The ATECC608A-TFLXTLS has been defined to specifically address the IoT market. Through a single set of certificates, the device has been set to directly support the Google IoT Cloud™, Amazon Web Services (AWS®) and the Microsoft® Azure Cloud. Support for other IoT networks can be provided through use of custom certificates uploaded into Slot 8. A brief description of some of the use cases that this device addresses is provided below. These use cases can be implemented separately or in combination with each other. In order to prototype and implement these use cases, Microchip provides both hardware and software tools.
The ATECC608A-TFLXTLS allows the creation of secure TLS connections using a variety of protocols. The device is capable of establishing secure connections to the Google Cloud, to AWS and other cloud providers. Through the various modes of the Key Derivation Function (KDF), appropriate keys can be generated to support TLS1.2, TLS1.3 and earlier secure connection internet protocols.
Protecting the boot image of a microcontroller or microprocessor is a concern for many vendors. By providing a mechanism to verify that the code being run is authentic and has not been modified, the overall integrity of the system is maintained. The ATECC608A-TFLXTLS has been configured to allow Secure Boot by storing the code digest of the system within a data slot of the device. Upon initial execution of the code, the system can regenerate the digest over the system firmware and compare it with the digest stored in the ATECC608A-TFLXTLS, verifying that the firmware has not been tampered with.
Ensuring the authenticity of system accessories and disposable add-ons is often highly desired by an OEM. Having this ability is crucial in preventing low-cost clones of products that can damage an OEM’s reputation for quality, image in the marketplace and overall profit margins. The ATECC608A-TFLXTLS provides the ability to authenticate these types of products by providing a chain-of-trust from device to Root Certificate Authority.
Protecting Intellectual Property (IP) can be crucial to maintaining a company’s competitive edge. IP protection describes the way of protecting the firmware or hardware developed by the customer from being copied. Firmware IP protection can be done with just a software-based approach, but the key information inside the firmware still remains quite vulnerable to attacks.
The ATECC608A-TFLXTLS device offers hardware-based secure key storage to ensure that a product with the firmware runs. The devices can perform both the Symmetric authentication and Asymmetric authentication where the keys are securely stored in the secure element thereby reducing the hacker’s ability to extract and modify the keys.
Sometimes there is a need to store a small amount of additional information for a given system. The ATECC608A-TFLXTLS can be used for this purpose by utilizing those data slots where data can be readily read and written. This eliminates the need to add an additional EEPROM memory device to just store data.