This video is still being processed. Please check back later and refresh the page.

Uh oh! Something went wrong, please try again.

25075 SEC6: Mastering Secure Boot for MPUs (August 2025)

In this class you will learn to secure the boot process on Microchip MPU devices using cryptographic techniques (Hashes, AES, RSA, ECDSA), manage device provisioning and OTP memory, and implement secure boot and authentication for the AT91Bootstrap bootloader.

Cancel Apply

rate limit

Code not recognized.

About this course

 

This is a recording of the course 25075 SEC6 - Mastering Secure Boot for MPUs from the 2025 MASTERs Conference.

 

In this class, you will gain a comprehensive understanding of secure boot processes for Microchip MPU devices, focusing on securing the boot sequence and managing device provisioning. You will learn to configure and implement secure boot mechanisms to protect firmware confidentiality, integrity, and authenticity. This includes exploring cryptographic techniques such as Hashes, AES, RSA, and ECDSA to establish a root of trust and authenticate binaries. Additionally, you will engage in hands-on exercises to configure MPU devices, manage OTP memory, and encrypt and authenticate the second-stage bootloader (AT91Bootstrap). By the end of the class, you will be able to identify and mitigate security vulnerabilities, ensuring robust protection against unauthorized code execution. This class requires basic knowledge of the topic.

Prerequisites:

Attendees should have a foundational understanding of embedded systems and a basic grasp of cryptographic principles, such as encryption, decryption, and digital signature. It is recommended to watch “https://mu.microchip.com/cryptography-primer” as preparation to reinforce these concepts.

Curriculum58 min

  • About this course
  • Class Overview
  • Syllabus & Downloads
  • Introduction 2 min
  • Introduction to Secure Boot 2 min
  • SAMA7D65 Security Features 20 min
  • SAMA7D65 Boot Sequence 8 min
  • Standard vs. Secure Boot 5 min
  • Cryptography and Public Key Infrastructure (PKI) 6 min
  • Overview of SAM-BA® and Secure SAM-BA® Cipher Tools 2 min
  • LAB1: Standard Boot 4 min
  • LAB2: Using Secure SAM-BA® Cipher for Secure Boot 3 min
  • LAB3/4/5: Provisioning, Configuring and Flashing the SAMA7D65 1 min
  • LAB6: Implementing Anti-Rollback Mechanism 1 min
  • LAB7: Dual Boot 1 min
  • LAB8: Locking Mechanisms 1 min
  • Secure Boot Animation Asymmetric Authentication - Summary 2 min
  • Complete Recording
  • 25075 SEC6 (49 min)

About this course

 

This is a recording of the course 25075 SEC6 - Mastering Secure Boot for MPUs from the 2025 MASTERs Conference.

 

In this class, you will gain a comprehensive understanding of secure boot processes for Microchip MPU devices, focusing on securing the boot sequence and managing device provisioning. You will learn to configure and implement secure boot mechanisms to protect firmware confidentiality, integrity, and authenticity. This includes exploring cryptographic techniques such as Hashes, AES, RSA, and ECDSA to establish a root of trust and authenticate binaries. Additionally, you will engage in hands-on exercises to configure MPU devices, manage OTP memory, and encrypt and authenticate the second-stage bootloader (AT91Bootstrap). By the end of the class, you will be able to identify and mitigate security vulnerabilities, ensuring robust protection against unauthorized code execution. This class requires basic knowledge of the topic.

Prerequisites:

Attendees should have a foundational understanding of embedded systems and a basic grasp of cryptographic principles, such as encryption, decryption, and digital signature. It is recommended to watch “https://mu.microchip.com/cryptography-primer” as preparation to reinforce these concepts.

Curriculum58 min

  • About this course
  • Class Overview
  • Syllabus & Downloads
  • Introduction 2 min
  • Introduction to Secure Boot 2 min
  • SAMA7D65 Security Features 20 min
  • SAMA7D65 Boot Sequence 8 min
  • Standard vs. Secure Boot 5 min
  • Cryptography and Public Key Infrastructure (PKI) 6 min
  • Overview of SAM-BA® and Secure SAM-BA® Cipher Tools 2 min
  • LAB1: Standard Boot 4 min
  • LAB2: Using Secure SAM-BA® Cipher for Secure Boot 3 min
  • LAB3/4/5: Provisioning, Configuring and Flashing the SAMA7D65 1 min
  • LAB6: Implementing Anti-Rollback Mechanism 1 min
  • LAB7: Dual Boot 1 min
  • LAB8: Locking Mechanisms 1 min
  • Secure Boot Animation Asymmetric Authentication - Summary 2 min
  • Complete Recording
  • 25075 SEC6 (49 min)