Settings
Fast Delivery
Free Shipping
Incoterms
Payment Types
Marketplace Product
Embedded security for every engineer
Supporting your journey toward secure, compliant embedded designs.
Security is no longer optional, but getting there doesn't have to mean starting over. Microchip is committed to supporting engineers on their journey toward secure, compliant-embedded designs. We offer a range of MCU families and partner tools to help meet you where you are, whether you're retrofitting an existing design or building a new product from scratch.
For engineers with existing hardware, select supported MCUs, including devices from the SAM D51, SAM E5x, PIC32CM LS60, PIC32CM LS00, PIC32CK SG, PIC32CZCA90 and PIC32CX SG61 series—can be paired with IAR Embedded Trust to enable software-based secure boot and signed firmware updates without redesigning your hardware. Your board stays the same. Your schedule stays intact. And your journey toward regulatory compliance starts with a firmware update.
For new designs that require a higher level of assurance, Microchip provides a range of MCUs—including the PIC32CM SG00—purpose built for security from the ground up. It combines Arm® TrustZone® for ARMv8-M with an on-chip Hardware Security Module Lite (HSM-Lite) ,delivering hardware-enforced Secure and Non-Secure partitioning, Anti-Tamper detection, TrustRAM for tamper-resistant key storage, and cryptographic acceleration for secure boot, TLS, and encryption. The PIC32CM SG00 also supports IAR Embedded Trust for software-based secure boot and signed firmware updates, giving you both the hardware-backed foundation and the software-based security tools to help meet your compliance requirements.
- Your solution
- Develop with your preferred ecosystem
- IAR Embedded Trust
- Getting started
Your secure MCU solutions portfolio
Microchip’s secure MCU portfolio supports your security journey at every stage, from software-based secure boot on existing hardware to hardware-backed root of trust architectures for higher-assurance designs.
All devices below are available on Digi-Key and supported by MPLAB® tools, including MPLAB X IDE and MPLAB Extensions for VS Code. Select devices support IAR Embedded Trust for software-based secure boot and signed firmware updates.
Start here: Software-based secure boot with IAR Embedded Trust
These devices enable secure boot and signed firmware updates using IAR Embedded Trust, without requiring a hardware redesign.
SAM D51 family
Excellent high-performance all-rounder
Example device: SAMD51J19A
Cortex-M4F, 120 MHz,
512 KB Flash, 128 KB SRAM
- Dual-bank Flash with ECC for data integrity
- 8-zone MPU
- Rich peripheral set for industrial and consumer designs
- IAR Embedded Trust support for secure boot + signed and encrypted updates
SAM E5x family
Connectivity and processing powerhouse
Example device: SAME51J20A
Cortex-M4F, 120 MHz, 1 MB Flash, 256
KB SRAM
- Ethernet MAC + CAN-FD
- USB 2.0 + QSPI + 12-bit ADC
- Designed for connected industrial applications IAR embedded trust support for secure boot + signed and encrypted updates
- IAR embedded trust support for secure boot + signed and encrypted updates
PIC32CMLS60Family
Low power with TrustZone, Best-in-class security in a familiar package
Cortex-M23, Arm® TrustZone® for ARMv8-M
- Ultra-low power operation
- Integrated secure element (ATECC608-TrustFlex CryptoAuthentication™ chip)
- Cryptographic accelerator supporting multiple algorithms
- Capacitive touch support
- IAR Embedded Trust support for secure boot + signed and encrypted updates
PIC32CM LS00 family
Accessible cost-optimized secure designs
Cortex-M23 Arm® TrustZone®
- Ultra-low power
- Secure boot support
- Cryptographic accelerator supporting multiple algorithms
- Secure communication channels using secure pin multiplexing
- Capacitive touch integration
- IAR Embedded Trust support for secure boot + signed and encrypted updates
Hardware Root of Trust: Higher-Assurance Architectures
For applications requiring hardware-enforced key isolation and immutable root of trust, Microchip offers MCUs with integrated HSM or HSM-Lite architectures.
These devices support hardware-backed secure boot, protected key storage and advanced tamper resistance, and also support IAR Embedded Trust for signed firmware updates.
PIC32CM SG00 family
Designed and built for essential security
Example device: PIC32CM5112SG00
Cortex-M23, 72 MHz, 512 KB Flash, 32 KB SRAM
- Hardware Security Module Lite (HSM-Lite)
- Arm TrustZone secure / non-secure partitioning
- TrustRAM for tamper-resistant key storage
- TRNG + crypto acceleration
- Anti-tamper detection
- CAN-FD + USB FS
- IAR Embedded Trust support for secure boot + signed and encrypted updates
PIC32CZ CA90 family
Secure high-performance for automotives and industry
Cortex-M7 up to 300 MHz
- Designed for smart energy, metering and industrial control
- Advanced cryptographic acceleration
- Secure boot and secure debug capabilities
- Hardware-enforced isolation
- IAR Embedded Trust support for secure boot with signed and encrypted firmware updates
SAM L11 family ultra-low power with TrustZone
Chip-level security on ultra-low power
Cortex-M23 with Arm TrustZone
- Secure and Non-Secure partitioning
- Built-in cryptographic accelerator
- Secure communication channels through Secure pin multiplexing
- Integrated secure key storage
- Ultra-low power designs
MPLAB® Tools for VS Code brings the full Microchip toolchain inside Visual Studio Code, supporting the PIC32CM SG00, SAM D51, SAM E51, PIC32CMLS60, PIC32CMLS00, PIC32CZCA90, and PIC32CX SG61. Whether you're building a new hardware-backed security design on the SG00 or adding software-based security via IAR Embedded Trust to an existing design, MPLAB Tools for VS Code has you covered. Lightweight installs, modern editing, and the same debugging power you rely on.
|
Lightweight & fast LSP-based code intelligence, real-time error checking, go-to-definition, and smart autocomplete. No heavy IDE overhead. |
Full debug support PICkit™ 5, ICD 5, SNAP, and CMSIS-DAP integrated into the native VS Code debug toolbar. |
|
MPLAB AI coding assistant A free, Microchip-trained build of the Continue extension. Fewer hallucinations than generic AI tools, in-editor datasheet access, autocomplete, and code generation. |
Import in 5 clicks Already have an MPLAB X project? Import into VS Code using the MPLAB Project Importer Extension, no manual migration needed. |
|
MPLAB code configurator Graphical peripheral config and Harmony v3 support, set up TrustZone and peripherals without low-level register code. |
Cross-platform Windows, macOS, and Linux; the same free toolchain on every workstation. No per-seat licensing complexity. |
IAR Embedded Trust — The bridge to software-based security
Microchip has partnered with IAR to provide engineers a practical, proven path toward regulatory compliance, without a board respin. IAR Embedded Trust delivers integrated secure boot and firmware signing workflows that work with supported devices in the SAM D51, SAM E5x, PIC32CM LS60, PIC32CM LS00, PIC32CZ CA90, PIC32CX SG61 and PIC32CM SG00 series.
This is your starting point on the security journey. Your existing investment is protected, and your path toward a more secure, compliant design can begin with a software update.
For devices that also integrate hardware security features, such as HSM or HSM-Lite with TrustZone® support, IAR Embedded Trust complements the on-chip capabilities by providing standardized firmware signing and update workflows alongside the hardware root of trust.
IAR understands your supply chain and provides end-to-end security solutions. By bringing completed development into a secure product package, IAR Secure Deploy enables secure provisioning, device lockdown, and unique device identity management to protect your product and support a secure lifecycle aligned with CRA requirements.
We partner with leading IC programming and manufacturing service providers, including Data I/O, EPS Global, Hi-Lo Systems, System General and Celestica, to build a secure end-to-end supply chain ecosystem that maximizes embedded security from development through mass production.
See how IAR Embedded Trust supports CRA readiness
WHY ENGINEERS CHOOSE IAR EMBEDDED TRUST
- No hardware changes, use the board you already have
- Software-based secure boot and signed firmware updates
- Secure Boot Manager (SBM) with immutable boot verification and cryptographic validation
- Authenticated updates with anti-rollback protection
- Active IP protection against cloning and firmware theft
- Supported path toward CRA and emerging regulatory requirements
- Aligned with ETSI EN 303 645, IoT Cybersecurity Improvement Act, PSTI Act, and EU Cyber Resilience Act requirements
- Clear audit documentation to support compliance discussions
- Faster time to security than a full hardware redesign
- SESIP Level 1 certified Secure Boot Manager (SBM) for additional assurance and transparency
WHEN TO CHOOSE MCUs WITH HARDWARE ROOT OF TRUST
- Your design requires hardware-backed assurance beyond software-only protection
- Cryptographic keys must be isolated in a secure hardware boundary
- Increased resistance to physical tampering or advanced attack vectors is required
- You are starting a new design and want security architected in from day one
- You need an immutable root of trust enforced in silicon
- You require hardware-enforced key storage combined with secure provisioning at scale
Explore how IAR Embedded Trust secures your embedded application
MICROCHIP + IAR PARTNERSHIP
Together, Microchip and IAR provide a supported, documented path toward a secure product lifecycle via immutable secure boot and security updates with signed, encrypted firmware across supported Microchip MCU platforms, from software-based implementations tied to hardware-backed root-of-trust architectures.
Security is integrated across development and production: from Secure Boot Manager (SBM) and authenticated firmware updates to secure provisioning with IAR Secure Deploy.
Full integration guides, example projects and certification documentation are available to accelerate deployment.
Understanding the Cyber Resilience Act
Requirements of the CRA and how Microchip security solutions can help support them.
Secure solutions for CRA compliance: Microchip's home page for all things CRA-related: regulations, products, and resources
Microchip's home page for all things CRA-related: regulations, products, and resources.
Safety & security courses
Full library of security-focused courses at Microchip University: Cryptography Primer, Authentication, and more.
Introduction to cryptography
ECC256, SHA256, AES128, HMAC, CMAC, RSA; key concepts for secure embedded design.
Cyber regulations & business risk
Legislative landscape, cyber product design requirements, and threat modeling for embedded engineers.
The foundations of Embedded Security
Master the strategies to protect your systems against evolving cyber threats.
The straight way to secure device software applications
Learn how to secure embedded devices by integrating secure boot, Root of Trust, and secure coding practices.
Briggs & Stratton - The electrification challenge
A global leader in engine production and power solutions faced the challenge of evolving electrification while maintaining its legacy of engineering excellence.
DevSecOps to device: Seamless code signing & secure provisioning with IAR and Keyfactor
Learn how IAR Embedded Trust, IAR Secure Deploy, and Keyfactor’s code signing and PKI create a seamless, end-to-end workflow that bridges development and the factory floor.
Slovenia