SAM L10 / L11 Series 32-bit Microcontroller Customer Presentation
SAM L10 / L11 Series
32-bit Microcontroller
Customer Presentation
2
Agenda
SAML10/L11 Overview
Key Features & Benefits
Target Applications
Development Tools Support
Demos
Development Ecosystem
Security Use Cases
Summary
SAM L10/L11 Overview
4
Security, Low Power & Touch Innovation
SAML10/11 Family:
Industry Leading Security in its performance class
Industry’s first Arm® Cortex-M23 with chip-level robust security features&
Arm® TrustZone®
Hardware security integrated in a small footprint MCU
Comprehensive security software framework
Industry’s lowest power in its performance class
Microchip’s proprietary picoPower® Technology delivers staggering results
EEMBC ULPMark Certified Score of 405 ( over 200% higher than the nearest
competition)
Ultra-low Active Current (<25uA/MHz)
Standby RAM Retention (<0.6 uA)
OFF Mode (<100 nA)
Wakeup time 1.5 uS idle & 2.6 uS sleep
Industry leading Capacitive Touch
Highly responsive & accurate
Superior water tolerance & excellent noise immunity
Advanced Information - Microchip Confidential
5
SAML10 & SAML11
Configuration
SAM L11
Performance and Memory:
32 MHz Cortex-M23
Up to 64KB Flash
Up to 16K SRAM
Key Peripherals:
Enhanced PTC
12-Bit ADC; 10-bit DAC
OP Amps; SERCOM
Security:
TrustZone
Chip-level Tamper Detect
Crypto Accelerator (AES128, SHA256)
Secure Boot & Bootloader
Secure Key Storage
SAM L10
Performance and Memory:
32 MHz Cortex-M23
Up to 64KB Flash
Up to 16K SRAM
Key Peripherals:
Enhanced PTC
12-Bit ADC
10-bit DAC
OP Amps
SERCOM
Pins Packages
32 TQFP(7x7),QFN(5x5), WLCSP(2.8x2.8)
24 SSOP(5x8), QFN(4x4)
Temp Options
-40C to 85C & -40C to 125C
Advanced Information - Microchip Confidential
6
Timelines
Key Milestones Current Schedule
Stream Out Complete
Early Adopter Support Now
Release to Production CQ2’18
Advanced Information - Microchip Confidential
7
Key Features & Benefits
Key Selling Feature Benefits
picoPower® Technology Power & Performance balance
Improves battery life, reduces battery
replacements & lowers overall system cost
Low Power Analog (Op Amps, DAC, ADC, AC) Reduces BOM by eliminating the need for
external analog components
Enhanced Peripheral Touch Controller(PTC)
Advanced Touch with Driven Shield Plus &
Parallel Acquisition
Differentiates user interfaces with highly
responsive, elegant & Water Tolerant Touch
TrustZone Resists software attacks
Isolates & Protects IP & proprietary S/W
Secure Key Storage
(TrustRAM & DataFlash)
Protects Keys/secrets against physical attacks
Prevents Cloning & Counterfeit products
Secure Boot & Secure Bootloader Eliminates the risk of malicious code running on
the MCU
New Cortex M23 Core Better performance & smaller code size than
Cortex M0+
Advanced Information - Microchip Confidential
8
picoPower® Technology
EEMBC ULPMark Certified Score of 405
over 200% higher than the nearest competition
Ultra-low Active Current (<25uA/MHz)
Standby RAM Retention (<0.6 uA)
OFF Mode (<100 nA)
Wakeup time 1.5 uS idle & 2.6uS sleep
Power Saving Techniques Benefits
SleepWalking Ability of the peripherals to perform a task without waking up the CPU from the sleep mode to
maintain low power for extended period
Dual Performance Levels (PL0 & PL2) Ability to change the CPU speed on the fly to suit the application activity Level. Helps strike balance
between power and performance in active mode
Event System Inter-peripheral communication
Reduces CPU overhead & saves CPU cycles
Power Domain Gating Unused power domain can be switched off to reduce the sleep currents even further
Low Power Analog
(Op Amps, ADC, AC, DAC)
Reduces BOM
Can take inputs from sensors when in sleep
picoPower® TechnologyFlexible Power Saving Features
Longer Battery Life
Lower Total System Cost
Advanced Information - Microchip Confidential
9
Industry Leading Touch
Enhanced Peripheral Touch Controller(PTC)
Integrated capacitive touch controller for buttons, sliders, wheels &
small surfaces(up to 8x8 cm)
Highly Responsive & Accurate Touch
Autonomous Operation
Low CPU utilization
Ultra-Low Power Mode(under 4µA)
Improved Performance:
Driven Shield Plus
Industry leading moisture tolerance
Excellent noise immunity
Parallel Acquisition
Faster Response & High Signal to Noise Ratio
Advanced Information - Microchip Confidential
10
Broad Application Spectrum
IoT & Security
Smart Cities
Home Automation
Smart Agriculture
Medical Devices
Accessories Authentication
Ultra-Low Power
Wearables
Gaming Controls
Energy Harvesting
Low Power Industrial
Capacitive Touch
Appliances
Fitness Trackers
Automotive Door Handles
Key Pads
Remote Controls
Advanced Information - Microchip Confidential
11
SAML11 32 pin TQFP
64KB Flash & 16 KB SRAM
32MHz ARM Cortex M23 with Security
ARM®TrustZone®
Secure Boot
Crypto Accelerator(AES128, GCM & SHA256)
mikroBUS header
Xplained Pro extension headers
On board Debugger
XAM for Power Debugging
ECC508A
Xplained Pro Kits
SAML10 32 pin TQFP
64KB Flash & 16 KB SRAM
32MHz ARM Cortex M23
mikroBUS header
Xplained Pro extension headers
On board Debugger
XAM for Power Debugging
ECC508A
Price: $58
Price: $58
Advanced Information - Microchip Confidential
12
Demos
Demo Name Description Hardware
Trusted Execution Environment Illustrates trusted execution of low power
temperature sensor application & SAML11 counter
acting malicious code attacks
• SAML11 Xplained pro
• IO1 Xplained Pro
Secure LoRa IoT Node Securely transmits light sensor info to The Things
Network(TTN) gateway. Leverages TrustZone to
recover the sensor-node incase of code failure
• SAML11 Xplained pro
• IO1 Xplained Pro
• RN2903/RN2483
• TTN Gateway
Low Power Weather Station Implements ultra-low power features & analog of
SAML10 to provides temperature, humidity,
pressure & air-quality data on 1.54” e-ink display
• SAML10 Xplained pro
• MikroE Weather click
• MikroE Air Quality click
• Waveshare 1.54” e-Ink
• MikroBus adapter
SleepWalking Demo Illustrates the sleepwalking and dynamic power
gating for ultra-low power consumption
• SAML10 Xplained pro
• IO1 Xplained Pro
Water Tolerant Touch Illustrates the Driven Shield Plus capability to reject
false triggers due to water & accurately track finger
touch
• SAML10 Xplained pro
• QT7 Xplained Pro
Low Power Key Pad Illustrates the wakeup on touch of SAML1x for ultra-
low power key pad design
• SAML10 Xplained pro
• QT3 Xplained Pro
Advanced Information - Microchip Confidential
13
Rich Development Ecosystem
IDE
• Atmel Studio 7
• IAR Embedded Workbench
• Arm® Keil® MDK
Software
Framework
• Atmel START
• Atmel START TrustZone Manager
Security
Framework
• End-to-End Solution Support
• Secure Key Provisioning
Low Power• Power Debugger Tool
• Data Visualizer
Touch
• QTouch Configurator
• QTouch Modular Library
• 2D Touch Surface Library
Advanced Information - Microchip Confidential
SAM L11 Security Use Cases
15
Prevention Against
Software (Remote) Attacks
How does SAML11 Help? TrustZone can partition the CPU &
memory into secured & non secure
zones
Secure Zone contains a copy of
application code that is protected
Anytime a code injection is detected
in non-secure world, secure world
loads the non-secure world with the
copy of application & restores the
normal state of operation
Applications : Connected Key Pads
Gas Stations/POS
Terminals
Access Control
Smart Door Locks
Connected Thermostats
Wireless Patient Monitoring
LoRa & SigFox Nodes
It is possible that Nodes that are connected are prone to remote software
attacks. Anytime an attack is detected a remedial action to replace the
infected code must take place
Advanced Information - Microchip Confidential
16
Remote Software Attacks
Typical Block Diagram
Example: SAM L11 will deny access to illegal requests, and load a copy of IoT
application from trusted-side back to the system if malware attack is
detected to avoid the system down time
Advanced Information - Microchip Confidential
Wireless Patient Monitor & Vital Signs Tracking System
Loads a copy of App if Malware
attack is detected
Wireless
ModuleIoT
AppIoT
App
Sensitive
Data
BioMetric
Sensor
Denies access to
illegal requests
SAML11
Secure Partition
Non-TrustedTrusted
17
Secure Boot
How does SAML11 Help? SAML11 facilitates secure boot
process
At start-up Crypto module performs
integrity & authenticity check on the
firmware
If these checks pass, SAML11 lets
execution of the firmware else it
halts the application code from
executing
Applications : Automotive
IoT Nodes
Single Purpose devices
E-readers, Voice
Assistants, GPS,
IP Cameras
Secure boot process is the vital first step in securing any embedded
system. It ensures the desired application code is executed on the product
to ensure the product’s key functionality is not tampered or altered
Advanced Information - Microchip Confidential
18
Secure Boot
Typical Block Diagram
Example: SAM L11 ensures malicious code on the non-trusted side is
not executed, in this car door touch handle example
Advanced Information - Microchip Confidential
Water
Tolerant
Touch
PTC &
Touch
Library
Crypto
Secure
BootLINECU
SAML11
Secure Partition
Non-TrustedTrusted
Application
Code
Authentication
19
Anti-Cloning
How does SAML11 help? SAML11 TrustRAM & Data Flash
with scrambling capabilities can
secure the keys
TrustRAM has active shield which
can erase the keys if physical attack
is detected
TrustZone can protect the keys
from malicious software requesting
keys
Applications : Printer Cartridges
Smart Phone/Tablet
accessories
Key Boards
Wireless Chargers
Game Controllers & Consoles
Keys/credentials which uniquely identify the end product brand are critical
& need to be secured to prevent the products from cloning.
The host & the accessory need to mutually authenticate to prevent cloning
Advanced Information - Microchip Confidential
20
Anti-Cloning
Typical Block Diagram
Example: SAM L11 authenticates with secure element to ensure the printer
cartridge is a genuine product from the original manufacturer
Advanced Information - Microchip Confidential
Printer
DataFlash
Secure Key
Storage
Customer
IP
SAML11
Secure Partition
Non-TrustedTrusted
Application
Code
Ink Cartridge
ECCx08A
Secure ElementAuthentication
21
Secure Communication
How does SAML11 Help? On-Board Crypto Module capable
of AES128 & GCM to encrypt
messages
Reduces burden on the CPU
TrustZone can be leveraged to map
serial ports(transferring sensitive
data) to secure zone to prevent
malicious code from accessing
these ports
Data need to be encrypted during transmission to prevent eavesdropping
Applications : Interconnected Nodes
MCU to external serial Flash
Medical Devices storing
patient’s sensitive data in
serial Flash
Secure communication
between nodes & gateway
Advanced Information - Microchip Confidential
22
Secure Data
Typical Block Diagram
Example: SAM L11 makes sure the patient private data stored in the
Blood Glucose Meter via secure serial communication from
trusted side with data encrypted
Advanced Information - Microchip Confidential
Blood Glucose Meter
Secure
Application
Secure
SERCOMEncrypted Data
Serial Flash
(Encrypted)
storing Patient
Private Data
SAML11
Secure Partition
Non-TrustedTrusted
Application
Code
23
Secure Firmware Upgrades
How does SAML11 Help? Offers Secure Bootloader
The Secure Bootloader &
SAML11’s on-board crypto verifies
the new firmware to be upgraded
SAML11 performs decryption,
checks for the integrity &
authenticity of the new firmware
before upgrading the product with it
Applications : Consumer
Fitness trackers, smart
watches & wearables
Server firmware upgrades by
BMC
Industrial sensors in a
manufacturing line
Medical devices
Glucose meters, Blood
pressure meter, CPAP
It is essential to authenticate the new firmware while doing OTA firmware
updates to ensure it is free from malware and is a genuine copy from the
manufacturer
Advanced Information - Microchip Confidential
24
Secure Firmware Upgrade
Typical Block Diagram
Example: SAM L11 ensure in this case, a smart watch, will only be upgraded with
the firmware from original manufacturer
Advanced Information - Microchip Confidential
Smart Watch
Bluetooth
Low
Energy
Firmware
Upgrade
Crypto
Secure
Bootloader
SAML11
Secure Partition
Non-TrustedTrusted
Authentication
Firmware Upgrade
25
IP Protection & Sandboxing
How does SAML11 Help? TrustZone can partition the CPU &
memory into secured & non secure
zones
Secure Zone exposes only those
APIs that are needed by non-
secure world
Any inadvertent access or illegal
request to read IP in Secure Zone
from non-secure would result in a
hard fault
End products that require two customers for App development see a need
to isolate their application and protect them from IP infringement or
accidental stepping in to certified software
Applications : Medical devices with proprietary
software
LoRa Edge devices with
certified stacks
Sensors with light weight
industrial protocol stacks, e.g.:
IO-Link Protocol
Advanced Information - Microchip Confidential
26
IP Protection & Sandboxing
Typical Block Diagram
Example: Any end products which requires more than one companies to develop
the codes, in this case an earbud heart rate sensor
Advanced Information - Microchip Confidential
Earbud Heart Rate Sensor
Heart
Rate
Sensor
OEM
Application
Heart
Rate
Sensor
IP
SAML11
Secure Partition
Non-TrustedTrusted
Company-B Application Code
• Full access to program & debug non-
trusted zone only
• Cant Access Company-A Firmware IP
other than exposed APIs
Company-A Firmware IP
• Fully protected
• No readout capability
• Only Necessary APIs are provided to
Company-B for App Development
SAML11 Chip Erase commands are
protected by keys.
DAL1 (Debug Access Level1) can used
so that only Non-Trusted Zone can be
programmed/Debugged
27
Summary
Industry’s First MCU with chip-level robust security features &
ARM® TrustZone®
Comprehensive Security Software Framework
Makes Security Simple
picoPower® Technology outperforms the competition
Industry leading Touch Solution
Widely Supported Family with Rich Development Ecosystem
Advanced Information - Microchip Confidential