Purpose of This Guide

This guide provides a step-by-step, end-to-end walkthrough of the Secure Exchange Process used to create verification units for TrustFLEX and TrustCUSTOM secure ICs. The process ensures the secure transfer of customer-defined device configuration and cryptographic key material to Microchip for controlled provisioning and manufacturing. The instructions in this guide are based on Microchip’s official Secure Exchange Process tutorial and are applicable across supported secure IC devices.

When to Use the Secure Exchange Process

Use the Secure Exchange Process after prototyping is complete and you are ready to:
  • Lock down device configuration
  • Inject real customer cryptographic key secrets
  • Order verification units prior to production
The verification unit phase enables validation of the final configuration before authorizing full production.

Prerequisites

Before starting the Secure Exchange Process, ensure you have:
  • A myMicrochip account
  • Trust Platform Design Suite (TPDS) installed
  • Completed prototyping using dummy keys only
  • Finalized use cases and device configuration

High-Level Workflow Overview

  1. Define final security use cases and configuration
  2. Complete the Secure Exchange Questionnaire
  3. Submit the questionnaire to Microchip via myMicrochip support case
  4. Receive customer-specific RSA public key (and optional CSR)
  5. Generate encrypted provisioning package using TPDS
  6. Submit the encrypted provisioning package to Microchip
  7. Order verification units via MicrochipDIRECT
  8. Test verification units
  9. Approve the configuration for production
Each step is described in detail in the sections that follow.
Figure . Secure Exchange Process Path to Production