diff --git a/CMakeLists.txt b/CMakeLists.txt
index 804b805a8..685f357c9 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -1,4 +1,8 @@
 cmake_minimum_required(VERSION 3.20.0)
+
+# Option to enable Zephyr support
+option(ATCA_ZEPHYR_SUPPORT "Enable Zephyr HAL support and build as a Zephyr library" OFF)
+
 project (cryptoauthlib C)
 
 # Set the current release version
@@ -11,9 +15,9 @@ set(VERSION_PATCH 8)
 option(BUILD_TESTS "Create Test Application with library" OFF)
 
 if(UNIX)
-option(SETUP_INSTALLER "Setup installation and packaging as well" ON)
+    option(SETUP_INSTALLER "Setup installation and packaging as well" ON)
 else()
-set(SETUP_INSTALLER OFF CACHE INTERNAL "Disabling installation on this platform")
+    set(SETUP_INSTALLER OFF CACHE INTERNAL "Disabling installation on this platform")
 endif()
 
 # Default install root which is normally /usr/local/
@@ -24,21 +28,35 @@ set(CMAKE_INSTALL_PREFIX "/" CACHE INTERNAL "")
 
 include(cmake/check_environment.cmake)
 
-# Make sure when testing that everything goes where it should
-if(BUILD_TESTS)
-set (CMAKE_LIBRARY_OUTPUT_DIRECTORY ${CMAKE_BINARY_DIR})
-set (CMAKE_RUNTIME_OUTPUT_DIRECTORY ${CMAKE_BINARY_DIR})
+if (NOT Zephyr_FOUND AND ATCA_ZEPHYR_SUPPORT)
+    find_package(Zephyr QUIET HINTS $ENV{ZEPHYR_BASE})
+endif()    
+    
+if (Zephyr_FOUND)
+    set(ATCA_ZEPHYR_SUPPORT ON CACHE BOOL "Auto-enable Zephyr support when Zephyr toolchain detected" FORCE)
+    include_directories(${ZEPHYR_INCLUDE_DIRS})
+    include(cmake/zephyr_options.cmake)
+else()
+    # If Zephyr support is requested but not found, we can still proceed with the build
+    message(STATUS "Zephyr support requested but not found, proceeding without Zephyr")
+    set(ATCA_ZEPHYR_SUPPORT OFF CACHE BOOL "Zephyr support not found" FORCE)    
 endif()
 
 add_subdirectory(lib)
 
+# Make sure when testing that everything goes where it should
+if(BUILD_TESTS)
+    set (CMAKE_LIBRARY_OUTPUT_DIRECTORY ${CMAKE_BINARY_DIR})
+    set (CMAKE_RUNTIME_OUTPUT_DIRECTORY ${CMAKE_BINARY_DIR})
+endif()
+
 # Tests
 if(BUILD_TESTS)
-add_subdirectory(test)
-set_property(DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR} PROPERTY VS_STARTUP_PROJECT cryptoauth_test)
+    add_subdirectory(test)
+    set_property(DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR} PROPERTY VS_STARTUP_PROJECT cryptoauth_test)
 endif(BUILD_TESTS)
 
 # If we're installing the library then we'll add the global configuration files
 if(SETUP_INSTALLER)
-include(cmake/config_install.cmake)
+    include(cmake/config_install.cmake)
 endif()
diff --git a/README.md b/README.md
index a6f51e4f0..a3f5c2b33 100644
--- a/README.md
+++ b/README.md
@@ -188,3 +188,73 @@ Edit the mchp-cryptoauth.rules file and add the following line to the file:
 ```text
 SUBSYSTEM=="hidraw", ATTRS{idVendor}=="03eb", ATTRS{idProduct}=="2312", MODE="0666"
 ```
+
+
+## Incorporating CryptoAuthLib in a Zephyr Project
+
+CryptoAuthLib now builds as a proper Zephyr module and exposes its Kconfig options directly.
+
+### Out-of-tree Zephyr application
+
+Add this **before** your `find_package(Zephyr …)` in your top-level `CMakeLists.txt`:
+
+```cmake
+# Tell Zephyr where to find the CryptoAuthLib module
+set(EXTRA_ZEPHYR_MODULES ${CMAKE_CURRENT_SOURCE_DIR}/../modules/lib/cryptoauthlib)
+
+# Now discover Zephyr (and CryptoAuthLib)
+find_package(Zephyr REQUIRED HINTS $ENV{ZEPHYR_BASE})
+````
+
+### In-tree Zephyr workspace
+
+If you’ve placed CryptoAuthLib under `zephyr/modules/lib/cryptoauthlib`, simply:
+
+```cmake
+find_package(Zephyr REQUIRED HINTS $ENV{ZEPHYR_BASE})
+```
+
+and Zephyr will auto-scan its `modules/` folder.
+
+### Available Kconfig Options
+
+All of CryptoAuthLib’s Zephyr build flags are controlled via Kconfig. In your `prj.conf`, you can enable or disable:
+
+```conf
+# HAL drivers
+CONFIG_ATCA_HAL_I2C=y
+CONFIG_ATCA_HAL_SPI=n
+CONFIG_ATCA_HAL_KIT_HID=y
+# …
+
+# Library behavior
+CONFIG_ATCA_PRINTF=y
+CONFIG_ATCA_NO_HEAP=n
+CONFIG_ATCA_STRICT_C99=y
+# …
+
+# Crypto backends
+CONFIG_ATCA_MBEDTLS=y
+# …
+
+# Certificate & JWT
+CONFIG_ATCA_JWT_EN=y
+CONFIG_ATCACERT_COMPCERT_EN=y
+CONFIG_ATCACERT_FULLSTOREDCERT_EN=y
+# …
+
+# Device support
+CONFIG_ATCA_ATECC608_SUPPORT=y
+CONFIG_ATCA_ECC204_SUPPORT=y
+# …
+```
+
+When you build, these `CONFIG_ATCA_*` settings are automatically mapped into the corresponding `ATCA_*` CMake options, and into `atca_config.h`, so your source sees:
+
+```c
+#ifdef ATCA_HAL_I2C
+  // I2C driver code is compiled in
+#endif
+```
+
+This gives you seamless, Zephyr-style integration of CryptoAuthLib alongside your application.
diff --git a/cmake/zephyr_options.cmake b/cmake/zephyr_options.cmake
new file mode 100644
index 000000000..047ef67c6
--- /dev/null
+++ b/cmake/zephyr_options.cmake
@@ -0,0 +1,34 @@
+# zephyr_options.cmake
+# Map Zephyr Kconfig symbols (CONFIG_* variables) to our ATCA_* CMake options
+
+# Only run under Zephyr support
+if (ATCA_ZEPHYR_SUPPORT)
+    message(STATUS "Mapping Kconfig symbols to CryptoAuthLib CMake options...")
+
+    # List of all CryptoAuthLib options to map
+    set(_opts
+        HAL_I2C HAL_SPI HAL_CUSTOM HAL_KIT_HID HAL_KIT_BRIDGE HAL_KIT_UART HAL_SWI_UART
+        PRINTF NO_HEAP CHECK_PARAMS_EN ENABLE_DEPRECATED STRICT_C99 MULTIPART_BUF_EN
+        MBEDTLS WOLFSSL OPENSSL JWT_EN
+        ATCACERT_COMPCERT_EN ATCACERT_FULLSTOREDCERT_EN
+        TNGTLS_SUPPORT TNGLORA_SUPPORT TFLEX_SUPPORT TNG_LEGACY_SUPPORT
+        WPC_SUPPORT
+        ATCAC_SHA384_EN ATCAC_SHA512_EN
+        PKCS11
+        ATSHA204A_SUPPORT ATSHA206A_SUPPORT ATECC108A_SUPPORT ATECC508A_SUPPORT
+        ATECC608_SUPPORT ECC204_SUPPORT TA010_SUPPORT SHA104_SUPPORT SHA105_SUPPORT
+    )
+
+    foreach(opt IN LISTS _opts)
+        # Construct Kconfig var name, e.g. CONFIG_ATCA_HAL_I2C
+        set(_kconfig_var CONFIG_ATCA_${opt})
+        if(DEFINED ${_kconfig_var})
+            # Read its boolean value (y/n) into a CMake boolean
+            if(${_kconfig_var})
+                set(ATCA_${opt} ON CACHE BOOL "Auto-set from Kconfig (${_kconfig_var})" FORCE)
+            else()
+                set(ATCA_${opt} OFF CACHE BOOL "Auto-clear from Kconfig (${_kconfig_var})" FORCE)
+            endif()
+        endif()
+    endforeach()
+endif()
diff --git a/lib/CMakeLists.txt b/lib/CMakeLists.txt
index d88aa39c6..6f80a89a2 100644
--- a/lib/CMakeLists.txt
+++ b/lib/CMakeLists.txt
@@ -1,5 +1,11 @@
 cmake_minimum_required(VERSION 3.20.0)
-project(cryptoauth C)
+
+if (ATCA_ZEPHYR_SUPPORT)
+    project(cryptoauthlib NONE)
+    find_package(Zephyr REQUIRED HINTS $ENV{ZEPHYR_BASE})
+else()
+    project(cryptoauth C)
+endif()
 
 include(CheckSymbolExists)
 
@@ -24,6 +30,11 @@ option(ATCA_ENABLE_DEPRECATED "Enable the use of older APIs that that been repla
 option(ATCA_STRICT_C99 "Enable strict C99 compliance for the libray" OFF)
 option(MULTIPART_BUF_EN "Enable MultiPart Buffer" OFF)
 
+# Force-disable shared libs under Zephyr builds
+if (ATCA_ZEPHYR_SUPPORT)
+    set(ATCA_BUILD_SHARED_LIBS OFF CACHE BOOL "Disable shared libs under Zephyr" FORCE)
+endif()
+
 # Software Cryptographic backend for host crypto abstractions
 option(ATCA_MBEDTLS "Integrate with mbedtls" OFF)
 option(ATCA_WOLFSSL "Integrate with WolfSSL" OFF)
@@ -62,26 +73,21 @@ include(cmake/devices.cmake)
 
 # Preprocessor Warning option
 if (NOT MSVC)
-option(ATCA_PREPROCESSOR_WARNING "Enable preprocessor warning statements in library" OFF)
+    option(ATCA_PREPROCESSOR_WARNING "Enable preprocessor warning statements in library" OFF)
 else()
-SET(ATCA_PREPROCESSOR_WARNING OFF CACHE BOOL "Force the option to OFF since visual studio compiler does not support corresponding preprocessor directive" FORCE)
-endif()
-
-# RTOS Selection
-if (TARGET zephyr_interface)
-SET(ATCA_ZEPHYR_SUPPORT ON CACHE INTERNAL "Include zephyr hal drivers")
+    SET(ATCA_PREPROCESSOR_WARNING OFF CACHE BOOL "Force the option to OFF since visual studio compiler does not support corresponding preprocessor directive" FORCE)
 endif()
 
 # Check Integration Options
 if (ATCA_MBEDTLS AND (ATCA_WOLFSSL OR ATCA_OPENSSL))
-message(FATAL_ERROR "Only one external SSL/TLS library can be supported")
+    message(FATAL_ERROR "Only one external SSL/TLS library can be supported")
 elseif (ATCA_WOLFSSL AND (ATCA_MBEDTLS OR ATCA_OPENSSL))
-message(FATAL_ERROR "Only one external SSL/TLS library can be supported")
+    message(FATAL_ERROR "Only one external SSL/TLS library can be supported")
 endif()
 
 # Full certificate integration option
 if (ATCA_MBEDTLS OR ATCA_WOLFSSL OR ATCA_OPENSSL)
-option(ATCACERT_INTEGRATION_EN "Enable ATCACERT full certificate integration" ON)
+    option(ATCACERT_INTEGRATION_EN "Enable ATCACERT full certificate integration" ON)
 endif()
 
 # Check Platform Information
@@ -114,20 +120,20 @@ file(GLOB SHA206_API_SRC RELATIVE ${CMAKE_CURRENT_SOURCE_DIR} "../app/api_206a/*
 file(GLOB SHA206_API_INC RELATIVE ${CMAKE_CURRENT_SOURCE_DIR} "../app/api_206a/*.h")
 
 if(ATCA_PKCS11 AND (ATCA_TNGTLS_SUPPORT OR ATCA_TNGLORA_SUPPORT OR ATCA_TFLEX_SUPPORT))
-SET(TNG_SRC ${TNG_SRC} ../app/pkcs11/trust_pkcs11_config.c)
+    SET(TNG_SRC ${TNG_SRC} ../app/pkcs11/trust_pkcs11_config.c)
 endif()
 
 if(${CMAKE_VERSION} VERSION_GREATER "3.8.0")
-source_group(TREE ${CMAKE_CURRENT_SOURCE_DIR} FILES ${ATCACERT_SRC})
-source_group(TREE ${CMAKE_CURRENT_SOURCE_DIR} FILES ${CALIB_SRC})
-source_group(TREE ${CMAKE_CURRENT_SOURCE_DIR} FILES ${CRYPTO_SRC})
-source_group(TREE ${CMAKE_CURRENT_SOURCE_DIR} FILES ${HOST_SRC})
-source_group(TREE ${CMAKE_CURRENT_SOURCE_DIR} FILES ${JWT_SRC})
-source_group(TREE ${CMAKE_CURRENT_SOURCE_DIR} FILES ${PKCS11_SRC})
-if(ATCA_TNGTLS_SUPPORT OR ATCA_TNGLORA_SUPPORT OR ATCA_TFLEX_SUPPORT)
-source_group("App/Tng" FILES ${TNG_SRC})
-endif()
-source_group("App/Wpc" FILES ${WPC_SRC})
+    source_group(TREE ${CMAKE_CURRENT_SOURCE_DIR} FILES ${ATCACERT_SRC})
+    source_group(TREE ${CMAKE_CURRENT_SOURCE_DIR} FILES ${CALIB_SRC})
+    source_group(TREE ${CMAKE_CURRENT_SOURCE_DIR} FILES ${CRYPTO_SRC})
+    source_group(TREE ${CMAKE_CURRENT_SOURCE_DIR} FILES ${HOST_SRC})
+    source_group(TREE ${CMAKE_CURRENT_SOURCE_DIR} FILES ${JWT_SRC})
+    source_group(TREE ${CMAKE_CURRENT_SOURCE_DIR} FILES ${PKCS11_SRC})
+    if(ATCA_TNGTLS_SUPPORT OR ATCA_TNGLORA_SUPPORT OR ATCA_TFLEX_SUPPORT)
+        source_group("App/Tng" FILES ${TNG_SRC})
+    endif()
+    source_group("App/Wpc" FILES ${WPC_SRC})
 endif()
 
 if(EXISTS "${CMAKE_CURRENT_SOURCE_DIR}/talib" AND IS_DIRECTORY "${CMAKE_CURRENT_SOURCE_DIR}/talib")
@@ -154,15 +160,15 @@ endif(ATCA_OPENSSL)
 if (ATCA_ATSHA204A_SUPPORT OR ATCA_ATSHA206A_SUPPORT OR
     ATCA_ATECC108A_SUPPORT OR ATCA_ATECC508A_SUPPORT OR
     ATCA_ATECC608_SUPPORT OR ATCA_ECC204_SUPPORT OR ATCA_TA010_SUPPORT OR ATCA_SHA104_SUPPORT OR ATCA_SHA105_SUPPORT)
-set(LIB_SRC ${LIB_SRC} ${CALIB_SRC} ${HOST_SRC})
+    set(LIB_SRC ${LIB_SRC} ${CALIB_SRC} ${HOST_SRC})
 endif()
 
 if (ATCA_ATSHA206A_SUPPORT)
-set(LIB_SRC ${LIB_SRC} ${SHA206_API_SRC})
+    set(LIB_SRC ${LIB_SRC} ${SHA206_API_SRC})
 endif()
 
 if (ATCA_TNGTLS_SUPPORT OR ATCA_TNGLORA_SUPPORT OR ATCA_TFLEX_SUPPORT)
-set(LIB_SRC ${LIB_SRC} ${TNG_SRC})
+    set(LIB_SRC ${LIB_SRC} ${TNG_SRC})
 endif()
 
 # Add the basic sources to the library
@@ -178,101 +184,101 @@ set(CRYPTOAUTH_SRC ${LIB_SRC}
 set(HAL_INC hal/atca_hal.h)
 
 if(ATCA_HAL_KIT_HID)
-set(NEED_USB true)
+    set(NEED_USB true)
 endif()
 
 if(WIN32)
-set(CRYPTOAUTH_SRC ${CRYPTOAUTH_SRC} hal/hal_windows.c)
-set(HID_SRC ../third_party/hidapi/windows/hid.c)
+    set(CRYPTOAUTH_SRC ${CRYPTOAUTH_SRC} hal/hal_windows.c)
+    set(HID_SRC ../third_party/hidapi/windows/hid.c)
 elseif(APPLE)
-set(CRYPTOAUTH_SRC ${CRYPTOAUTH_SRC} hal/hal_linux.c)
-set(HID_SRC ../third_party/hidapi/mac/hid.c)
+    set(CRYPTOAUTH_SRC ${CRYPTOAUTH_SRC} hal/hal_linux.c)
+    set(HID_SRC ../third_party/hidapi/mac/hid.c)
 elseif(UNIX)
-set(CRYPTOAUTH_SRC ${CRYPTOAUTH_SRC} hal/hal_linux.c)
-set(TWI_SRC hal/hal_linux_i2c_userspace.c)
-set(SPI_SRC hal/hal_linux_spi_userspace.c)
-set(LINUX TRUE)
+    set(CRYPTOAUTH_SRC ${CRYPTOAUTH_SRC} hal/hal_linux.c)
+    set(TWI_SRC hal/hal_linux_i2c_userspace.c)
+    set(SPI_SRC hal/hal_linux_spi_userspace.c)
+    set(LINUX TRUE)
 endif()
 
 if(ATCA_ZEPHYR_SUPPORT)
-set(CRYPTOAUTH_SRC ${CRYPTOAUTH_SRC} ../third_party/hal/zephyr/hal_zephyr.c)
-SET(TWI_SRC ../third_party/hal/zephyr/hal_zephyr_i2c.c)
-SET(SPI_SRC ../third_party/hal/zephyr/hal_zephyr_spi.c)
+    set(CRYPTOAUTH_SRC ${CRYPTOAUTH_SRC} ../third_party/hal/zephyr/hal_zephyr.c)
+    SET(TWI_SRC ../third_party/hal/zephyr/hal_zephyr_i2c.c)
+    SET(SPI_SRC ../third_party/hal/zephyr/hal_zephyr_spi.c)
 endif()
 
 if(LINUX AND NEED_USB)
-find_path(LIBUSB_INCLUDE_DIR NAMES libusb.h PATH_SUFFIXES "include" "libusb" "libusb-1.0")
-find_path(LIBUDEV_INCLUDE_DIR NAMES libudev.h PATH_SUFFIXES "include")
-find_library(HAS_LIBUSB usb-1.0)
-find_library(HAS_LIBUDEV udev)
+    find_path(LIBUSB_INCLUDE_DIR NAMES libusb.h PATH_SUFFIXES "include" "libusb" "libusb-1.0")
+    find_path(LIBUDEV_INCLUDE_DIR NAMES libudev.h PATH_SUFFIXES "include")
+    find_library(HAS_LIBUSB usb-1.0)
+    find_library(HAS_LIBUDEV udev)
 
-if(HAS_LIBUSB AND LIBUSB_INCLUDE_DIR)
-set(LIBUSB_GOOD TRUE)
-endif()
+    if(HAS_LIBUSB AND LIBUSB_INCLUDE_DIR)
+        set(LIBUSB_GOOD TRUE)
+    endif()
 
-if(HAS_LIBUDEV AND LIBUDEV_INCLUDE_DIR)
-set(LIBUDEV_GOOD TRUE)
-endif()
+    if(HAS_LIBUDEV AND LIBUDEV_INCLUDE_DIR)
+        set(LIBUDEV_GOOD TRUE)
+    endif()
 
-if(LIBUDEV_GOOD)
-set(USE_UDEV TRUE)
-elseif(LIBUSB_GOOD)
-set(USE_LIBUSB TRUE)
-else()
-message(FATAL_ERROR, "Missing Build Dependencies for USB - install libusb-1.0-0-dev or libudev-dev")
-endif()
+    if(LIBUDEV_GOOD)
+        set(USE_UDEV TRUE)
+    elseif(LIBUSB_GOOD)
+        set(USE_LIBUSB TRUE)
+    else()
+        message(FATAL_ERROR, "Missing Build Dependencies for USB - install libusb-1.0-0-dev or libudev-dev")
+    endif()
 
 endif(LINUX AND NEED_USB)
 
 if(USE_UDEV)
-set(USB_INCLUDE_DIR ${LIBUDEV_INCLUDE_DIR})
-set(HID_SRC ../third_party/hidapi/linux/hid.c)
+    set(USB_INCLUDE_DIR ${LIBUDEV_INCLUDE_DIR})
+    set(HID_SRC ../third_party/hidapi/linux/hid.c)
 endif(USE_UDEV)
 
 if(USE_LIBUSB)
-set(USB_INCLUDE_DIR ${LIBUSB_INCLUDE_DIR})
-set(HID_SRC ../third_party/hidapi/libusb/hid.c)
+    set(USB_INCLUDE_DIR ${LIBUSB_INCLUDE_DIR})
+    set(HID_SRC ../third_party/hidapi/libusb/hid.c)
 endif(USE_LIBUSB)
 
 if(NEED_USB OR ATCA_HAL_KIT_UART)
-set(CRYPTOAUTH_SRC ${CRYPTOAUTH_SRC} hal/kit_protocol.c)
+    set(CRYPTOAUTH_SRC ${CRYPTOAUTH_SRC} hal/kit_protocol.c)
 endif()
 
 if(ATCA_HAL_KIT_HID)
-set(CRYPTOAUTH_SRC ${CRYPTOAUTH_SRC} ${HID_SRC} hal/hal_all_platforms_kit_hidapi.c)
+    set(CRYPTOAUTH_SRC ${CRYPTOAUTH_SRC} ${HID_SRC} hal/hal_all_platforms_kit_hidapi.c)
 endif(ATCA_HAL_KIT_HID)
 
 if(ATCA_HAL_KIT_UART OR ATCA_HAL_SWI_UART)
-if(WIN32)
-set(CRYPTOAUTH_SRC ${CRYPTOAUTH_SRC} hal/hal_windows_kit_uart.c)
-elseif(LINUX OR APPLE)
-set(CRYPTOAUTH_SRC ${CRYPTOAUTH_SRC} hal/hal_linux_uart_userspace.c)
-endif()
+    if(WIN32)
+        set(CRYPTOAUTH_SRC ${CRYPTOAUTH_SRC} hal/hal_windows_kit_uart.c)
+    elseif(LINUX OR APPLE)
+        set(CRYPTOAUTH_SRC ${CRYPTOAUTH_SRC} hal/hal_linux_uart_userspace.c)
+    endif()
 endif()
 
 if(ATCA_HAL_I2C)
-set(CRYPTOAUTH_SRC ${CRYPTOAUTH_SRC} ${TWI_SRC})
+    set(CRYPTOAUTH_SRC ${CRYPTOAUTH_SRC} ${TWI_SRC})    
 endif(ATCA_HAL_I2C)
 
 if(ATCA_HAL_SPI)
-set(CRYPTOAUTH_SRC ${CRYPTOAUTH_SRC} ${SPI_SRC})
+    set(CRYPTOAUTH_SRC ${CRYPTOAUTH_SRC} ${SPI_SRC})
 endif(ATCA_HAL_SPI)
 
 if(ATCA_HAL_SWI_UART)
-set(CRYPTOAUTH_SRC ${CRYPTOAUTH_SRC} hal/hal_swi_uart.c)
+    set(CRYPTOAUTH_SRC ${CRYPTOAUTH_SRC} hal/hal_swi_uart.c)
 endif(ATCA_HAL_SWI_UART)
 
 if(ATCA_HAL_KIT_BRIDGE)
-set(CRYPTOAUTH_SRC ${CRYPTOAUTH_SRC} hal/hal_kit_bridge.c)
+    set(CRYPTOAUTH_SRC ${CRYPTOAUTH_SRC} hal/hal_kit_bridge.c)
 endif(ATCA_HAL_KIT_BRIDGE)
 
 if(ATCA_WPC_SUPPORT)
-set(CRYPTOAUTH_SRC ${CRYPTOAUTH_SRC} ${WPC_SRC})
+    set(CRYPTOAUTH_SRC ${CRYPTOAUTH_SRC} ${WPC_SRC})
 endif(ATCA_WPC_SUPPORT)
 
 # Add Remaining Sources depending on target library type
 if(ATCA_MBEDTLS)
-set(CRYPTOAUTH_SRC ${CRYPTOAUTH_SRC} ${MBEDTLS_SRC})
+    set(CRYPTOAUTH_SRC ${CRYPTOAUTH_SRC} ${MBEDTLS_SRC})
 endif()
 
 if(ATCA_PKCS11)
@@ -290,134 +296,200 @@ add_definitions(-DATCA_BUILD_SHARED_LIBS)
 set(CRYPTOAUTH_SRC ${CRYPTOAUTH_SRC} atca_utils_sizes.c)
 endif(ATCA_BUILD_SHARED_LIBS)
 
-add_library(cryptoauth ${CRYPTOAUTH_SRC} ${ATCACERT_DEF_SRC})
-if (ATCA_TA_SUPPORT)
-add_subdirectory(talib)
-endif()
+if (ATCA_ZEPHYR_SUPPORT)        
+    zephyr_library()
+    
+    zephyr_library_sources(${CRYPTOAUTH_SRC})
+
+    zephyr_library_include_directories(
+        ${ZEPHYR_INCLUDE_DIRS}
+        ${CMAKE_CURRENT_BINARY_DIR}
+        ${CMAKE_CURRENT_SOURCE_DIR}
+        ${CMAKE_CURRENT_SOURCE_DIR}/hal        
+        ${CMAKE_CURRENT_SOURCE_DIR}/../app/tng
+        ${CMAKE_CURRENT_SOURCE_DIR}/../third_party
+    )
+
+    zephyr_include_directories(
+        ${CMAKE_CURRENT_BINARY_DIR}
+        ${CMAKE_CURRENT_SOURCE_DIR}
+    )    
+
+    if (ATCA_TA_SUPPORT)
+        add_subdirectory(talib)
+    endif()
 
-set_target_properties(cryptoauth PROPERTIES C_STANDARD 99 VERSION ${VERSION} SOVERSION ${VERSION_MAJOR})
+    if(HAS_MALLOC)
+        set(ATCA_PLATFORM_MALLOC malloc CACHE STRING "" FORCE)
+    endif()
+    if(HAS_FREE)
+        set(ATCA_PLATFORM_FREE free CACHE STRING "" FORCE)
+    endif()
+    if(HAS_STRCASESTR)
+        set(ATCA_PLATFORM_STRCASESTR strcasestr CACHE STRING "" FORCE)
+    endif()
+    if(HAS_MEMSET_S)
+        set(ATCA_PLATFORM_MEMSET_S memset_s CACHE STRING "" FORCE)
+    endif()
 
-if(HAS_MALLOC)
-set(ATCA_PLATFORM_MALLOC malloc CACHE STRING "" FORCE)
-endif(HAS_MALLOC)
+    if(BUILD_TESTS)
+        set(ATCA_TESTS_ENABLED ON CACHE INTERNAL "")
+    endif()
 
-if(HAS_FREE)
-set(ATCA_PLATFORM_FREE free CACHE STRING "" FORCE)
-endif(HAS_FREE)
+    configure_file(atca_config.h.in atca_config.h @ONLY)
 
-if(HAS_STRCASESTR)
-set(ATCA_PLATFORM_STRCASESTR strcasestr CACHE STRING "" FORCE)
-endif(HAS_STRCASESTR)
+    if (ATCA_MBEDTLS)
+        zephyr_library_link_libraries(mbedtls)
+    endif()
+    if (ATCA_WOLFSSL)
+        zephyr_library_link_libraries(wolfssl)
+    endif()
+    if (ATCA_OPENSSL)
+        zephyr_library_include_directories(${OPENSSL_INCLUDE_DIR})
+        zephyr_library_link_libraries(${OPENSSL_CRYPTO_LIBRARY})
+    endif()
 
-if(HAS_MEMSET_S)
-set(ATCA_PLATFORM_MEMSET_S memset_s CACHE STRING "" FORCE)
-endif(HAS_MEMSET_S)
+    zephyr_library_compile_options(
+        -ffile-prefix-map=${CMAKE_CURRENT_SOURCE_DIR}=.
+        -fmacro-prefix-map=${CMAKE_CURRENT_SOURCE_DIR}=.
+        -Wall -Wextra
+    )
 
-if(BUILD_TESTS)
-set(ATCA_TESTS_ENABLED ON CACHE INTERNAL "")
-endif(BUILD_TESTS)
+    if (ATCA_STRICT_C99)
+        zephyr_library_compile_options(-Wpedantic)
+    endif()
 
-configure_file(atca_config.h.in atca_config.h @ONLY)
-set(LIB_INC ${LIB_INC} ${CMAKE_CURRENT_BINARY_DIR}/atca_config.h)
+else()
+    add_library(cryptoauth ${CRYPTOAUTH_SRC} ${ATCACERT_DEF_SRC})
 
-include_directories(cryptoauth PUBLIC ${CMAKE_CURRENT_BINARY_DIR}
-                                      ${CMAKE_CURRENT_SOURCE_DIR}
-                                      ${CMAKE_BINARY_DIR}/downloaded
-                                      ../app/tng
-                                      ../third_party
-                                      ../third_party/hidapi/hidapi
-                                      ${USB_INCLUDE_DIR})
+    if (ATCA_TA_SUPPORT)
+        add_subdirectory(talib)
+    endif()
 
-if(APPLE)
-include_directories(cryptoauth PUBLIC ../third_party/hidapi/mac) 
-endif()
+    set_target_properties(cryptoauth PROPERTIES C_STANDARD 99 VERSION ${VERSION} SOVERSION ${VERSION_MAJOR})
 
-if(ATCA_MBEDTLS)
-target_link_libraries(cryptoauth mbedtls)
-endif()
+    if(HAS_MALLOC)
+        set(ATCA_PLATFORM_MALLOC malloc CACHE STRING "" FORCE)
+    endif(HAS_MALLOC)
 
-if(ATCA_WOLFSSL)
-target_link_libraries(cryptoauth wolfssl)
-endif()
+    if(HAS_FREE)
+        set(ATCA_PLATFORM_FREE free CACHE STRING "" FORCE)
+    endif(HAS_FREE)
 
-if(ATCA_OPENSSL)
-include_directories(cryptoauth PUBLIC ${OPENSSL_INCLUDE_DIR})
-target_link_libraries(cryptoauth ${OPENSSL_CRYPTO_LIBRARY})
-endif()
+    if(HAS_STRCASESTR)
+        set(ATCA_PLATFORM_STRCASESTR strcasestr CACHE STRING "" FORCE)
+    endif(HAS_STRCASESTR)
 
-if(WIN32)
-set_target_properties(cryptoauth PROPERTIES WINDOWS_EXPORT_ALL_SYMBOLS true)
-target_link_libraries(cryptoauth setupapi.lib)
-endif(WIN32)
-
-if(APPLE)
-find_library(IO_KIT_LIB IOKit)
-find_library(CORE_LIB CoreFoundation)
-target_link_libraries(cryptoauth ${IO_KIT_LIB} ${CORE_LIB})
-endif()
+    if(HAS_MEMSET_S)
+        set(ATCA_PLATFORM_MEMSET_S memset_s CACHE STRING "" FORCE)
+    endif(HAS_MEMSET_S)
 
-if(LINUX)
-add_definitions(-DATCA_USE_SHARED_MUTEX)
-if(USE_LIBUSB)
-target_link_libraries(cryptoauth usb-1.0)
-elseif(USE_UDEV)
-target_link_libraries(cryptoauth udev)
-endif()
-target_link_libraries(cryptoauth rt)
-endif(LINUX)
-
-if(NOT MSVC)
-target_compile_options(cryptoauth PRIVATE -ffile-prefix-map=${CMAKE_CURRENT_SOURCE_DIR}=.
-                                                   -fmacro-prefix-map=${CMAKE_CURRENT_SOURCE_DIR}=.)
-#target_compile_options(cryptoauth PRIVATE -Wall -Wextra -Werror)
-target_compile_options(cryptoauth PRIVATE -Wall -Wextra)
-endif()
+    if(BUILD_TESTS)
+        set(ATCA_TESTS_ENABLED ON CACHE INTERNAL "")
+    endif(BUILD_TESTS)
 
-if(ATCA_STRICT_C99)
-set_property(TARGET cryptoauth PROPERTY C_STANDARD 99)
-if(NOT MSVC)
-target_compile_options(cryptoauth PRIVATE -Wpedantic)
-endif()
-endif()
+    configure_file(atca_config.h.in atca_config.h @ONLY)
+    set(LIB_INC ${LIB_INC} ${CMAKE_CURRENT_BINARY_DIR}/atca_config.h)
 
-if(NOT MSVC AND ATCA_HAL_KIT_HID)
-set_source_files_properties(${HID_SRC} PROPERTIES COMPILE_FLAGS "-w")
-endif()
+    include_directories(cryptoauth PUBLIC ${CMAKE_CURRENT_BINARY_DIR}
+                                        ${CMAKE_CURRENT_SOURCE_DIR}
+                                        ${CMAKE_BINARY_DIR}/downloaded
+                                        ../app/tng
+                                        ../third_party
+                                        ../third_party/hidapi/hidapi
+                                        ${USB_INCLUDE_DIR})
 
-if(DEFAULT_LIB_PATH)
-if(${CMAKE_VERSION} VERSION_GREATER "3.12.0")
-install(TARGETS ${PROJECT_NAME}
-        LIBRARY
-          DESTINATION ${DEFAULT_LIB_PATH}
-          COMPONENT Libraries
-          NAMELINK_COMPONENT Development)
-else()
-install(TARGETS ${PROJECT_NAME}
-        LIBRARY
-          DESTINATION ${DEFAULT_LIB_PATH}
-          COMPONENT Libraries)
-endif()
-endif(DEFAULT_LIB_PATH)
-
-if(DEFAULT_INC_PATH)
-install(FILES ${LIB_INC} DESTINATION ${DEFAULT_INC_PATH} COMPONENT Development)
-install(FILES ${HAL_INC} DESTINATION ${DEFAULT_INC_PATH}/hal COMPONENT Development)
-install(FILES ${ATCACERT_INC} DESTINATION ${DEFAULT_INC_PATH}/atcacert COMPONENT Development)
-install(FILES ${CALIB_INC} DESTINATION ${DEFAULT_INC_PATH}/calib COMPONENT Development)
-install(FILES ${CRYPTO_INC} DESTINATION ${DEFAULT_INC_PATH}/crypto COMPONENT Development)
-install(FILES ${CRYPTO_HASHES_INC} DESTINATION ${DEFAULT_INC_PATH}/crypto/hashes COMPONENT Development)
-install(FILES ${HOST_INC} DESTINATION ${DEFAULT_INC_PATH}/host COMPONENT Development)
-install(FILES ${JWT_INC} DESTINATION ${DEFAULT_INC_PATH}/jwt COMPONENT Development)
-install(FILES ${TNG_INC} DESTINATION ${DEFAULT_INC_PATH}/app/tng COMPONENT Development)
-install(FILES ${WPC_INC} DESTINATION ${DEFAULT_INC_PATH}/app/wpc COMPONENT Development)
-install(FILES ${SHA206_API_INC} DESTINATION ${DEFAULT_INC_PATH}/app/api_206a COMPONENT Development)
-if(ATCA_MBEDTLS)
-install(FILES ${CMAKE_CURRENT_SOURCE_DIR}/mbedtls/atca_mbedtls_interface.h DESTINATION ${DEFAULT_INC_PATH}/mbedtls COMPONENT Development)
-endif(ATCA_MBEDTLS)
-if(ATCA_OPENSSL)
-install(FILES ${CMAKE_CURRENT_SOURCE_DIR}/openssl/atca_openssl_interface.h DESTINATION ${DEFAULT_INC_PATH}/openssl COMPONENT Development)
-endif(ATCA_OPENSSL)
-if(ATCA_WOLFSSL)
-install(FILES ${CMAKE_CURRENT_SOURCE_DIR}/wolfssl/atca_wolfssl_interface.h DESTINATION ${DEFAULT_INC_PATH}/wolfssl COMPONENT Development)
-endif(ATCA_WOLFSSL)
-endif(DEFAULT_INC_PATH)
+    if(APPLE)
+        include_directories(cryptoauth PUBLIC ../third_party/hidapi/mac) 
+    endif()
+
+    if(ATCA_MBEDTLS)
+        target_link_libraries(cryptoauth mbedtls)
+    endif()
+
+    if(ATCA_WOLFSSL)
+        target_link_libraries(cryptoauth wolfssl)
+    endif()
+
+    if(ATCA_OPENSSL)
+        include_directories(cryptoauth PUBLIC ${OPENSSL_INCLUDE_DIR})
+        target_link_libraries(cryptoauth ${OPENSSL_CRYPTO_LIBRARY})
+    endif()
+
+    if(WIN32)
+        set_target_properties(cryptoauth PROPERTIES WINDOWS_EXPORT_ALL_SYMBOLS true)
+        target_link_libraries(cryptoauth setupapi.lib)
+    endif(WIN32)
+
+    if(APPLE)
+        find_library(IO_KIT_LIB IOKit)
+        find_library(CORE_LIB CoreFoundation)
+        target_link_libraries(cryptoauth ${IO_KIT_LIB} ${CORE_LIB})
+    endif()
+
+    if(LINUX)
+        add_definitions(-DATCA_USE_SHARED_MUTEX)
+        if(USE_LIBUSB)
+            target_link_libraries(cryptoauth usb-1.0)
+        elseif(USE_UDEV)
+            target_link_libraries(cryptoauth udev)
+        endif()
+        target_link_libraries(cryptoauth rt)
+    endif(LINUX)
+
+    if(NOT MSVC)
+        target_compile_options(cryptoauth PRIVATE -ffile-prefix-map=${CMAKE_CURRENT_SOURCE_DIR}=.
+                                                        -fmacro-prefix-map=${CMAKE_CURRENT_SOURCE_DIR}=.)
+        #target_compile_options(cryptoauth PRIVATE -Wall -Wextra -Werror)
+        target_compile_options(cryptoauth PRIVATE -Wall -Wextra)
+    endif()
+
+    if(ATCA_STRICT_C99)
+        set_property(TARGET cryptoauth PROPERTY C_STANDARD 99)
+        if(NOT MSVC)
+            target_compile_options(cryptoauth PRIVATE -Wpedantic)
+        endif()
+    endif()
+
+    if(NOT MSVC AND ATCA_HAL_KIT_HID)
+        set_source_files_properties(${HID_SRC} PROPERTIES COMPILE_FLAGS "-w")
+    endif()
+
+    if(DEFAULT_LIB_PATH)
+        if(${CMAKE_VERSION} VERSION_GREATER "3.12.0")
+            install(TARGETS ${PROJECT_NAME}
+                    LIBRARY
+                    DESTINATION ${DEFAULT_LIB_PATH}
+                    COMPONENT Libraries
+                    NAMELINK_COMPONENT Development)
+        else()
+            install(TARGETS ${PROJECT_NAME}
+                    LIBRARY
+                    DESTINATION ${DEFAULT_LIB_PATH}
+                    COMPONENT Libraries)
+        endif()
+    endif(DEFAULT_LIB_PATH)
+
+    if(DEFAULT_INC_PATH)
+        install(FILES ${LIB_INC} DESTINATION ${DEFAULT_INC_PATH} COMPONENT Development)
+        install(FILES ${HAL_INC} DESTINATION ${DEFAULT_INC_PATH}/hal COMPONENT Development)
+        install(FILES ${ATCACERT_INC} DESTINATION ${DEFAULT_INC_PATH}/atcacert COMPONENT Development)
+        install(FILES ${CALIB_INC} DESTINATION ${DEFAULT_INC_PATH}/calib COMPONENT Development)
+        install(FILES ${CRYPTO_INC} DESTINATION ${DEFAULT_INC_PATH}/crypto COMPONENT Development)
+        install(FILES ${CRYPTO_HASHES_INC} DESTINATION ${DEFAULT_INC_PATH}/crypto/hashes COMPONENT Development)
+        install(FILES ${HOST_INC} DESTINATION ${DEFAULT_INC_PATH}/host COMPONENT Development)
+        install(FILES ${JWT_INC} DESTINATION ${DEFAULT_INC_PATH}/jwt COMPONENT Development)
+        install(FILES ${TNG_INC} DESTINATION ${DEFAULT_INC_PATH}/app/tng COMPONENT Development)
+        install(FILES ${WPC_INC} DESTINATION ${DEFAULT_INC_PATH}/app/wpc COMPONENT Development)
+        install(FILES ${SHA206_API_INC} DESTINATION ${DEFAULT_INC_PATH}/app/api_206a COMPONENT Development)
+        if(ATCA_MBEDTLS)
+            install(FILES ${CMAKE_CURRENT_SOURCE_DIR}/mbedtls/atca_mbedtls_interface.h DESTINATION ${DEFAULT_INC_PATH}/mbedtls COMPONENT Development)
+        endif(ATCA_MBEDTLS)
+        if(ATCA_OPENSSL)
+            install(FILES ${CMAKE_CURRENT_SOURCE_DIR}/openssl/atca_openssl_interface.h DESTINATION ${DEFAULT_INC_PATH}/openssl COMPONENT Development)
+        endif(ATCA_OPENSSL)
+        if(ATCA_WOLFSSL)
+            install(FILES ${CMAKE_CURRENT_SOURCE_DIR}/wolfssl/atca_wolfssl_interface.h DESTINATION ${DEFAULT_INC_PATH}/wolfssl COMPONENT Development)
+        endif(ATCA_WOLFSSL)
+    endif(DEFAULT_INC_PATH)
+endif()
\ No newline at end of file
diff --git a/third_party/hal/zephyr/hal_zephyr.c b/third_party/hal/zephyr/hal_zephyr.c
index 66f8d0ec3..eddfda5c6 100644
--- a/third_party/hal/zephyr/hal_zephyr.c
+++ b/third_party/hal/zephyr/hal_zephyr.c
@@ -6,12 +6,10 @@
 
 #include "hal/atca_hal.h"
 
-#include <zephyr.h>
-#include <kernel.h>
-
+#include <zephyr/kernel.h>
 
 #ifndef ATCA_MUTEX_TIMEOUT
-#define ATCA_MUTEX_TIMEOUT  K_FOREVER
+#define ATCA_MUTEX_TIMEOUT K_FOREVER
 #endif
 
 /**
@@ -23,16 +21,16 @@
    @{ */
 
 #if !defined(ATCA_PLATFORM_MALLOC)
-void*   hal_malloc(size_t size)
+void *hal_malloc(size_t size)
 {
-    return k_malloc(size);
+	return k_malloc(size);
 }
 #endif
 
 #if !defined(ATCA_PLATFORM_FREE)
-void    hal_free(void* ptr)
+void hal_free(void *ptr)
 {
-    k_free(ptr);
+	k_free(ptr);
 }
 #endif
 
@@ -42,7 +40,7 @@ void    hal_free(void* ptr)
  */
 void hal_delay_us(uint32_t delay)
 {
-    k_busy_wait(delay);
+	k_busy_wait(delay);
 }
 
 /** \brief This function delays for a number of tens of microseconds.
@@ -51,10 +49,9 @@ void hal_delay_us(uint32_t delay)
  */
 void hal_delay_10us(uint32_t delay)
 {
-    k_usleep(delay * 10);
+	k_usleep(delay * 10);
 }
 
-
 /** \brief This function delays for a number of milliseconds.
  *
  *         You can override this function if you like to do
@@ -65,70 +62,61 @@ void hal_delay_10us(uint32_t delay)
 /* ASF already has delay_ms - see delay.h */
 void hal_delay_ms(uint32_t delay)
 {
-    hal_delay_us(delay * 1000);
+	hal_delay_us(delay * 1000);
 }
 
-
-ATCA_STATUS hal_create_mutex(void ** ppMutex, char* pName)
+ATCA_STATUS hal_create_mutex(void **ppMutex, const char *pName)
 {
-    (void)pName;
+	(void)pName;
 
-    if (!ppMutex)
-    {
-        return ATCA_BAD_PARAM;
-    }
+	if (!ppMutex) {
+		return ATCA_BAD_PARAM;
+	}
 
-    (*ppMutex) = (struct k_mutex*)k_malloc(sizeof(struct k_mutex));
+	(*ppMutex) = (struct k_mutex *)k_malloc(sizeof(struct k_mutex));
 
-    if (!*ppMutex)
-    {
-        return ATCA_FUNC_FAIL;
-    }
+	if (!*ppMutex) {
+		return ATCA_FUNC_FAIL;
+	}
 
-    k_mutex_init((struct k_mutex*)(*ppMutex));
+	k_mutex_init((struct k_mutex *)(*ppMutex));
 
-    return ATCA_SUCCESS;
+	return ATCA_SUCCESS;
 }
 
-ATCA_STATUS hal_destroy_mutex(void * pMutex)
+ATCA_STATUS hal_destroy_mutex(void *pMutex)
 {
-    if (!pMutex)
-    {
-        return ATCA_BAD_PARAM;
-    }
+	if (!pMutex) {
+		return ATCA_BAD_PARAM;
+	}
 
-    k_free(pMutex);
+	k_free(pMutex);
 
-    return ATCA_SUCCESS;
+	return ATCA_SUCCESS;
 }
 
-ATCA_STATUS hal_lock_mutex(void * pMutex)
+ATCA_STATUS hal_lock_mutex(void *pMutex)
 {
-    if (!pMutex)
-    {
-        return ATCA_BAD_PARAM;
-    }
-
-    if (k_mutex_lock((struct k_mutex*)pMutex, ATCA_MUTEX_TIMEOUT))
-    {
-        return ATCA_GEN_FAIL;
-    }
-    else
-    {
-        return ATCA_SUCCESS;
-    }
+	if (!pMutex) {
+		return ATCA_BAD_PARAM;
+	}
+
+	if (k_mutex_lock((struct k_mutex *)pMutex, ATCA_MUTEX_TIMEOUT)) {
+		return ATCA_GEN_FAIL;
+	} else {
+		return ATCA_SUCCESS;
+	}
 }
 
-ATCA_STATUS hal_unlock_mutex(void * pMutex)
+ATCA_STATUS hal_unlock_mutex(void *pMutex)
 {
-    if (!pMutex)
-    {
-        return ATCA_BAD_PARAM;
-    }
+	if (!pMutex) {
+		return ATCA_BAD_PARAM;
+	}
 
-    k_mutex_unlock((struct k_mutex*)pMutex);
+	k_mutex_unlock((struct k_mutex *)pMutex);
 
-    return ATCA_SUCCESS;
+	return ATCA_SUCCESS;
 }
 
 /** @} */
diff --git a/third_party/hal/zephyr/hal_zephyr_i2c.c b/third_party/hal/zephyr/hal_zephyr_i2c.c
index f7877aa3a..8a05587d8 100644
--- a/third_party/hal/zephyr/hal_zephyr_i2c.c
+++ b/third_party/hal/zephyr/hal_zephyr_i2c.c
@@ -4,7 +4,7 @@
  * SPDX-License-Identifier: Apache-2.0
  */
 
-#include <drivers/i2c.h>
+#include <zephyr/drivers/i2c.h>
 
 #include "hal/atca_hal.h"
 
@@ -15,49 +15,39 @@
  *
    @{ */
 
-
 /** \brief The function return pre defined macro value for corrsponding i2c speed
- * 
+ *
  *  \param[in] speed   As input, i2c clock speed in HZ
- * 
+ *
  *  \return Zephyr I2C speed constant
  */
 static uint32_t hal_zephyr_i2c_convert_speed(const uint32_t speed)
 {
-    if (400000 < speed)
-    {
-        return I2C_SPEED_FAST_PLUS;
-    }
-    else if (100000 < speed)
-    {
-        return I2C_SPEED_FAST;
-    }
-    else
-    {
-        return I2C_SPEED_STANDARD;
-    }
+	if (400000 < speed) {
+		return I2C_SPEED_FAST_PLUS;
+	} else if (100000 < speed) {
+		return I2C_SPEED_FAST;
+	} else {
+		return I2C_SPEED_STANDARD;
+	}
 }
 
 /** \brief Configure the zephyr i2c peripheral
  *  \return ATCA_SUCCESS otherwise an error
  */
-static ATCA_STATUS hal_zephyr_i2c_configure(
-    const struct device *   zdev,            /**< Zephyr device to configure */
-    const uint32_t          speed            /**< baud rate (typically 100000 or 400000) */
+static ATCA_STATUS
+hal_zephyr_i2c_configure(const struct device *zdev, /**< Zephyr device to configure */
+			 const uint32_t speed       /**< baud rate (typically 100000 or 400000) */
 )
 {
-    uint32_t i2c_cfg = I2C_MODE_MASTER | I2C_SPEED_SET(hal_zephyr_i2c_convert_speed(speed));
-
-    if (i2c_configure(zdev, i2c_cfg)) 
-    {
-        return ATCA_GEN_FAIL;
-    }
-    else
-    {
-        return ATCA_SUCCESS;
-    }
-}
+	uint32_t i2c_cfg = I2C_MODE_CONTROLLER | I2C_SPEED_SET(hal_zephyr_i2c_convert_speed(speed));
 
+	if (i2c_configure(zdev, i2c_cfg)) {
+		return ATCA_GEN_FAIL;
+	} else {
+		return ATCA_SUCCESS;
+	}
+}
 
 /** \brief HAL implementation of I2C init
  *
@@ -69,28 +59,24 @@ static ATCA_STATUS hal_zephyr_i2c_configure(
  * \return ATCA_SUCCESS on success, otherwise an error code.
  */
 
-ATCA_STATUS hal_i2c_init(ATCAIface iface, ATCAIfaceCfg* cfg)
+ATCA_STATUS hal_i2c_init(ATCAIface iface, ATCAIfaceCfg *cfg)
 {
-    ATCA_STATUS status = ATCA_BAD_PARAM;
-
-    if (iface && cfg && cfg->cfg_data)
-    {
-        if (!iface->hal_data)
-        {
-            const struct device * zdev = device_get_binding(cfg->cfg_data);
-
-            if (ATCA_SUCCESS == (status = hal_zephyr_i2c_configure(zdev, cfg->atcai2c.baud)))
-            {
-                iface->hal_data = (void*)zdev;
-            }
-        }
-        else
-        {
-            status = ATCA_SUCCESS;
-        }
-    }
-
-    return status;
+	ATCA_STATUS status = ATCA_BAD_PARAM;
+
+	if (iface && cfg && cfg->cfg_data) {
+		if (!iface->hal_data) {
+			const struct device *zdev = device_get_binding(cfg->cfg_data);
+
+			if (ATCA_SUCCESS ==
+			    (status = hal_zephyr_i2c_configure(zdev, cfg->atcai2c.baud))) {
+				iface->hal_data = (void *)zdev;
+			}
+		} else {
+			status = ATCA_SUCCESS;
+		}
+	}
+
+	return status;
 }
 
 /** \brief HAL implementation of I2C post init
@@ -99,8 +85,8 @@ ATCA_STATUS hal_i2c_init(ATCAIface iface, ATCAIfaceCfg* cfg)
  */
 ATCA_STATUS hal_i2c_post_init(ATCAIface iface)
 {
-    ((void)iface);
-    return ATCA_SUCCESS;
+	((void)iface);
+	return ATCA_SUCCESS;
 }
 
 /** \brief HAL implementation of I2C send
@@ -113,18 +99,16 @@ ATCA_STATUS hal_i2c_post_init(ATCAIface iface)
 
 ATCA_STATUS hal_i2c_send(ATCAIface iface, uint8_t address, uint8_t *txdata, int txlength)
 {
-    struct device * zdev = (struct device *)atgetifacehaldat(iface);
-
-    if (!zdev || (0 == txlength) || (NULL == txdata))
-    {
-        return ATCA_BAD_PARAM;
-    }
-    if (i2c_write(zdev, txdata, txlength, (address >> 0x1)))
-    {
-        return ATCA_TX_FAIL;
-    }
-     
-    return ATCA_SUCCESS;
+	struct device *zdev = (struct device *)atgetifacehaldat(iface);
+
+	if (!zdev || (0 == txlength) || (NULL == txdata)) {
+		return ATCA_BAD_PARAM;
+	}
+	if (i2c_write(zdev, txdata, txlength, (address >> 0x1))) {
+		return ATCA_TX_FAIL;
+	}
+
+	return ATCA_SUCCESS;
 }
 
 /** \brief HAL implementation of I2C receive function
@@ -137,19 +121,17 @@ ATCA_STATUS hal_i2c_send(ATCAIface iface, uint8_t address, uint8_t *txdata, int
  */
 ATCA_STATUS hal_i2c_receive(ATCAIface iface, uint8_t address, uint8_t *rxdata, uint16_t *rxlength)
 {
-    struct device * zdev = (struct device *)atgetifacehaldat(iface);
+	struct device *zdev = (struct device *)atgetifacehaldat(iface);
 
-    if (!zdev || (NULL == rxlength) || (NULL == rxdata))
-    {
-        return ATCA_BAD_PARAM;
-    }
+	if (!zdev || (NULL == rxlength) || (NULL == rxdata)) {
+		return ATCA_BAD_PARAM;
+	}
 
-    if (i2c_read(zdev, rxdata, *rxlength, (address >> 0x1)))
-    {
-        return ATCA_RX_FAIL;
-    }
+	if (i2c_read(zdev, rxdata, *rxlength, (address >> 0x1))) {
+		return ATCA_RX_FAIL;
+	}
 
-    return ATCA_SUCCESS;
+	return ATCA_SUCCESS;
 }
 
 /** \brief Perform control operations for the kit protocol
@@ -159,25 +141,21 @@ ATCA_STATUS hal_i2c_receive(ATCAIface iface, uint8_t address, uint8_t *rxdata, u
  * \param[in]     paramlen       Length of the parameter
  * \return ATCA_SUCCESS on success, otherwise an error code.
  */
-ATCA_STATUS hal_i2c_control(ATCAIface iface, uint8_t option, void* param, size_t paramlen)
+ATCA_STATUS hal_i2c_control(ATCAIface iface, uint8_t option, void *param, size_t paramlen)
 {
-    (void)param;
-    (void)paramlen;
-
-    struct device * zdev = (struct device *)atgetifacehaldat(iface);
-
-    if (zdev)
-    {
-        if (ATCA_HAL_CHANGE_BAUD == option && sizeof(uint32_t) == paramlen)
-        {
-            return hal_zephyr_i2c_configure(zdev, *(uint32_t*)param);
-        }
-        else
-        {
-            return ATCA_UNIMPLEMENTED;
-        }
-    }
-    return ATCA_BAD_PARAM;
+	(void)param;
+	(void)paramlen;
+
+	struct device *zdev = (struct device *)atgetifacehaldat(iface);
+
+	if (zdev) {
+		if (ATCA_HAL_CHANGE_BAUD == option && sizeof(uint32_t) == paramlen) {
+			return hal_zephyr_i2c_configure(zdev, *(uint32_t *)param);
+		} else {
+			return ATCA_UNIMPLEMENTED;
+		}
+	}
+	return ATCA_BAD_PARAM;
 }
 
 /** \brief manages reference count on given bus and releases resource if no more refences exist
@@ -187,7 +165,7 @@ ATCA_STATUS hal_i2c_control(ATCAIface iface, uint8_t option, void* param, size_t
 
 ATCA_STATUS hal_i2c_release(void *hal_data)
 {
-    return ATCA_SUCCESS;
+	return ATCA_SUCCESS;
 }
 
 /** @} */
diff --git a/third_party/hal/zephyr/hal_zephyr_spi.c b/third_party/hal/zephyr/hal_zephyr_spi.c
index 6665d6324..74d07b342 100644
--- a/third_party/hal/zephyr/hal_zephyr_spi.c
+++ b/third_party/hal/zephyr/hal_zephyr_spi.c
@@ -4,10 +4,8 @@
  * SPDX-License-Identifier: Apache-2.0
  */
 
-#include <zephyr.h>
-#include <kernel.h>
-#include <drivers/spi.h>
-
+#include <zephyr/kernel.h>
+#include <zephyr/drivers/spi.h>
 
 #include "hal/atca_hal.h"
 #include "hal_zephyr_spi.h"
@@ -19,11 +17,10 @@
  *
    @{ */
 
-typedef struct atca_spi_host_s
-{
-    struct device *     dev;
-    struct spi_cs_control cs;
-    struct spi_config   cfg;
+typedef struct atca_spi_host_s {
+	struct device *dev;
+	struct spi_cs_control cs;
+	struct spi_config cfg;
 } atca_spi_host_t;
 
 /** \brief HAL implementation of SPI init
@@ -38,91 +35,78 @@ typedef struct atca_spi_host_s
 
 ATCA_STATUS hal_spi_init(ATCAIface iface, ATCAIfaceCfg *cfg)
 {
-    ATCA_STATUS status = ATCA_BAD_PARAM;
-
-    if (iface && cfg && cfg->cfg_data)
-    {
-        if (!iface->hal_data)
-        {
-            atca_spi_host_t * hal_data = malloc(sizeof(atca_spi_host_t));
-            atca_spi_host_config_t * cfg_data = (atca_spi_host_config_t*)cfg->cfg_data;
-
-            if (hal_data)
-            {
-                memset(hal_data, 0, sizeof(hal_data));
-
-                hal_data->cfg.operation = SPI_OP_MODE_MASTER | SPI_MODE_CPOL | SPI_MODE_CPHA | SPI_TRANSFER_MSB |
-                                          SPI_WORD_SET(8);
-                hal_data->cfg.frequency = cfg->atcaspi.baud;
-
-                hal_data->dev = device_get_binding(cfg_data->device_name);
-
-                hal_data->cs.gpio_dev = device_get_binding(cfg_data->gpio_name);
-                hal_data->cs.gpio_pin = cfg->atcaspi.select_pin;
-                hal_data->cs.gpio_dt_flags = GPIO_ACTIVE_LOW;
-
-                hal_data->cfg.cs = &hal_data->cs;
-
-                iface->hal_data = hal_data;
-                status = ATCA_SUCCESS;
-            }
-            else
-            {
-                status = ATCA_ALLOC_FAILURE;
-            }
-        }
-    }
-    printf("hal_spi_init: %d\n", status);
-    return status;
+	ATCA_STATUS status = ATCA_BAD_PARAM;
+
+	if (iface && cfg && cfg->cfg_data) {
+		if (!iface->hal_data) {
+			atca_spi_host_t *hal_data = malloc(sizeof(atca_spi_host_t));
+			atca_spi_host_config_t *cfg_data = (atca_spi_host_config_t *)cfg->cfg_data;
+
+			if (hal_data) {
+				memset(hal_data, 0, sizeof(hal_data));
+
+				hal_data->cfg.operation = SPI_OP_MODE_MASTER | SPI_MODE_CPOL |
+							  SPI_MODE_CPHA | SPI_TRANSFER_MSB |
+							  SPI_WORD_SET(8);
+				hal_data->cfg.frequency = cfg->atcaspi.baud;
+
+				hal_data->dev = device_get_binding(cfg_data->device_name);
+
+				hal_data->cs.gpio_dev = device_get_binding(cfg_data->gpio_name);
+				hal_data->cs.gpio_pin = cfg->atcaspi.select_pin;
+				hal_data->cs.gpio_dt_flags = GPIO_ACTIVE_LOW;
+
+				hal_data->cfg.cs = &hal_data->cs;
+
+				iface->hal_data = hal_data;
+				status = ATCA_SUCCESS;
+			} else {
+				status = ATCA_ALLOC_FAILURE;
+			}
+		}
+	}
+	printf("hal_spi_init: %d\n", status);
+	return status;
 }
 
 ATCA_STATUS hal_spi_post_init(ATCAIface iface)
 {
-    return ATCA_SUCCESS;
+	return ATCA_SUCCESS;
 }
 
-
 /** \brief HAL implementation to assert the device chip select
  * \param[in]    iface          Device to interact with.
  * \return ATCA_SUCCESS on success, otherwise an error code.
  */
 ATCA_STATUS hal_spi_select(ATCAIface iface)
 {
-    atca_spi_host_t * hal_data = (atca_spi_host_t *)atgetifacehaldat(iface);
-
-    if (hal_data)
-    {
-        hal_data->cfg.operation |= SPI_HOLD_ON_CS | SPI_LOCK_ON;
-        return ATCA_SUCCESS;
-    }
-    else
-    {
-        return ATCA_BAD_PARAM;
-    }
+	atca_spi_host_t *hal_data = (atca_spi_host_t *)atgetifacehaldat(iface);
+
+	if (hal_data) {
+		hal_data->cfg.operation |= SPI_HOLD_ON_CS | SPI_LOCK_ON;
+		return ATCA_SUCCESS;
+	} else {
+		return ATCA_BAD_PARAM;
+	}
 }
 
-
 /** \brief HAL implementation to deassert the device chip select
  * \param[in]    iface          Device to interact with.
  * \return ATCA_SUCCESS on success, otherwise an error code.
  */
 ATCA_STATUS hal_spi_deselect(ATCAIface iface)
 {
-    atca_spi_host_t * hal_data = (atca_spi_host_t *)atgetifacehaldat(iface);
-
-    if (hal_data)
-    {
-        hal_data->cfg.operation &= ~(SPI_HOLD_ON_CS | SPI_LOCK_ON);
-        spi_release(hal_data->dev, &hal_data->cfg);
-        return ATCA_SUCCESS;
-    }
-    else
-    {
-        return ATCA_BAD_PARAM;
-    }
+	atca_spi_host_t *hal_data = (atca_spi_host_t *)atgetifacehaldat(iface);
+
+	if (hal_data) {
+		hal_data->cfg.operation &= ~(SPI_HOLD_ON_CS | SPI_LOCK_ON);
+		spi_release(hal_data->dev, &hal_data->cfg);
+		return ATCA_SUCCESS;
+	} else {
+		return ATCA_BAD_PARAM;
+	}
 }
 
-
 /** \brief HAL implementation of SPI receive function
  * \param[in]    iface          Device to interact with.
  * \param[in]    word_address   device transaction type
@@ -133,27 +117,22 @@ ATCA_STATUS hal_spi_deselect(ATCAIface iface)
  */
 ATCA_STATUS hal_spi_receive(ATCAIface iface, uint8_t flags, uint8_t *rxdata, uint16_t *rxlength)
 {
-    ATCA_STATUS status = ATCA_BAD_PARAM;
-    atca_spi_host_t * hal_data = (atca_spi_host_t *)atgetifacehaldat(iface);
-
-    if (hal_data)
-    {
-        struct spi_buf rxbuf = { rxdata, *rxlength };
-        struct spi_buf_set rxbufs = { &rxbuf, 1 };
-
-        if (!spi_read(hal_data->dev, &hal_data->cfg, &rxbufs))
-        {
-            status = ATCA_SUCCESS;
-        }
-        else
-        {
-            status = ATCA_COMM_FAIL;
-        }
-    }
-    return status;
+	ATCA_STATUS status = ATCA_BAD_PARAM;
+	atca_spi_host_t *hal_data = (atca_spi_host_t *)atgetifacehaldat(iface);
+
+	if (hal_data) {
+		struct spi_buf rxbuf = {rxdata, *rxlength};
+		struct spi_buf_set rxbufs = {&rxbuf, 1};
+
+		if (!spi_read(hal_data->dev, &hal_data->cfg, &rxbufs)) {
+			status = ATCA_SUCCESS;
+		} else {
+			status = ATCA_COMM_FAIL;
+		}
+	}
+	return status;
 }
 
-
 /** \brief HAL implementation of SPI send
  * \param[in] iface           instance
  * \param[in] word_address    transaction type
@@ -165,28 +144,22 @@ ATCA_STATUS hal_spi_receive(ATCAIface iface, uint8_t flags, uint8_t *rxdata, uin
 
 ATCA_STATUS hal_spi_send(ATCAIface iface, uint8_t flags, uint8_t *txdata, int txlen)
 {
-    ATCA_STATUS status = ATCA_SUCCESS;
-    atca_spi_host_t * hal_data = (atca_spi_host_t *)atgetifacehaldat(iface);
-
-    if (hal_data)
-    {
-        struct spi_buf txbuf = { txdata, txlen };
-        struct spi_buf_set txbufs = { &txbuf, 1 };
-
-        if(!spi_write(hal_data->dev, &hal_data->cfg, &txbufs))
-        {
-            status = ATCA_SUCCESS;
-        }
-        else
-        {
-            status = ATCA_COMM_FAIL;
-        }
-
-    }
-
-    return status;
-}
+	ATCA_STATUS status = ATCA_SUCCESS;
+	atca_spi_host_t *hal_data = (atca_spi_host_t *)atgetifacehaldat(iface);
+
+	if (hal_data) {
+		struct spi_buf txbuf = {txdata, txlen};
+		struct spi_buf_set txbufs = {&txbuf, 1};
 
+		if (!spi_write(hal_data->dev, &hal_data->cfg, &txbufs)) {
+			status = ATCA_SUCCESS;
+		} else {
+			status = ATCA_COMM_FAIL;
+		}
+	}
+
+	return status;
+}
 
 /** \brief Perform control operations for the kit protocol
  * \param[in]     iface          Interface to interact with.
@@ -195,25 +168,23 @@ ATCA_STATUS hal_spi_send(ATCAIface iface, uint8_t flags, uint8_t *txdata, int tx
  * \param[in]     paramlen       Length of the parameter
  * \return ATCA_SUCCESS on success, otherwise an error code.
  */
-ATCA_STATUS hal_spi_control(ATCAIface iface, uint8_t option, void* param, size_t paramlen)
+ATCA_STATUS hal_spi_control(ATCAIface iface, uint8_t option, void *param, size_t paramlen)
 {
-    (void)param;
-    (void)paramlen;
-
-    if (iface && iface->mIfaceCFG)
-    {
-        switch (option)
-        {
-        case ATCA_HAL_CONTROL_SELECT:
-            return hal_spi_select(iface);
-        case ATCA_HAL_CONTROL_DESELECT:
-            return hal_spi_deselect(iface);
-        default:
-            printf("hal_spi_control: %d, %lu\n", option, paramlen);
-            return ATCA_UNIMPLEMENTED;
-        }
-    }
-    return ATCA_BAD_PARAM;
+	(void)param;
+	(void)paramlen;
+
+	if (iface && iface->mIfaceCFG) {
+		switch (option) {
+		case ATCA_HAL_CONTROL_SELECT:
+			return hal_spi_select(iface);
+		case ATCA_HAL_CONTROL_DESELECT:
+			return hal_spi_deselect(iface);
+		default:
+			printf("hal_spi_control: %d, %lu\n", option, paramlen);
+			return ATCA_UNIMPLEMENTED;
+		}
+	}
+	return ATCA_BAD_PARAM;
 }
 
 /** \brief manages reference count on given bus and releases resource if no more refences exist
@@ -222,7 +193,7 @@ ATCA_STATUS hal_spi_control(ATCAIface iface, uint8_t option, void* param, size_t
  */
 ATCA_STATUS hal_spi_release(void *hal_data)
 {
-    return ATCA_SUCCESS;
+	return ATCA_SUCCESS;
 }
 
 /** @} */
diff --git a/zephyr/Kconfig b/zephyr/Kconfig
new file mode 100644
index 000000000..1f6d45818
--- /dev/null
+++ b/zephyr/Kconfig
@@ -0,0 +1,216 @@
+
+menu "CryptoAuthLib Configuration"
+
+config CRYPTOAUTHLIB
+	bool "Enable CryptoAuthLib"
+	default n
+	help
+	  Master switch for the CryptoAuthLib module.
+
+menu "Hardware Abstraction Layer (HAL)"
+
+config ATCA_HAL_I2C
+	bool "Enable I2C HAL driver"
+	default y
+	help
+	  Use the I2C HAL (Linux & MCU) for device communication.
+
+config ATCA_HAL_SPI
+	bool "Enable SPI HAL driver"
+	default n
+	help
+	  Use the SPI HAL (Linux & MCU) for device communication.
+
+config ATCA_HAL_CUSTOM
+	bool "Enable custom/plug-in HAL driver"
+	default n
+	help
+	  Build support for a custom HAL implementation.
+
+config ATCA_HAL_KIT_HID
+	bool "Enable KIT HID HAL driver"
+	default n
+	help
+	  Include the HID-based kit protocol driver.
+
+config ATCA_HAL_KIT_BRIDGE
+	bool "Enable KIT Bridge protocol"
+	default n
+	help
+	  Include the general-purpose KIT bridge protocol.
+
+config ATCA_HAL_KIT_UART
+	bool "Enable KIT UART HAL driver"
+	default n
+	help
+	  Include the UART-based kit protocol driver.
+
+config ATCA_HAL_SWI_UART
+	bool "Enable SWI-UART HAL driver"
+	default n
+	help
+	  Include the single-wire interface over UART driver.
+
+endmenu # HAL
+
+menu "Library Behavior Options"
+
+config ATCA_PRINTF
+	bool "Enable debug printf statements"
+	default n
+	help
+	  Turn on internal debug printfs in the library.
+
+config ATCA_NO_HEAP
+	bool "Disable dynamic heap allocation"
+	default y
+	help
+	  Do not use malloc/free; use only stack/static allocations.
+
+config ATCA_CHECK_PARAMS_EN
+	bool "Enable parameter checking"
+	default y
+	help
+	  Check input parameters in public APIs for safety.
+
+config ATCA_ENABLE_DEPRECATED
+	bool "Enable deprecated APIs"
+	default n
+	help
+	  Allow use of older API wrappers that have been replaced.
+
+config ATCA_STRICT_C99
+	bool "Enable strict C99 compliance"
+	default n
+	help
+	  Compile with strict C99 rules (-Wpedantic).
+
+config MULTIPART_BUF_EN
+	bool "Enable multipart buffer support"
+	default n
+	help
+	  Support large multipart buffers in CryptoAuthLib.
+
+endmenu # Library Behavior
+
+menu "Cryptographic Backends"
+
+config ATCA_MBEDTLS
+	bool "Enable mbedTLS integration"
+	default n
+
+config ATCA_WOLFSSL
+	bool "Enable WolfSSL integration"
+	default n
+
+config ATCA_OPENSSL
+	bool "Enable OpenSSL integration"
+	default n
+
+endmenu # Crypto Backends
+
+menu "Certificate and JWT Options"
+
+config ATCA_JWT_EN
+	bool "Enable JWT functionality"
+	default n
+	help
+	  Build in support for JSON Web Tokens.
+
+config ATCACERT_COMPCERT_EN
+	bool "Enable compressed certificate support"
+	default y
+
+config ATCACERT_FULLSTOREDCERT_EN
+	bool "Enable full certificate support"
+	default y
+
+menu "Trust Platform (TNG) Certificates"
+
+config ATCA_TNGTLS_SUPPORT
+	bool "Enable Trust & Go TLS certs"
+	default n
+
+config ATCA_TNGLORA_SUPPORT
+	bool "Enable Trust & Go LoRa certs"
+	default n
+
+config ATCA_TFLEX_SUPPORT
+	bool "Enable TrustFlex certificates"
+	default n
+
+config ATCA_TNG_LEGACY_SUPPORT
+	bool "Enable legacy Trust & Go certs"
+	default n
+
+endmenu # TNG
+
+config ATCA_WPC_SUPPORT
+	bool "Enable WPC Certificates"
+	default n
+
+endmenu # Certificate and JWT
+
+menu "SHA Support"
+
+config ATCAC_SHA384_EN
+	bool "Enable SHA-384 support"
+	default n
+
+config ATCAC_SHA512_EN
+	bool "Enable SHA-512 support"
+	default n
+
+endmenu # SHA Support
+
+menu "PKCS11 Support"
+
+config ATCA_PKCS11
+	bool "Enable PKCS#11 library"
+	default n
+	help
+	  Build the PKCS#11 interface (Linux & Zephyr only).
+
+endmenu # PKCS11
+
+menu "Supported Devices"
+
+config ATCA_ATSHA204A_SUPPORT
+	bool "Support ATSHA204A device"
+	default y
+
+config ATCA_ATSHA206A_SUPPORT
+	bool "Support ATSHA206A device"
+	default y
+
+config ATCA_ATECC108A_SUPPORT
+	bool "Support ATECC108A device"
+	default y
+
+config ATCA_ATECC508A_SUPPORT
+	bool "Support ATECC508A device"
+	default y
+
+config ATCA_ATECC608_SUPPORT
+	bool "Support ATECC608 device"
+	default y
+
+config ATCA_ECC204_SUPPORT
+	bool "Support ECC204 device"
+	default y
+
+config ATCA_TA010_SUPPORT
+	bool "Support TA010 device"
+	default y
+
+config ATCA_SHA104_SUPPORT
+	bool "Support SHA104 device"
+	default y
+
+config ATCA_SHA105_SUPPORT
+	bool "Support SHA105 device"
+	default y
+
+endmenu # Devices
+
+endmenu # CryptoAuthLib Configuration
diff --git a/zephyr/module.yml b/zephyr/module.yml
new file mode 100644
index 000000000..b7012c1fb
--- /dev/null
+++ b/zephyr/module.yml
@@ -0,0 +1,4 @@
+name: cryptoauthlib
+build:
+  cmake: .
+  kconfig: zephyr/Kconfig
\ No newline at end of file