[Updated: 14] — Arrow’s $159, 96Boards IoT Edition “Shield96 Trusted Platform” SBC runs Linux on a Cortex-A5 Microchip SAMA5D27 and pre-loads Sequitur Labs’ EmSPARK Security Suite with secure OTA, secure boot, crypto, and hardware root of trust.

Arrow has launched an SBC that runs Linux on Microchip’s single-core Cortex-A5 SAMA5D27 (or ATSAMA5D27) SoC. The $159 Shield96 Trusted Platform features pre-loaded EmSPARK Security Suite software from Sequitur Labs, which is specifically designed to exploit the SAMA5D2’s security features.

Shield96 Trusted Platform
(click images to enlarge)

The Shield96 appears to be a 96Boards Consumer Edition (CE) SBC with the standard, low-power 40-pin GPIO connector, much like 96Boards CE-compliant SBCs from Arrow such as the Chameleon96 and DragonBoard 410c. Yet aside from the identification of the GPIO as a “mezzanine” connector and the mention of available “daugherboards,” there is no hint of 96Boards here, nor does the board show up on the 96Boards website.

The lack of compliance may be due to the presence of an Ethernet port, suggests CNXSoft, which picked up the story from an Embedded.com post. Although a LAN port is non-standard for 96Boards CE, Bitmain’s LAN-equipped Sophon Edge is listed on the compliance page.

(Update: The Shield96 now appears on the 96Boards IoT Edition page along with other, mostly non-Linux MCU boards such as SeeedStudio’s Carbon and the Linux-powered, RDA8810PL-based Orange Pi i96.)

There’s also a $139 version of the Shield96 without the preloaded EmSPARK Security Suite, says CNXSoft, and it’s available now as opposed to Mar. 18 for the EmSPARK version. We could not find this option on the shopping page, but only the $159 version, which is available now. Arrow does say in its datasheet, however, that you can order a “virgin” board without the software.

The EmSPARK Security Suite provides trusted ID, encrypted boot chain, key and certificate management, and firmware authentication with secure updates. The software is optimized to exploit the SAMA5D2’s TrustZone support, tamper detection, secure boot and storage, cryptographic accelerators, and other hardware security features. The Shield96 SBC also has a separate Microchip ATECC508 secure element.

EmSPARK Security Suite architecture
(click image to enlarge)

One of the key EmSPARK components is Sequitur Lab’s Core-TEE, which is based on Linaro’s OP-TEE, an IoT-optimized implementation of Arm TrustZone. Core-TEE deploys a small OS-like “secure enclave” to work alongside Linux and enables hardware isolation and protection for cryptographic keys, algorithms, and sensitive data. (See our earlier OP-TEE and Core-TEE report for more details.)

The SAMA5D27, which is also available on Groboards’ Giant Board SBC, is typically clocked to 500MHz. It’s implemented here in the form of a Microchip SAMA5D27 SiP (SAMA5D28C-D1G) module equipped with 128MB RAM (1Gbit). The Shield96 board is further equipped with 128MB flash and Microchip’s 2.4GHz ATWILC1000 WiFi module.

Shield96 detail view
(click image to enlarge)

The Shield96 provides a microSD slot, a USB 2.0 host port, and a 10/100Mbps Ethernet port. There’s also a micro-USB serial console, a JTAG interface, and the 40-pin GPIO connector. The board supplies a PMIC plus a 5V input via another micro-USB port.

Arrow offers customization services for its Shield96 customers ranging from hardware customization to the development of trusted applications and cloud and self-hosted IoT analytics. It can also set you up with automated secure provisioning “at scale.”

 
Further information

The Shield96 Trusted Platform SBC with the pre-loaded EmSPARK Security Suite is available for $159 with immediate shipment. More information may be found on Arrow’s shopping page, which links to a datasheet.

Arrow Electronics will showcase the Shield96 board at Embedded World (booth 340, hall 4A) on Feb. 25-27. In addition, Arrow, Microchip Technology, and Sequitur Labs will be hosting a webinar called Simplified Security for Endpoint Solutions on Feb. 18.