Open Source SDK for Developers
Our goal is to offer a secure platform for any applications from diverse areas. We care about the safety of the system and provide developers with a modular design for your own applications. As far as we are able, we therefore offer all necessary software packages under open source licenses,
freely available for download. For more information on additional programs and software, and commercial licenses are available upon request.
- Toolchain: eldk-eglibc-i686-arm-toolchain-qte-5.2.1.tar.bz2
- Bootloader: APEX 1.6.8 with own crypto patches
- Kernel: GNU/Linux 3.3
- Root-filesystem: Debian 6.0
- Tools: Encrypt or sign kernel with initrd
- Initrd: Small Initrd to boot LUKS container
We supply picosafe sticks with an pre-programmed AES key. The key’s are generated by an random generator. If you are interested to programm own keys to the otp rom you need some further tools which are under confidentiality agreements available. Please contact us, that we can help you to get the neccessary tools.
With the Open-SDK you can build, encrypt or sign your own kernel and root-filesystem.
Web based applications
The user interfaces are made with jQueryui, HTML5, CSS & Co. On server side you can use PHP, Python, C and languages like this.
Dongles, add ons, security co-processor
You need an additional own crypt stick for your application? Picosafe can use for own application. Write you security component with your favourite language. Picosafe is an 100% encrypted environment with many typical Linux Technologies. On the pc Picosafe can recognize as:
- USB Mass storage
- USB Network interface
- USB HID (like mouse or keyboard)
- USB serial port (virtual com port)
- USB printer
- own USB interface
Picosafe’s LPC3143 will only load encrypted code after reset. In order to run any code after reset (typically the bootloader), the code must be correctly encrypted with a 128 bit AES key. The AES key is stored in the OTP area of the LPC3143 and dierent for every picosafe device. In order to establish a chain of trust, every software component must validate the next software component, i.e. the bootloader must validate kernel and initramfs, initramfs must validate the root filesystem.