Jump to content
Greenbytes

Tiny open source USB-stick SBC focuses on security

Recommended Posts

Inverse Path is readying a tiny, open-spec “USB Armory” SBC that runs Linux or Android on an i.MX53, and offers Trustzone, secure boot, and USB emulation.

The USB Armory single board computer, which Inverse Path plans to launch this quarter on the Crowd Supply crowdfunding site, is not your ordinary open source hacker SBC. For one thing, it’s super tiny (65 x 19 x 6mm), with only two real-world ports — a USB 2.0 OTG port and a microSD slot — and it’s specifically aimed at secure computing applications.

The USB Armory connects to other systems via the USB port, which is also how the device sips power at 5V. Consumption is less than 500 mA, according to Inverse Path. USB device emulation covers mass storage, HID, and Ethernet, with the latter enabled via a full bidrectional TCP/IP connection using CDC Ethernet emulation.

A secure boot feature lets users apply verification keys that ensure only trusted firmware can be executed on a specific USB Armory device. The device also offers ARM TrustZone security to enforce domain separation between secure and normal worlds.

The TrustZone support extends beyond the CPU to propagate throughout all system-on-chip components, says Inverse Path. The combination of all these security features “greatly limits the potentiality and scope of supply chain attacks,” says Inverse Path.

Potential applications for the USB Armory are said to include:

Mass storage device with automatic encryption, virus scanning, host authentication, and data self-destruct

OpenSSH client and agent for untrusted hosts (kiosk)

Router for end-to-end VPN tunneling, Tor

Password manager with integrated web server

Electronic wallet (e.g. pocket Bitcoin wallet)

Authentication token

Portable penetration testing (pen-testing) platform

Low level USB security testing

The device runs Android, Debian, Ubuntu, or FreeBSD on a Cortex-A8-based Freescale i.MX53 processor clocked at 800MHz. This would appear to be the i.MX537 model, rather than the i.MX535, which is typically clocked at 1GHz.

The USB Armory ships with 512MB DDR3 RAM. Aside from the USB and microSD connections, the only interface is a 7-pin header (normally holes, only) for GPIO and UART signals, plus power. Inverse Path has posted schematics and PCB layout files licensed under GPLv2.

Specifications listed for the USB Armory include:

Processor — Freescale i.MX53 (1x Cortex-A8 @ 800MHz)

Memory — 512MB DDR3 RAM

Storage — MicroSD slot with secure boot

I/O:

USB 2.0 OTG port with power support and device emulation

7-pin breakout header with GPIOs and UART

Other features — ARM TrustZone support; customizable LED with secure mode detection

Power — 5V, via USB; <500 mA consumption

Dimensions — 65 x 19 x 6mm

Operating system — Android; Linux (ships with Debian and Ubuntu images); FreeBSD

Further information

The USB Armory will go up for crowdfunding this quarter on Crowd Supply. More information may be found on the Crowd Supply project notification page, as well as this Inverse Path USB Armory product page. The device’s technical documentation is available on Github.

Sursa: Tiny open source USB-stick SBC focuses on security*·* LinuxGizmos.com

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...