JAN/FEB 2018

A MICROCHIP TECHNOLOGY INC. PUBLICATION

6 Just in
Time
10
Accelerate Your
Touch Design
18 On the Cutting
Edge of
Learning
 JAN/FEB 2018
A MICROCHIP TECHNOLOGY INC. PUBLICATION

COVER STORY EVENTS

contents
4 Heightened Security 9 Get Ready for Las Vegas!
Protect IP and Deploy Secure Connected Systems with
New ATECC608A CryptoAuthentication™ Device
DESIGN CORNER
NEW PRODUCTS 10 Accelerate Your Touch Design
6 Just In Time
New 8-bit PIC18 K83 Family Improves Response Time 12 Securing the Edge
to Critical System Events on CAN Network
15 Debugging on the IoT
7 Simple Connection 18 On the Cutting Edge of Learning
Latest Single-Wire Serial EEPROM Enables Remote
Identification and Authentication

MAKER SPACE
20 Get Launched Hits the Road

The Microchip name and logo, the Microchip logo, AnyRate, AVR, AVR logo, AVR Freaks, BeaconThings, BitCloud, CryptoMemory, CryptoRF, dsPIC, FlashFlex, flexPWR, Heldo, JukeBlox, KEELOQ, KEELOQ logo, Kleer,
LANCheck, LINK MD, maXStylus, maXTouch, MediaLB, megaAVR, MOST, MOST logo, MPLAB, OptoLyzer, PIC, picoPower, PICSTART, PIC32 logo, Prochip Designer, QTouch, RightTouch, SAM-BA, SpyNIC, SST, SST Logo,
SuperFlash, tinyAVR, UNI/O, and XMEGA are registered trademarks of Microchip Technology Incorporated in the U.S.A. and other countries. ClockWorks, The Embedded Control Solutions Company, EtherSynch, Hyper
Speed Control, HyperLight Load, IntelliMOS, mTouch, Precision Edge, and Quiet-Wire are registered trademarks of Microchip Technology Incorporated in the U.S.A.
Adjacent Key Suppression, AKS, Analog-for-the-Digital Age, Any Capacitor, AnyIn, AnyOut, BodyCom, chipKIT, chipKIT logo, CodeGuard, CryptoAuthentication, CryptoCompanion, CryptoController, dsPICDEM, dsPICDEM.
net, Dynamic Average Matching, DAM, ECAN, EtherGREEN, In-Circuit Serial Programming, ICSP, Inter-Chip Connectivity, JitterBlocker, KleerNet, KleerNet logo, Mindi, MiWi, motorBench, MPASM, MPF, MPLAB Certified logo,
MPLIB, MPLINK, MultiTRAK, NetDetach, Omniscient Code Generation, PICDEM, PICDEM.net, PICkit, PICtail, PureSilicon, QMatrix, RightTouch logo, REAL ICE, Ripple Blocker, SAM-ICE, Serial Quad I/O, SMART-I.S., SQI,
SuperSwitcher, SuperSwitcher II, Total Endurance, TSHARC, USBCheck, VariSense, ViewSpan, WiperLock, Wireless DNA, and ZENA are trademarks of Microchip Technology Incorporated in the U.S.A. and other countries.
SQTP is a service mark of Microchip Technology Incorporated in the U.S.A. Silicon Storage Technology is a registered trademark of Microchip Technology Inc. in other countries. GestIC and ULPP are registered trademarks of
Microchip Technology Germany II GmbH & Co. & KG, a subsidiary of Microchip Technology Inc., in other countries. The LoRa name and associated logo are registered trademarks of Semtech Corporation or its subsidiaries.
USB Type-C™ is a trademark of USB Implementers Forum. ARM and Cortex are registered trademarks of ARM Ltd. in the EU and other countries. All other trademarks mentioned herein are property of their respective
companies. © 2017, Microchip Technology Incorporated, All Rights Reserved.M

2
 EDITOR’S NOTE

Reflections on 2017

JAN/FEB 2018
s a new year unfolds, it is common to look back over the previous 12 months to A MICROCHIP T ECHNOLOGY INC. P UBLICATION

identify significant milestones and major accomplishments. Here at Microchip,

2017 offered us many occasions to celebrate. We launched the year with a
successful integration of our business systems following the acquisition of Atmel. Our
product portfolios expanded as we introduced a number of new devices throughout
the year. We also launched the Microchip 2.0 initiative, which combines the company’s
product, technology, system and employee strengths to allow us to provide multiple
solutions for the circuit boards that drive our customers’ end applications.

Microchip was also honored by a number of award programs. The company was
named a top place to work in the California Bay Area, New York and Austin, Texas,
and was also listed as one of Arizona’s Most Admired Companies for 2017 by both
AZ Big Media as well as BestCompaniesAZ. It was also included as a finalist in the
GSA Most Respected Public Semiconductor Company Awards.
6 Just in
Time
10
Ready for a
Head Start?
18 On the Cutting
Edge of
Learning

Some other highlights include the AWS-ECC508 security device and MPLAB®
Don’t Miss the Next Issue of
Xpress IDE being selected as finalists in the ECN Impact Awards. The AWS-ECC508
MicroSolutions
was also selected as an honoree in the 2017 CES Innovations awards and was Published six times a year,
named a finalist in the Design News Golden Mousetrap Awards and Embedded MicroSolutions is a valuable resource
Computing Design’s 2017 Most Innovative Products awards program. for product and technology news
about Microchip’s innovative
The most exciting news of all, however, was that Microchip achieved its first quarter solutions. Subscribe today to receive
of over one billion dollars in net sales as reported in the results for the quarter ending email notifications when each new
on September 30, 2017. We are energized by this achievement, thankful to all our issue of MicroSolutions is ready. Use
customers who made it possible, and looking forward to many more opportunities the link below:
to serve you in 2018. We wish you much success with your designs in the New Year! CLICK TO SUBSCRIBE
As always, we would be happy to get your feedback on MicroSolutions. Feel free to
email us at MSFeedback@microchip.com.

Find Us on These Social Channels

Microchip Technology Inc.

2355 W. Chandler Blvd. | Chandler, AZ 85224 | www.microchip.com

3
 COVER STORY

HEIGHTENED
SECURITY
Protect IP and Deploy Secure Connected
Systems with New ATECC608A
CryptoAuthentication™ Device

Take Advantage of Microchip’s New

Security Design Partner Program to Ease
the Development of Secure Designs

F
rom remote cyberattacks to the creation of
counterfeit products, widespread security
threats are affecting industries around the
globe. When carried out, these threats can lead
to substantial losses in service revenue, escalating
recovery costs and, perhaps most significantly,
irreparable damage to brand equity. Now more
than ever, it is critical to implement robust security
into new and existing designs to protect Intellectual
Property (IP) and enable trusted authentication of
connected devices.

(continued on page 5)

4

The ATECC608A allows you to add hardware-based security to
your designs.
To meet this growing challenge to today’s connected
applications—especially for those spanning from hard-
ware to the cloud—Microchip has created the ATECC608A
CryptoAuthentication device, a secure element that allows you
to add hardware-based security to your designs. We have also
established a Security Design Partner Program to connect you
with third-party partners that can enhance and expedite the
development of secure designs.
The foundation of secured communication is the ability to create,
protect and authenticate a device’s unique and trusted identity.
By keeping a device’s private keys isolated from the system in
a secured area, coupled with its industry-leading cryptography
practices, the ATECC608A provides a high level of security that
can be used in nearly any type of design. The primary features
of the ATECC608A include:
Best-in-class key generation: The Federal Information Processing
Standard (FIPS)-compliant Random Number Generator (RNG)
generates unique keys that comply with the latest requirements
from the National Institute of Standards and Technology (NIST),
providing an easier path to a whole-system FIPS certification.
Boot validation capabilities for small systems: New commands
facilitate the signature validation and digest computation of the
host microcontroller (MCU) firmware for systems with small
MCUs, such as an ARM® Cortex®-M0+ based device, as well as
for more robust embedded systems.
Trusted authentication for LoRa® nodes: The AES-128 engine
also makes security deployments for LoRa infrastructures possi-
ble by enabling authentication of trusted nodes within a network.
Fast cryptography processing: The hardware-based integrated
Elliptical Curve Cryptography (ECC) algorithms create smaller
keys and establish a certificate-based root of trust more quickly
and securely than other implementation approaches that rely on
legacy methods.
Tamper-resistant protections: Anti-tampering techniques
protect keys from physical attacks and attempted intrusions
COVER STORY
after deployment. These techniques allow the system to
preserve a secured and trusted identity.
Trusted in-manufacturing provisioning: Companies can use
Microchip’s secured manufacturing facilities to safely provi-
sion their keys and certificates, eliminating the risk of exposure
during manufacturing.
Experienced and Capable
Security Partners
When you select one of our hardware security solutions, you
also have access to our Security Partners within our Design
Partner Program. These industry-leading companies, includ-
ing Amazon Web Services (AWS) and Google Cloud Platform,
provide complementary cloud-driven security models and
infrastructure. Other partners are well versed in implementing
Microchip’s security devices and libraries. Whether you are
looking to secure an Internet of Things (IoT) application or add
authentication capabilities for consumables, such as cartridges
or accessories, the expertise of our Security Design Partners can
reduce both your development cost and your time to market.
“The work done on the ATECC608A chip through our
collaboration with Microchip enables Google IoT customers
to get a new offering that provides high levels of security with
a seamless onboarding experience,” said Antony Passemard,
Product Management Lead for Google Cloud IoT.
Development Tools
To assist you with the rapid prototyping of your secure solution,
the new CryptoAuth Xplained Pro Evaluation and Devel-
opment Kit (ATCryptoAuth-XPRO-B) is an add-on board that
is compatible with any Microchip Xplained or Xplained Pro
evaluation board.
If you are looking for a way to heighten the security in your next
design, the ATECC608A can be ordered from microchipDIRECT
or from Microchip’s worldwide distribution network.
Want More Information?
Visit the website at:
www.microchip.com/CryptoAuthentication
5
Just In Time
New 8-bit PIC18 K83 Family Improves
Response Time to Critical System Events
on CAN Network
Core Independent Peripherals Make CAN-Based
Designs Simpler and More Cost Effective
I
f you are developing an application that includes a Controller
Area Network (CAN) system, you know that software devel-
opment can slow you down. You can now change the way
you design with CAN using our new PIC18 K83 family of micro-
controllers (MCUs). These two new devices combine a CAN
bus with an extensive array of Core Independent Peripherals
(CIPs). You can use these CIPs to increase your system’s capa-
bilities and simplify the creation of your CAN-based applications
while avoiding the complexity of added software.
A key advantage of using a PIC18 K83 MCU in your CAN-based
system is that the CIPs provide deterministic response to real-
time events, shorten design time and can be easily configured
through MPLAB® Code Configurator (MCC), a free software
plug-in for MPLAB X Integrated Development Environment
(IDE) and the cloud-based MPLAB Xpress IDE. It is signifi-
cantly easier to configure a hardware-based peripheral to
accomplish a task instead of writing and validating an entire
software routine. The ability to use MCC to configure one of
The PIC18 K83 devices contain 15 time-saving CIPs, including
CRC, DMA, WWDT, ADC2 and CWG.
New Products
these MCUs with just a few clicks will save considerable time
in developing CAN-based applications for the medical, industri-
al and automotive markets, such as motorized surgical tables,
asset tracking, ultrasound machines, automated conveyors and
automotive accessories.
The PIC18 K83 devices contain 15 time-saving CIPs. These
include Cyclic Redundancy Check (CRC) with memory
scan for ensuring the integrity of nonvolatile memory; Direct
Memory Access (DMA) for enabling data transfers between
memory and peripherals without CPU involvement; Windowed
Watchdog Timer (WWDT) for triggering system resets; 12-bit
Analog-to-Digital Converter with Computation (ADC2) for auto-
mating analog signal analysis for real-time system response;
and Complementary Waveform Generator (CWG) for enabling
high-efficiency synchronous switching for motor control.
Development Support
The PIC18 K83 family of MCUs is supported by the Curiosity
High Pin Count (HPC) Development Board (DM164136).
The PIC18F25K83 comes with 32 KB of Flash memory and the
PIC18F26K83 offers 64 KB of Flash memory Both devices are
available in 28-pin SPDIP, SOIC, SSOP, UQFN and QFN pack-
ages. They can be ordered today from microchipDIRECT or
from Microchip’s worldwide distribution network.
Want More Information?
Visit the website at:
www.microchip.com/K83
6
Simple
New Products

Connection
Latest Single-Wire Serial EEPROM Enables
Remote Identification and Authentication

AT21CS11 Offers Extended Voltage Range to

Accommodate Lithium-Ion Battery Applications

B
ecause of their unique combination of capabilities, serial
Electrically Erasable Programmable Read-Only Memory
(EEPROM) devices are used to add critical memory storage
to a wide range of advanced electronic systems and applications.
Their features include byte-write alterability, nonvolatile data
space for electronic components is limited. With its operational
voltage range of 2.7V to 4.5V, it is also well suited for use in
lithium-ion battery-powered devices such as disposable
medical devices and e-cigarettes.

The AT21CS11 is
storage, one million cycles of write endurance, very low power
supply voltage operation, 100-year data retention, extremely low

well-suited for use in

active and standby currents and low cost. Microchip’s AT21CS
family of single-wire, two-pin serial EEPROMs are tiny—but

mighty—devices that incorporate an innovative memory archi-
tecture, best-in-class power consumption and value-added
features for use in applications such as consumables, cables,
batteries, wearables and Internet of Things applications.
As the second member of this family of single-wire serial
EEPROMs, the AT21CS11 is ideal for identifying and authenti-
cating remote items, such as printer cartridges or cables, where
lithium-ion battery-
powered applications.
Each AT21CS11 contains both a preprogrammed unique
serial number and five EEPROM memory sections. Any or all
of the memory sections can be permanently locked by the
end-equipment manufacturer to allow tracking of products and
identifying attachments to assist with counterfeit prevention. If
you need to warranty your product or prevent counterfeits and
ensure proper continued operation of your goods through autho-
rized replacements, this serial EEPROM is an excellent option.

The AT21CS11 connects to a system through a Single Input/

The AT21CS11 connects to a system through a Single Input/
Output wire that enables both communication and a supply of
power to the device.
Output (SI/O) wire that enables both communication and a
supply of power to the device. The need for only one wire and a
ground allows makers of Fiber to the Home (FTTH) cable ends
to add critical cable characteristic parameters to different cable
types. The SI/O wire also allows you to use a simple two-point
mechanical snap-in or twist-on connector for disposable devices

(continued on page 8)

7
where larger three-, five- or eight-wire solutions are impractical.
This single-wire option allows you to add EEPROM intelligence New Products
to remote devices over the simplest connection possible.

When the EEPROM is located in a detachable cable or cartridge,
manufacturers can create attachments that can be easily identi-
fied or authenticated. The device has 1 Kbit of EEPROM memory
(four sectors of 256 bits each), a unique, factory-programmed
64-bit serial number and 128 bits for extra user-programmable
tracking memory. The extra memory allows you to add unique
identification and operating parameters, such as consumption
and usage information, in locations that can be remote from the
main electronics.
The AT21CS11 is available in a variety of space-saving package
options and can be ordered today from microchipDIRECT or
from Microchip’s worldwide distribution network. An
easy-to-use and interactive kit, the AT21CS01/AT21CS11
Single-Wire Evaluation Kit (DM160232), will also be available
soon to help you get started with using this new serial EEPROM
in your next project.
Want More Information?
Visit the website at:
www.microchip.com/AT21CS11

8
 Get Ready for EVENTS

Las Vegas!
Meet with Microchip Experts and Learn
About Our Latest Innovations at CES® 2018

M
icrochip invites you to join us at CES 2018 to see our latest product and technology demonstrations and meet with our
product experts to discuss your design challenges. You will find us in Booth MP26070 at the Las Vegas Convention Center
South Hall 2, where we will feature the following technology zones:

Security
Find out how we make “difficult” easy with our advanced solutions for implementing hardware-based security in cloud-connected
embedded systems. See demonstrations of how our CryptoAuthentication™ devices combine with solutions from AWS IoT, Google
IoT Core, Microsoft® Azure and Afero to protect and isolate private keys, support secure boot and protect IP.

Automotive Solutions Power and Connectivity Solutions

We will be showcasing a broad spectrum of solutions for
applications such as ADAS, cybersecurity, HMI, connected car,
infotainment and networking. Products areas will include USB
connectivity and charging, automotive touch (buttons, sliders,
touch screens and gesturing), MOST® technology, Ethernet,
security ICs and LED lighting.
Touch and Gesture
We will show you how to simplify and speed up your
development of attractive and intuitive user interfaces using
touch and gesture control. Our solutions include water-tolerant
touch and the latest technologies for implementing touch
screens, 3D gestures and force sensing with haptic feedback in
automotive applications.
Discover our latest innovations in the area of power and
connectivity solutions, including USB Type-C™ and USB Power
Delivery, robust Ethernet connectivity, and wireless charging
including support for the 15 Qi standard and a proprietary 200W
reference design. We will also demonstrate the technology needed
to drive an induction cooktop, and our Energy Estimation Engine
demonstrations will display the power/energy consumption of
Windows® 10 software programs and Linux® operating systems.
Health and Fitness
We can show you how to cost-effectively utilize our technologies
so that you have the flexibility to design the health and fitness
solutions necessary for the digital health revolution. Stop by to
see demonstrations of connected solutions for wearable remote
patient monitoring, drug delivery and fitness.

It’s easy to schedule an appointment for a product demonstration at our booth using our online CES reservation system. We also invite
you to be our guest at CES by registering for a complimentary attendee pass. We look forward to seeing you in Las Vegas!

9
 Design Corner

Accelerate Your Touch Design

Microchip’s Code Configurators Speed the Development of Touch User Interfaces

F
rom your customer’s perspective, the user interface is the
product. In today’s competitive environment, providing
modern, attractive and intuitive user interfaces is essen-
tial for product differentiation. A well-designed, touch-enabled
user interface can be one of the keys to success when it comes
to launching a new product into the market. Incorporating a
capacitive touch interface in your design also eliminates the
need to use mechanical buttons and springs, which simplifies
your layout and reduces costs. In the race to get to market
quickly and cost effectively, you need to get up to speed rapidly
with the latest touch technologies.
Even though developing capacitive touch applications may
sound challenging, it doesn’t have to be hard. When you choose
our PIC®, AVR® or SAM microcontrollers (MCUs), we provide
a complete set of tools and touch libraries that enable touch
sensing in your design. Our “MCUs with touch” are devices
that feature dedicated Core Independent Peripherals (CIPs) to
implement touch applications with minimal intervention from
the CPU. Look for MCUs that include these features:
• A Hardware Capacitive Voltage Divider (HCVD) module
• An Analog-to Digital Converter with Computation (ADC2)
with HCVD module
• A Peripheral Touch Controller (PTC)
These on-chip touch modules can be used to enable the
highest sensitivity, the lowest power consumption, superior
noise immunity and water tolerance in your design.
To help you get a head start with
your development, Microchip offers
two free, graphical programming
environments that support almost
every MCU in our extensive port-
folios. If you select an 8-, 16- or
32-bit PIC MCU, MPLAB® Code
Configurator (MCC) is integrated
into the cloud-based MPLAB Xpress Integrated Development
Environment (IDE) or it is also available as a free plug-in for
MPLAB X IDE. If you are using an AVR or SAM MCU in your
design, then you can use the easily accessible Atmel START.
After a recent upgrade in features, Atmel START now supports
more MCU families including the following devices that feature a
PTC, making them well suited for use in touch-enabled designs:
• All tinyAVR® and megaAVR® MCUs
• SAM D10/D11 MCUs
• SAM D20/D21 MCUs
• SAM DA1 MCUs
• SAM D51/E51/E53/E54
Both code configurators make it easy to select and configure
peripherals and functions specific to your application and gen-
erate production-ready code. You always have access to the
latest libraries. MCC and Atmel START offer capabilities that go
way beyond the basic setup of clocks and GPIO configuration.

(continued on page 11)

10
In addition to their many features, they also support capacitive
touch sensing, making them the best tools to successfully
develop your touch-based projects with minimal effort and in
the shortest amount of time.
It is simple to add buttons, sliders, wheels or proximity detection
to any application. These code configurator tools generate lean
code that is tailored to meet the requirements of your touch
design and to use the MCU’s resources as efficiently as possi-
ble. They also provide easy access to the Microchip mTouch®
Library for PIC MCUs and the QTouch® Library for AVR and
SAM MCUs, which are optimized for touch performance and
code size. In addition to offering slider and wheel decoding
right out of the box, these libraries make it easy to implement
water-tolerant touch for designs that are exposed to rain or
other sources of moisture. They will help you develop low-pow-
er wake-on-touch applications that consume less than 5 µA.
They also offer noise avoidance technologies like frequency
Design Corner
hopping to provide robust touch sensing that surpasses more
than 10V conducted immunity.
Once you have completed your AVR or SAM MCU-based
project configuration within Atmel START, you can continue
finalizing your development using Atmel Studio 7 or IAR as
your IDE of choice. To tune and complete your design, use the
Data Visualizer, a powerful tool that allows you to process and
visualize all relevant touch data. A step-by-step guide, com-
plete user guide, sample projects and more are available from
Microchip’s Developer Help website.
Ready to get started? Visit our Touch and Gesture Design
Center to learn more about how we can help you drive your
next user interface design into the winner’s circle.
11

A Design Imperative for the Era of the Internet of Things
Contributed by Sequitur Labs
M
any large enterprises are focusing their IT investments
on developing, deploying and maintaining cloud
services. Developers are now being trained in the
latest cloud-related technologies and services. As practices
have matured, developers have created new ways of writing
applications to make use of the cloud.
Over the past few years, microservices—functions that operate
independently to complete a single task—have become popular
among cloud developers. One of their key benefits is their ability
to be changed and updated independently from other services
that are running concurrently on the platform. This model fits in
well with the continuous delivery practices adopted by many
cloud developers. Another growing trend is the use of contain-
ers, which enable the delivery of services along with the exact
environment they require for deployment on servers or in virtual
machines (VMs). Docker pioneered the use of containers and
continues to set standards and lead the market in practices
related to their use.
IoT Challenges for Cloud Developers
The Internet of Things, or IoT, has been in the news for both
the dramatic transformation it promises and for the perils and
implementation challenges associated with it. The IoT compris-
es a network of connected devices that includes sensors, inter-
mediate devices known as edge gateways (or simply gateways)
and a slew of cloud services. The cloud ingests and analyzes
Design Corner
Securing the Edge
data generated by IoT devices, allowing new insights from, as
well as control of, remotely deployed assets.
Cloud-connected devices however present a different challenge
than traditional PC platforms have in the past. Developing code
to run on embedded devices requires knowledge of both hard-
ware and software. The resource limitations of many of these
devices further compounds the difficulties. Embedded devices
are often required to run with very limited power budgets, have
CPU cores with limited compute capability and are typically
optimized for specific workloads. This means that developers
must develop and maintain separate code for resource-limited
devices and for the cloud. Given the vast investment companies
are making in cloud technologies, the ability to deploy contain-
ers and microservices to these edge devices holds tremendous
appeal and value.
Addressing the need to bring the power of cloud intelligence to
mobile and IoT devices, Microsoft® has implemented an intel-
ligent edge initiative called Azure IoT Edge. It enables Docker
containers and microservices to be deployed on IoT edge
gateways and other devices. This greatly simplifies the devel-
oper’s task, as code can be created once for the cloud and
then be easily pushed to remote edge gateways. It increases
design agility while reducing the time to market and the costs
associated with maintaining two different code bases. However,
this capability also introduces the essential need for security at
the edge.
(continued on page 13)
12
Securing the Edge
How should a device maker go about securing edge devices Design Corner
such as gateways? Gateways function as access points
between sensors and cloud services. As such, they perform
achieved with a system that combines Azure IoT Edge, the IoT
the vital function of connecting to and aggregating data from
Security Suite by Sequitur Labs and the SAMA5D2 MPU. Click
sensors and transmitting that data to cloud services for analysis
on the video screenshot below to see a demonstration of Docker
and further operations. Gateways may also act as device man-
containers and microservices running on a SAMA5D2 MPU-
agement nodes performing a variety of command and control
based gateway that is connected to a SAM E54 microcontroller-
functions over associated sensors. All these operations must be
based leaf node. The system controls a simple door lock that
performed securely. Sensors associated with the gateway must
opens and shuts upon receiving a command from the gateway.
be authenticated, data received from it must be encrypted and
the gateway must authenticate itself to a cloud service prior to
transmitting any data. Additionally, software applications on the
gateway and the device’s firmware itself must be periodically
updated. These functions, if not properly secured, are vulnerable
to malware or denial of service and man-in-the-middle attacks.

The standard requirements for securing these devices are:

• Secure boot: The device must implement a secure boot

process all the way up from the hardware to the OS.
• Isolation of critical processes: Security-critical processes,
data and functions should be isolated and unreachable
without proper credentials.
• Immutable ID: A unique device ID that cannot be corrupted
is essential in many operations that take place during a
device’s lifecycle.
• Secure storage: This is not limited to data coming out of
sensors. It also includes sensitive material such as keys and
certificates, which should be isolated and stored separately.
Encrypting data is not just good practice. It is essential.
• Secure peripherals: Sometimes peripherals perform security-
critical functions (e.g. biometric readers). These peripherals
should only be configured to run, or be accessible to an
application, in a secure state.
• Secure update: Certificates and keys should be used to
execute firmware and application updates to assure trust-
worthiness throughout the device’s lifecycle.
The right combination of hardware and software is required to
implement these security measures. First, it is critical to choose
the appropriate hardware platform. Device makers typically
select a hardware platform that meets their design’s functional
and power consumption requirements. However, security should
be a primary criterion as well. The SAMA5D2 ARM® Cortex®-A5
based microprocessor (MPU) from Microchip provides several
innovative security features including tamper resistance, secure
RAM, secure fuses, True Random Number Generator (TRNG)
and support for a variety of cryptographic algorithms.
To ensure that implementing security is as seamless as possible,
it is important to make these features easy to use. This can be
This demonstration illustrates:
• Secure container provisioning to a SAMA5D2 MPU-based
gateway
• Edge node attestation
• Container integrity checking and remediation
• Hardware crypto operations
• Certificate and key management in secured key store
The IoT Security Suite is preconfigured to establish the secure
enclave and make use of the SAMA5D2 MPU’s hardware-
based security components. The secure domain implements
Sequitur’s trusted execution environment, CoreTEE™, on the
gateway. CoreTEE provides a programmable, isolated envi-
ronment for executing security-critical functions and storing
sensitive data such as keys and certificates. The solution also
includes Sequitur’s CoreLockr™, a software middleware layer
comprising easy-to-use APIs for developers to access services
and peripherals isolated by CoreTEE.
The demonstration uses the SAMA5D2 MPU’s Integrity Check
Monitor (ICM) to monitor the integrity of the OS hosting the
Docker container by responding to and remediating a mali-
cious code injection into the kernel. In this scenario, the mali-
cious code injection invokes the ICM, causing an interrupt
in the secure enclave that is detected by CoreTEE. CoreTEE
solves the security breach by rolling the kernel back to a known
and trusted image. A second scenario demonstrates how to
use hardware security to authenticate the leaf node using an
(continued on page 14)
13
ARM TrustZone®-based secure enclave on the SAMA5D2 MPU
and the hardware crypto engine on the SAM E54 microcontroller.
Given the magnitude of the risks and challenges, it is clear that
the practice of layering on security used during the PC era will
not be adequate to address the security requirements of the IoT
era. The key to securing the IoT is a combination of a hardware
device with advanced security technologies and trusted soft-
ware that is designed make it easy for developers to implement
Design Corner
these technologies in their new designs. Microchip and Sequitur
Labs are committed to advancing new security solutions for use
in IoT and other embedded devices. For more information, visit
www.microchip.com/SAMA5D2.

Cryptography Code Protection Physical Attacks Protection Secure Key Store

• Hardware acceleration for
3DES/AES
• Software library for RSA,
Elliptic Curves (ACSL)
• High-quality True Random
Number Generator (TRNG)
• Hashing up to SHA512
• Protection against side
channels
• ARM® TrustZone® and MMU • Battery backed-up secure area • Battery backed-up secure
• On-the-fly DDR/QSPI • Tamper pins – dynamic and SRAM with erasure upon
encryption – AES128 static security event
• Scrambling of internal and • Voltage, frequency and • Battery backed-up secure
external memories temperature monitors register for master key
• Integrity check monitor • Die shield • 544 fuses for customer use
• Secure debug modes • JTAG monitoring • ARM TrustZone protected
storage
• Secure bootloader (public • Secure packaging
and private key)

Table 1: SAMA5D2 Hardware Security Capabilities

Save Time in Your Purchasing Process

Deal Directly with the Manufacturer
for All of Your Low- and High-Volume
Production Needs

How We Can Help You:

• Fast and easy access to all of your purchasing needs with our Business Dashboard
• Schedule your orders and drop ship to multiple addresses worldwide
• Add your custom code to a microcontroller or memory device
• Dedicated customer support team, including live chat
• Volume pricing available
• And many more features...
www.microchipDIRECT.com
The Microchip name and logo and the Microchip logo are registered trademarks of Microchip Technology Incorporated in the U.S.A. and other countries.
All other trademarks are the property of their registered owners. © 2017 Microchip Technology Inc. All rights reserved. 11/17
DS00002362C

14
 Design Corner

Debugging
on the IoT

Capture, Visualize and Control Analog and Digital Signals with Portable, Connected
and Open-Source OpenScope MZ
Contributed by Digilent, Inc.

I
n the world of embedded systems, designers are constantly An IoT-Ready Instrumentation Solution
engineering around the unseen. Traditional laboratories The OpenScope MZ was designed to be an oscilloscope, logic
provide the necessary tools to debug designs and charac- analyzer, power supply, waveform generator, Bode plot, FFT
terize signals, but these are often out of reach for use in the plot and a simple data logger. When combined with WaveForms
field: locked to a benchtop, stuck in a lab or just too heavy to Live (WFL), Digilent’s powerful and intuitive browser and mobile
carry around. To meet this need, there has been a surge in the instrumentation software, the OpenScope MZ delivers its
availability of portable oscilloscopes, logic analyzers and other amazing instrumentation capabilities right to your phone, tablet
tools that can be powered by a laptop computer. However, even or computer.
these options have their limitations. Applications like robotics
and field-deployed Internet of Things (IoT) devices require
a different type of solution. For them, bulky benchtop-based
equipment and portable instrumentation tethered to a computer
can’t be the only options.

To meet this challenge, Digilent released the OpenScope MZ, a

portable Wi-Fi® connected instrumentation device featuring a
powerful 32-bit PIC32MZ microcontroller (MCU).

The OpenScope MZ was not only designed to be a wireless

instrumentation solution, but it was also developed to be as
open source as possible. This not only enables designers to
modify the hardware and/or the user interface, it also allows
users to “peek under the hood” as a teaching or learning oppor-
tunity. Nearly every peripheral of the PIC32MZ is used, and you
can examine the source code and driver to learn how to

(continued on page 16)

15
maximize peripheral performance. Visit the Digilent wiki to find
out more about the design of the OpenScope MZ. Design Corner

eight DMAs, nine timers and nine PWMs, the PIC32MZ is ideal
for the OpenScope MZ application.”

An in-depth design review of the OpenScope MZ was offered as

one of the sessions at Microchip’s 2017 MASTERs Conference
in Phoenix, Arizona. A video of this three-hour class is available
for you to view on Digilent’s YouTube channel.

The PIC32MZ combines with the OpenScope’s peripherals,

firmware and software to deliver an impressive list of features:

While the multi-functionality of the OpenScope MZ is impressive, • Connectivity

the firmware is really an engineering feat. The OpenScope MZ • Wi-Fi (802.11g) via Microchip’s MRF24WG0MA module
firmware takes advantage of almost all of the extensive resourc- • USB 2.0 (high speed required)
es available on the PIC32MZ MCU. The MCU’s many peripher- • Oscilloscope
als, serial communications ports and other features enable a • Two channels
number of functions that require virtually no intervention from • 12-bit resolution per channel
the CPU. Some of these functions include: • 6.25 MS/s sample rate
• Flat bandwidth up to 1 MHz at ±0.5 dB
• Oscilloscope implemented with two interleaved dedicated
• 2 MHz of bandwidth at -3 dB
ADCs with DMA
• 1 MΩ of input impedance
• Interleaving/time base controlled by timer peripherals
• ±20V input voltage range
• DMA controller creates a continuous sampling buffer
• Maximum buffer size of 32640 samples per channel
during acquisition
• Dedicated sample and holds for four dedicated ADCs • Arbitrary Waveform Generator
• ADC threshold detection hardware used to implement • Sine, triangle, sawtooth, square and DC outputs
analog trigger level • 10-bit resolution
• 1 Hz to 1 MHz frequency
• Arbitrary waveform generator implemented with DMA
• 3V pk2pk output with ±1.5 V offset
controller and I/Os
• 10 mA output current
• R2R ladder used to implement high-speed DAC via
• 25000 sample buffer size
high-current digital I/Os
• Timers trigger the DMA controller which moves the data • Logic Analyzer and GPIO
stored in a waveform table onto the GPIOs • 10 channels multiplexed between the logic analyzer and
as GPIO
• Logic analyzer implemented with the DMA controller and I/Os
• 3.3V CMOS logic for both the logic analyzer and GPIO
• Timers trigger the DMA controller to move the I/O state
• 7 mA source and 12 mA sink when used as GPIO
into buffer RAM
• Logic analyzer has a sample rate of 10 MS/s
• Power supply output implemented with hardware PWMs and
• Maximum buffer size of 32640 samples per channel for
ADC channels for calibration
the logic analyzer
• Wi-Fi radio provides connectivity; MCU runs TCP/IP stack to
• Power Supply
access it via SPI
• Two channels
• ±4V output voltage
Why a PIC32MZ MCU?
• 50 mA per channel
When asked why the PIC32MZ processor was the chosen
for the OpenScope MZ, Digilent’s Lead Engineer, Keith Vogel, • Other Features
said, “The PIC32MZ has a rich peripheral set to offload ADC • Two external triggers
acquisition, logic analyzer acquisition, function generation and • micro USB connector for power and programming
DC power sources into the hardware, freeing the CPU to service over FTDI
the USB and Wi-Fi network stack, SD™ card and Waveforms • microSD™ slot for external storage
Live communications. With its six high-speed 12-bit ADCs, • Four user LEDs for programming and reset buttons
(continued on page 17)
16
Getting Started
The OpenScope MZ costs just $89 and can be ordered from
microchipDIRECT or directly from Digilent. While you are
waiting for your OpenScope MZ to arrive, you can go to
www.waveformslive.com and test out the user interface in
demo mode.
Once your OpenScope MZ arrives, you can get it up and running
with just a few simple steps:
• Download and install the Digilent Agent
• Head over to www.waveformslive.com and connect your
OpenScope MZ
• Start taking measurements
Design Corner
We recommend that you use our online Getting Started Guide
or check out the Digilent GitHub for more information on the
design of the OpenScope MZ.
The OpenScope MZ is an impressive piece of hardware,
firmware and software that takes full advantage of the capable
PIC32MZ processor. Whether you need portable instrumenta-
tion for a project, want to use it in your own field-deployable IoT
device, or just want to try out something new and innovative,
we think you’ll find that the OpenScope MZ is a great addition
to your workbench.
17
On the Cutting
Edge of Learning
LoRaWAN Academy Offering University-Level Curriculum is Launched by
Leading IoT Solutions Providers
L
oRaWAN™ is an open specification derived from
Semtech’s LoRa® devices and wireless radio frequency
technology (LoRa Technology) that has quickly become
the leading Low-Power Wide-Area Network (LPWAN) technol-
ogy for use in wireless Internet of Things (IoT) networks around
the globe. Companies are implementing LoRa Technology and
the LoRaWAN protocol in their IoT applications to take advan-
tage of a number of significant benefits that include long-range
connectivity, low cost of implementation, global interoperability
and low power consumption for battery-powered devices.
As the IoT continues to boom, a new generation of engineers
will need to be trained on the technologies that will enable the
development of smart solutions to solve some of the world’s
toughest challenges. That’s why several leading IoT technology
companies recently launched the LoRaWAN Academy, an
all-encompassing, hands-on curriculum that enables university
students to learn about the LoRaWAN specification and the
ecosystem that is rapidly developing around it. The LoRaWAN
Academy program provides an online course library, as well as
LoRaWAN network packages and an IoT network infrastructure
for hands-on training and design.
Design Corner
The mission of the LoRaWAN Academy is to:
• Equip universities with out-of-the-box, state-of-the-art
LoRaWAN networks
• Educate the next generation of hardware and software
engineers and computer scientists to imagine, develop and
operate real-world IoT applications
• Advance LoRaWAN standard-based IoT research and
involve top university scholars in real-world problem solving
using cutting-edge technology
Universities can easily implement LoRaWAN Academy
curriculum into existing engineering and computer science
courses, giving students valuable lessons and training for the real
world. Appropriate for beginner to intermediate-level engineer-
ing students, the 10-week program is self-paced and offered on
a rolling basis, with no formal program start dates. Each week’s
curriculum includes 4-8 hours of video lectures, supplemental
reading and materials, as well as problem sets, assignments
and quizzes to benchmark learning. The program culminates
with a hands-on applied research project for students to build
real-world IoT applications.
The sponsoring organizations of the LoRaWAN Academy
include Kerlink, LoRa Alliance™, Microchip Technology,
myDevices, Semtech Corporation and The Things Network.
These companies, with the support of the LoRa Alliance, have
successfully deployed LoRaWAN solutions to enable
(continued on page 19)
18
cutting-edge IoT applications and will collaboratively contribute
to curriculum development, hardware and software, IoT network Design Corner
infrastructure, expert training and ongoing support for the
LoRaWAN Academy.
plans for other regions. Engineering professors or department
chairs who are interested in adding the LoRaWAN Academy
to their existing engineering courses or wireless IoT programs
should visit the Apply Now page on the website to review the
criteria for admission and submit an online application.

Students who participate in the LoRaWAN Academy will have

the opportunity to learn fundamental skills that they can carry
with them into the workforce. They may well be on the forefront
of developing innovative solutions for the IoT and other smart
applications that have yet to be imagined. To learn more about
this exciting program, visit www.LoRaWANacademy.com.

LoRa is a registered trademark or service mark, and LoRaWAN is a

The LoRaWAN Academy is currently supporting universities trademark or service mark, of Semtech Corporation or its affiliates.
located in the USA, Europe and India, but has aggressive roll-out

19
 Maker Space
Get Launched
Hits the Road!

Inspiring Innovation from Midtown Manhattan to the Shore of Lake Michigan

T
his fall, Microchip brought its exciting “Get Launched” free of charge. Attendees could then take this hardware—and
events to New York City and Chicago. This new program the knowledge they had gained—home with them to begin
for aspiring inventors and early-stage start-up companies developing their own projects.
provides them with a number of helpful resources, valuable net-
In October, “Get Launched”
working opportunities and essential information they need to
was held at mHUB Chicago, a
help bring their products from prototype to reality. A distinctive
world-class incubator space that
of the “Get Launched” program is that it leverages Microchip’s
offers a state-of-the-art hardware
cross-industry partnerships to enable attendees to meet with
prototyping floor. This event fea-
local Microchip Design Partners and representatives from
tured several partner companies,
other companies. These companies offer a range of busi-
including Sigfox and Arrow, who
ness resources like product review, design for manufacturing,
were able to meet with makers
low-volume contract manufacturing and even connections to
and entrepreneurs from the
potential investors.
greater Chicago area. It also
Attendees of “Get Launched” events can also attend informative included a hands-on workshop
workshops on a variety of topics. In September, the New York titled, “Build a Smarter Security
City program featured a “Prototyping with Sensors” workshop IoT System Complete with User
that showed how easy it is to develop an embedded sensor Portal in Two Hours,” where
node prototype using the cloud-based MPLAB® Xpress IDE. A attendees were able to work with
“Hands-on with PlatformIO” class focused on using the popular our IoT Ethernet Monitoring Kit
Arduino® platform powered by Medium One.
for development
In 2017, our highly successful “Get Launched” series of events
and debugging. The
started out in sunny Santa Barbara and ended in metropolitan
hardware that was
Chicago. We currently have events in Silicon Valley, Boston,
used in the hands-
Berlin and Marseille on our roadmap for 2018. We hope to
on workshops was
meet many of you during our upcoming travels. Visit our Get
offered to attendees
Launched website or email us at GetLaunched@microchip.
at a steep discount,
com for the latest information on future events that may be
or in some instances
coming to your area.
it was even provided

20
Coloring Page
 Boost Your IoT Security
Zero Touch Provisioning for AWS IoT

Securing data comes with challenges, but the main challenge is providing
a secure authentication and securely handling private keys in a production
environment. This has led cloud providers to push towards hardware-based
security, obtain strong device identity to avoid spoofing and protect against
unauthorized firmware updates and proliferation.

Microchip’s pre-configured ATECC508MAHAW meets these challenges by

leveraging AWS IoT Just-In-Time Registration (JITR). JITR combined with the
mutual authentication handshake enables bulk certificate uploading once a
system is deployed.
Zero Touch Secure Provisioning Kit
Key Features
(AT88CKECC-AWS-XSTK-B)
• Eliminate private keys manipulation from software, users and manufacturers
• Provide secure mutual authentication and unique trusted identity
• Leverage AWS IoT and JITR for bulk certificate uploading

www.microchip.com/AWSECC508
The Microchip name and logo and the Microchip logo are registered trademarks of Microchip Technology Incorporated in the U.S.A. and other countries. All other trademarks are the property of their registered owners.
© 2017 Microchip Technology Inc. All rights reserved. 11/17
DS00002581A