exchange (SDE) on myMicrochip
  • Accessing Secure Documents
  • An access request will need to be made for secure documents
    • Some documents/content require an NDA and this will be completed in tandem with the access request.
  • After receiving an email confirming access to the requested SDE document, install any MCC content and/or TPDS extension that may be required for provisioning Secure Element. Most secure documents come with a readme and/or installation guide.
  • Here is an example of content required for the dsPIC33 with the TA100:
    • MCC Melody Trust Anchor Library is required for TA100 Secure Element Support.
      • How to request access:
        • Under the Request Access section of myMicrochip, search and request access for the product "TA-Lib-MCC".
      • Additional steps to install can be found here.
    • TPDS requires a TA100 extension to be installed.
      • How to request access
        • Under the Request Access section of myMicrochip, search and request access for product "TA100-TCSM TPDS configurator".
        • To install the extension simply open the Trust Platform Design Suite application
          • Select the "Utilities" tab.
          • Select "Package Manager".
          • Click on "Install TPDS Extension" button.
          • Select the file(s) given on myMicrochip.

Workflow for Kit Protocol with TPDS

1. Add the Crypto Authentication Library to a new Melody project.
2. Select Crypto Authentication Library within the Project Resources section to open the module's Easy View.
3. Configure the module for the Secure element being used.
4. Within the Easy View, enable Kit Protocol in the "Secure Element Provision Prototyping Settings" section by selecting the toggle button.
   1. This will now import and auto configure a UART driver labeled "KitUART"
5. Within the Pin Grid View select the pins for Kit Protocol's UART RX and TX as well as the SPI/I2C pins for the Secure Element (Refer to the device documentation and board schematics for pin selections)
6. Select the generate button within the Project Resources.
7. Program the device.
8. Now connect the serial port of the board to the PC. (The serial connection varies on each board, refer to the boards schematics for serial port uses.)
9. Now open the Trust Platform Design Suite
10. Under the Configurators tab there are multiple Provisioning Configurators available for use.
11. Select the Configurator for your Secure Element.
12. Select the configuration settings for the Secure Element being provisioned.
13. Click on "Generate Provisioning Package".
14. Click on "Provision Prototype Samples". This may prompt to select the provision package and other essential items.
15. A success dialog will appear and the Secure Element is now provisioned with the configurations selected.