Microchip Technology has added the ECC608 TrustMANAGER with Kudelski IoT keySTREAM, Software as a Service (SaaS) to its Trust Platform portfolio of devices, services and tools. With security credentials managed and updated in the field via keySTREAM?instead of being limited to a static certificate chain implemented during manufacturing?the ECC608 TrustMANAGER allows custom cryptographic credentials to be accurately provisioned at the end point without requiring supply chain customization and can be managed by the end user. keySTREAM offers a device-to-cloud solution for securing key assets end-to-end in an IoT ecosystem throughout a product?s lifecycle.

The ECC608 TrustMANAGER relies on a secure authentication IC that is designed to store and protect cryptographic keys and certificates, which are then managed by the keySTREAM SaaS. The combined silicon component and key management SaaS allow the user to set up a self-serve root Certificate Authority (root CA), and the associated public key infrastructure (PKI) secured by Kudelski IoT, to create and manage a dynamic certificate chain and provision devices in the field the first time they are connected. Once claimed in the SaaS account, the devices are automatically activated in the user?s keySTREAM service via in-field provisioning.

This type of dynamic in-field provisioning and device management meets IoT security standards and will be useful in device certificate updates needed to stay in compliance with evolving security requirements. The keySTREAM SaaS allows for ongoing updates of keys designed to prevent and protect against evolving threats and security requirements. In-field provisioning also removes the need for customization for more efficient manufacturing.

The ECC608 is the first security IC in Microchip?s TrustMANAGER series. To get started, download the Trust Platform Design Suite and test the keySTREAM use case under the ECC608 TrustMANAGER. Pricing and Availability: The ECC608 TrustMANAGER is available starting at $0.75 each in 10,000-unit quantities.

An activation fee is applied only after the device has been connected for the first time.