Post-Quantum Readiness in Embedded and Semiconductor Platforms

As September draws to a close, one theme is becoming impossible to ignore in the semiconductor sector: post-quantum cryptography (PQC) is no longer a future ambition, it is an immediate necessity.

Across Infineon, NXP, and Microchip, we are beginning to see the first wave of PQC-ready microcontrollers, embedded controllers, and cryptographic subsystems move into the spotlight. The focus is on meeting CNSA 2.0 compliance, extending the lifetime of secure devices, and protecting firmware updates against the looming risk of “harvest-now, decrypt-later” attacks.

Infineon has taken a clear lead with its PSOC Control C3 Performance Line, announced in late August but positioned heavily through September as its flagship PQC-ready microcontroller family. These devices embed Leighton–Micali Signatures (LMS) for firmware signing and verification, and they introduce hybrid PQC/ECC support that allows secure boot and update mechanisms to straddle the classical-to-quantum transition. Alongside compliance with CNSA 2.0 and PSA Level 3 certifications, Infineon has rolled out a redesigned Low-Cost Crypto Subsystem, engineered to better support lattice-based primitives and future PQC algorithms. The message is clear: for long-lifetime devices in industrial control, EV systems, and edge computing, PQC resilience is now table stakes.

NXP has not unveiled a major product launch this month, but its roadmap signals that PQC is central to its next generation of automotive microcontrollers. The S32K5 family has been highlighted as PQC-secure, with hardware roots-of-trust designed to support PQC signature verification and crypto-agility. While less concrete than Infineon’s announcement, NXP’s positioning is tailored for the automotive sector, where vehicle lifespans demand security that will endure for decades. By placing emphasis on secure boot, firmware updates, and debug flows anchored in PQC, NXP is preparing its OEM partners for the regulatory and commercial realities of CNSA 2.0 compliance.

Microchip’s story is also advancing. The company’s MEC175xB embedded controllers, first announced earlier this year, are now being cited as a credible response to PQC in the data center, PC, and server markets. These controllers include immutable hardware support for PQC algorithms such as ML-DSA, LMS, and ML-KEM, enabling secure boot and firmware verification that can blend ECC with PQC during the transition period. For markets that demand tamper-proof assurance at the silicon level, Microchip’s positioning is both pragmatic and forward-looking.

Elsewhere, the picture is quieter.

STMicroelectronics’ September news cycle was dominated by its acquisition of NXP’s MEMS sensor business rather than PQC updates, although its longer-term trajectory points to integration of quantum-resistant cryptography into secure MCU and sensor platforms in 2026.

Renesas has yet to publish any PQC-specific announcements for its secure microcontroller families, while Texas Instruments continues to emphasize traditional accelerators such as AES, SHA-2, and ECC without new quantum-safe features. Qualcomm, for its part, has enhanced its Snapdragon platform’s security and device management layers but has not committed publicly to PQC primitives or CNSA 2.0 alignment. Arm remains similarly quiet, focusing its September messaging on CPU IP and AI acceleration, leaving PQC adoption to be signaled through its silicon partners rather than direct product announcements.

Taken together, the September snapshot shows a clear divide between early movers and silent observers. Infineon and Microchip are pressing ahead with tangible PQC-enabled hardware, while NXP is positioning strongly on roadmap promises, particularly in the automotive domain. ST, Renesas, TI, Qualcomm, and Arm, meanwhile, have chosen not to place PQC in their September announcements. The emphasis from the leaders is on firmware signing through hash-based schemes such as LMS and ML-DSA, secure boot resilience, crypto-agility, and the use of hybrid PQC/ECC to ease the transition.

As we move toward year’s end, the expectation is that the quieter players will be compelled to respond. Automotive suppliers such as Renesas and ST will likely reveal their hand at upcoming industry events, while edge computing and mobile vendors like Qualcomm and Arm will need to demonstrate their readiness as operating system ecosystems demand quantum-safe defaults. September has shown that the race to CNSA 2.0 hardware compliance is not theoretical. It has begun in earnest, and those who have yet to act risk being left behind.