MAX32520: A Secure ARM Cortex‑M4 Microcontroller Leveraging ChipDNA PUF Technology

Maxim Integrated’s new MAX32520 ChipDNA Secure ARM Cortex‑M4 microcontroller combines the industry’s most advanced physical‑unclonable function (PUF) technology with industry‑standard cryptographic features to deliver uncompromised security for IoT, healthcare, industrial, and IT applications.

The rapid growth of connected devices brings unprecedented convenience, but it also creates a growing attack surface. With millions of IoT endpoints in the field, cybercriminals have a vast pool of vulnerable targets. Protecting sensitive data and preventing exposure of secret keys is essential for any product that will operate in the real world.

The MAX32520 addresses this challenge by generating a unique cryptographic key directly from the device’s silicon. The key never resides in memory or as a static value, making it immune to invasive probing and extraction attempts.

PUF ChipDNA Technology

ChipDNA PUF circuitry exploits the inherent randomness of MOSFET analog characteristics to produce a fresh, device‑specific key on demand. When the key is no longer needed, it is erased from the chip’s internal state. Because any attempt to read or tamper with the circuitry alters its behavior, an attacker can never recover the underlying key value.

“ChipDNA PUF technology is built to last, enabling products to maintain a high level of security even after 10+ years on the market,” said Kris Ardis, Executive Director of the Micros, Security & Software business unit at Maxim Integrated. “The real challenge is educating customers about the necessity of physical protection for IoT devices, which are often deployed in uncontrolled environments.”

Kris Ardis at Embedded World – Source: Maxim Integrated

Ardis added, “Even the strongest encryption is useless if an attacker can extract the secret key. Physical protection of those keys is therefore a critical layer of security.”

The MAX32520 Microcontroller with PUF Technology

Key features include tamper‑proof PUF‑based flash encryption, a secure boot root‑of‑trust, and serial flash emulation. Because the cryptographic key is generated on‑chip, no external battery or key‑management infrastructure is required, simplifying deployment and reducing cost.

Flash encryption protects data at rest with keys that are resistant to advanced physical analysis, while the FIPS/NIST‑compliant true‑random number generator (TRNG) provides high‑quality session keys for AES‑256, ECDSA P‑521, and SHA‑512. The device also offers environmental and tamper‑detection sensors to trigger protective actions when a threat is detected.

The MAX32520 houses 2 MB of flash, 136 KB of system RAM plus 34 KB of error‑correcting code (ECC), 8 KB of one‑time‑programmable memory (OTP), and 128 KB of boot ROM. It runs a 120 MHz Cortex‑M4F core on an advanced process node, balancing performance with a cost structure suitable for mass‑scale deployments.

Ardis noted, “We see growing demand for this level of security in sectors such as trucking telematics, vending‑machine communication, industrial sensors, medical devices, and high‑volume networking equipment used for anti‑counterfeiting.”

Figure 1: MAX32520 block diagram

“There are alternative approaches to IoT security, but nothing else on the market matches the ChipDNA PUF’s protection level,” Ardis said. “The MAX32520 is a flexible, powerful embedded device that delivers unmatched security at a competitive price.”

During Embedded World, Maxim showcased three evaluation boards: a Feather‑board with the MAX32520, a Feather‑board equipped with sensors, and a LoRa plug‑in board capable of sending encrypted data to a gateway.

MAX32520‑KIT# Development Kit

As attackers become more sophisticated, relying solely on software security is insufficient. By integrating PUF technology, the MAX32520 provides a hardware‑based cryptographic foundation that safeguards devices against both remote and physical threats, ensuring data integrity and confidentiality throughout the device’s lifecycle.