Espressif Expands Its Secure Matter Manufacturing Service to External Factories, In-Field Upgrades

Non-VID scoped PAA status means Espressif's secure manufacturing service is expanded to third-party factories and in-field upgrades.

Espressif has announced an upgrade to its secure manufacturing service, becoming an official open product attestation authority (PAA) — meaning it can now offer in-field Matter upgrades and off-site secure manufacturing.

"We announced support for Accelerated Matter Manufacturing last year. This allowed organizations to accelerate the manufacturing of their Matter devices, by allowing Espressif to pre-program the Device Attestation certificates (DACs), the firmware, and security configurations on modules before being shipped out," explains Espressif's Kedar Sovani.

"One request we kept getting was a provision to perform this manufacturing in the customer's factory of choice. This is now possible with our latest update. We are currently working with select customers to enable their factories to perform Matter manufacturing by themselves."

Espressif's ability to now offer secure Matter manufacturing in third-party factories comes in the expansion of its scope as a product attestation authority (PAA). Espressif now joins the likes of NXP, Tuya, and others as a "non-VID scoped PAA" — meaning it can offer attestation services to third parties, rather than use them excursively in-house. As well as allowing its secure manufacturing service for Matter devices to be extended to third-party factories, the change in attestation scope it has another knock-on effect: it is able to upgrade in-field Matter upgrades.

"[We] support delivering of DACs to in-field devices that wish to now incorporate Matter support. For this scenario, it is essential that the in-field devices have a mutually authenticated secure connection to some device cloud platform," Sovani explains. "The cloud platform is expected to act as the trust broker for the in-field devices."

More information is available in Sovani's blog post.

Gareth Halfacree
Freelance journalist, technical author, hacker, tinkerer, erstwhile sysadmin. For hire: freelance@halfacree.co.uk.
Latest articles
Sponsored articles
Related articles
Latest articles
Read more
Related articles