Alongside the vast potential value that IoT brings, also comes a growing concern that billions of devices and the data that they process remain under-protected, thus posing a serious security threat.To make a device secure for the long term, it needs to be built on a secure platform, protected at the silicon level. The device also requires a secure identity, embedded in at the time of silicon manufacture.

Trustonic is enabling the world’s leading microcontroller (MCU) supplier, Microchip Technology Inc., to provide their customers with a secure platform and strong device identity pre-embedded into their MCUs.

This enablement provides enhanced security capabilities that can be leveraged across the value chain and IoT ecosystem.

20 billion Internet-connected things by 2020.


Kinibi-M is Trustonic’s new secure operating system specially designed to protect size-constrained microcontroller devices. With Kinibi-M pre-embedded into the microcontroller, a module developer can use a simple SDK to add security to their solution. The device identity can be proven, and data and communication security can be enabled. They do not need to be security experts, as the complex processes are abstracted into a simple, GlobalPlatform standards inspired API.

Kinibi-M for SAM L11 also delivers a number of specific use cases, often required in the IoT space and in particular on microcontrollers based devices. These can be seen below.

Device Provenance

Manufacturing and lifecycle stages can be securely recorded using Digital Holograms™. At any future stage in the device lifecycle, Trustonic’s device attestation can enable proof of secure manufacture or proof of legitimate deployment. For example, cloud services can leverage this capability to automatically onboard attested devices and reject counterfeits.

Supply Chain Protection

Together the secure OS and Digital Holograms™ prevent individual devices from being cloned, IP or keys from being removed from a device, or devices from being over-produced. Any attempt to create counterfeit devices can be detected in-factory or in-field using Trustonic attestation services and the fraudulent production step can be highlighted.

Software Isolation & IP Protection

Code modules are isolated from each other, reducing both the risks associated with errors elsewhere on the device and the potential for firmware updates to invalidate assumptions made during certification. This enables others further down the device’s production chain to add additional software or customization in a safe and secure way. Additionally, IP protection ensures that sensitive code and data cannot be extracted, copied, removed, modified or tampered with. This is essential, as the IP on a chip is often of greater value than the complete device.