2.5 Secure Provisioning

Secure provisioning is a critical step in establishing trust and authenticity in embedded systems. For SAM9X60 MPUs, the SAM-BA® In-System Programming and Provisioning (ISPP) tool provides a robust foundation for provisioning firmware and cryptographic material into the device's internal OTP memory and external non-volatile memories.

To support security-critical applications, Microchip offers an extended tool: Secure SAM-BA Cipher. The tool provides support to generate keying material to be provisioned on the device and to generate the encrypted and authenticated bootstrap image using the same keying material.

By using this tool, along with hardware Root of Trust features like the immutable ROM code secure boot flow, One-Time Programmable (OTP) memory and the Secure Configuration Packet lock mechanism, developers can securely initialize their systems, protect intellectual property, and ensure only authenticated code is executed.