Microchip adds PQC-ready trust controllers

Microchip Technology has expanded its Trust Shield portfolio with two post-quantum-ready security controllers for compute, data centre, defence, telecom, and infrastructure platforms.

The new devices are the TS1800 Platform Root of Trust controller and the TS50x secure boot controller. Both are designed to help system architects prepare for emerging cybersecurity mandates, including the European Cyber Resilience Act and Commercial National Security Algorithm Suite 2.0, while supporting evolving platform security requirements across critical electronic systems.

The TS1800 functions as an external Platform Root of Trust controller. It supports secure boot, secure firmware updates, attestation, and certificate handling using hardware-accelerated post-quantum cryptography. The accelerators implement National Institute of Standards and Technology standardised algorithms including ML-DSA, LMS verification, and ML-KEM.

The controller is built around an Arm Cortex-M4F processor operating at up to 192MHz. Microchip says the TS1800 delivers up to twice the processing performance of previous generations of its root of trust controllers, giving the device additional headroom for the computational demands of post-quantum cryptography. USB 2.0 full-speed and high-speed support reduces firmware update times compared with I²C and SPI interfaces.

The TS50x family provides a simpler secure boot option for systems that do not need the full Open Compute Project-based Platform Root of Trust feature set provided by the TS1800. TS50x devices focus on verification operations for post-quantum and classical cryptography, including ECC P-384, on signatures for firmware booting from SPI flash. The controller holds the main chipset in reset until signature verification succeeds, preventing execution until the firmware image has been authenticated.

Both device families support post-quantum cryptography and align with requirements such as NIST SP 800-193 platform resiliency guidance. They are available through Microchip’s pre-configured TrustFLEX platform and are intended as modular crypto-controllers that can be integrated into wider system designs. TS1800 and TS50x controllers, along with compatible evaluation boards, are currently available through an early adopter programme.

Post-quantum cryptography is moving from standards work into implementation planning across long-life infrastructure hardware. Data centre, telecom, defence, and industrial platforms often remain in service for many years, placing pressure on equipment designers to support cryptographic migration before quantum-resistant requirements become mandatory in procurement or regulation.

Adding new algorithms is only part of the engineering problem. PQC can increase demands on memory, processing, firmware update flows, certificate management, attestation, and secure boot timing. Devices that were sufficient for classical cryptography may not provide enough margin for larger signatures, key exchange operations, and verification workloads.

Hardware roots of trust establish security before the main processor or complex software stack begins executing. That first stage is critical in infrastructure and defence systems, where a compromised boot path can undermine later software protections. External trust controllers also give platform designers a way to add cryptographic agility without rebuilding the main processor architecture.

Integration will decide how useful PQC-ready controllers become in production systems. Secure boot, attestation, update speed, board-level interfaces, supply-chain provisioning, certification, and lifecycle management have to be validated as a complete platform. PQC readiness will depend on whether secure platforms can be updated, certified, and maintained without repeatedly redesigning their trust architecture.