Microchip introduces PQC-ready root of trust controllers for secure embedded systems

The devices are designed to support evolving standards and mandates such as the European Cyber Resilience Act (CRA), Commercial National Security Algorithm Suite 2.0 (CNSA 2.0), and NIST platform resiliency guidelines, as the industry begins transitioning toward post-quantum security architectures.
May 15, 2026
2 min read
Add Us On Google
6a0600b58f4bded86f60068b 55210176504 F5742b6a69 O

CHANDLER, Ariz. - Microchip Technology in Chandler, Ariz., is expanding its Trust Shield portfolio with two new post-quantum cryptography (PQC)-ready security devices, the TS1800 Platform Root of Trust controller and the TS50x secure boot controller, aimed at helping system designers address emerging cybersecurity requirements across defense, data center, telecommunications, and critical infrastructure systems.

The devices are designed to support evolving standards and mandates, such as the European Cyber Resilience Act (CRA), the Commercial National Security Algorithm Suite 2.0 (CNSA 2.0), and NIST platform resiliency guidelines, as the industry begins transitioning to post-quantum security architectures.

The TS1800 functions as an external Platform Root of Trust controller and enables secure boot, firmware updates, attestation, and certificate handling using hardware-accelerated post-quantum cryptography. It implements NIST-standardized algorithms, including ML-DSA (Module-Lattice-Based Digital Signature Algorithm), LMS (Leighton–Micali Signature) verification, and ML-KEM (Module-Lattice-Based Key Encapsulation Mechanism).

Built around a 192 MHz Arm Cortex-M4F processor, the TS1800 delivers higher performance than previous Microchip root-of-trust controllers and is designed to handle the increased computational demands of PQC workloads. It also includes architectural enhancements intended to support secure lifecycle management functions, such as firmware integrity validation and attestation, as well as faster firmware updates via USB 2.0 connectivity.

The TS50x family provides a streamlined PQC secure boot solution for systems that do not require the full platform root-of-trust feature set of the TS1800. These devices focus on signature verification for firmware boot processes, supporting both PQC and classical cryptography such as Elliptic Curve Cryptography (ECC P-384). In this architecture, the device holds the main system processor in reset until firmware authenticity is verified, enabling a hybrid transition path from traditional to post-quantum cryptography.

Both product families are available through Microchip’s TrustFLEX platform and are designed as modular, drop-in security controllers intended to simplify integration of hardware-based cryptographic trust across embedded and edge systems. The company said the devices are intended to reduce implementation complexity and help accelerate adoption of PQC-based secure boot architectures that establish system trust at first power-on.

Microchip said the TS1800 and TS50x build on its Soteria firmware stack running on the Zephyr RTOS and are designed to support evolving certification and compliance requirements across embedded security ecosystems.

For more information, please visit https://www.microchip.com/