Microchip Introduces 32-bit MCUs With Embedded Hardware Security Module

October 12, 2023 by Aaron Carman

The latest Microchip family of MCUs includes built-in security measures for privacy-sensitive applications.

Microchip has announced the PIC32CZ CA family of 32-bit microcontrollers to simplify security integration for complex applications. As consumer electronics become more highly integrated, the question of security can often be a major concern for designers. While dedicated security hardware certainly exists, onboard embedded security measures make the designer’s job considerably easier.



The PIC32CZ CA family of 32-bit microcontrollers comes equipped with an optional hardware security module, allowing designers to rapidly develop embedded security measures. Image used courtesy of Microchip

This article breaks down both the need for security in embedded systems and the features included in the PIC32CZ CA family of MCUs that allow them to effectively secure an embedded system.


Embedding Security for Client-Side Devices

The security of personal data has become a major concern both on the server and client sides. While server-side security measures are certainly important, Microchip built its newest MCU family to address common client-side security issues.


Microchip PIC32CZ CA90

The Microchip PIC32CZ CA90 can store keys using the HSM module, improving the security of client-side devices. Image used courtesy of Microchip

Connected sensors, for example, can provide bad actors with critical information such as home activity, population, or even the locations of connected devices. To preserve the integrity of the client device’s firmware, designers can embed security measures such as root of trust, secure boot, secure updates, and secure data management to prevent unwanted access to sensitive data.


Microchip Doubles Down on Secure, 32-bit Performance

The PIC32CZ CA family of microcontrollers consists of two microcontrollers, the PIC32CZ CA80 and PIC32CZ CA90, each of which is offered with 4 or 8 MB of program memory. The CA90 MCU includes a built-in hardware security module (HSM) that supports a variety of security measures, including cryptographic accelerators, secure key storage, secure boot, and a true random number generator (RNG). Microchip provides additional details on the HSM under an NDA.


PIC32CZ CA block diagram

The PIC32CZ CA block diagram highlights the number of peripherals supported by the family, in addition to the computing hardware included in the processor core. Image used courtesy of Microchip

In addition to a variety of program memory offerings, the MCUs include 1 MB of SRAM and support for various communications protocols, including Ethernet, CAN FD, and I2S. A 300 MHz Arm Cortex-M7 processor, accompanied by a floating point unit, memory protection unit, and multiply-accumulate unit, all provide the computing performance necessary to support various applications.

In addition to the security features, Microchip has also included several functional safety features, including global BIST, clock failure detection, and write protection. Both the CA80 and CA90 are currently available and can be evaluated using a PIC32CZ Curiosity Ultra development board and the MPLAB software.


Faster Secure Development

While Microchip has not publicly published full details on the HSM's features, the company calls the module a "turnkey solution" for developing embedded security systems. The device is designed to simplify a BOM and accelerate time to market with its ability to adapt standard security firmware.

The CA90 MCU represents a growing trend of integrated hardware security for high-performance MCUs. Although not all designers will make use of the integrated HSM, easier access to cutting-edge security features may greatly impact the next generation of electronic devices.