“This particular processor supports a few advanced security features such as secure boot and ARM TrustZone.”
The USB Armory is full-blown computer (800MHz ARM® processor, 512MB RAM) in a tiny form factor (65mm x 19mm x 6mm USB stick) designed from the ground up with information security applications in mind. Not only does the USB Armory have native support for many Linux distributions, it also has a completely open hardware design and a breakout prototyping header, making it a great platform on which to build other hardware.
The USB Armory hardware is supported by standard software environments and requires very little customization effort. In fact, vanilla Linux kernels and standard distributions run seamlessly on the tiny USB Armory board:
The ability to emulate arbitrary USB devices in combination with the i.MX53 SoC speed and fully customizable operating environment makes the USB Armory an ideal platform for all kinds of personal security applications. Not only is the USB Armory an excellent tool for testing the security of other devices, but it also has great security features itself:
The support for ARM® TrustZone®, in contrast to conventional trusted platform modules (TPMs), allows developers to engineer custom TPMs by enforcing domain separation between the “secure” and “normal” worlds that propagates throughout all SoC components, as opposed to limited only to the CPU core.
$ ssh email@example.com Welcome to your USB armory :) $ ▌
The following example security application ideas illustrate the flexibility of the USB Armory concept:
As mentioned in the first campaign update, there is also a simple USB host adapter that, along with compiling the right Linux kernel modules, allows the USB Armory to independently use a keyboard, USB display, USB mass storage devices, USB WiFi dongle and more, just like a standard computer, without the need for a separate USB host, such as a laptop or desktop.
Connecting a powered USB hub to the adapter ensures that all the connected USB devices have enough power to perform their tasks. Additionally, a micro-USB cable we can power the USB Armory itself. Alternatively, a passive USB hub can be used and a micro-USB charger (such as ones used for most mobile phones) can provide power.
To keep your USB Armory protected and preserved, we’ve developed a custom enclosure in cooperation with Teko, an Italian company that specializes in high-quality enclosure solutions.
The official USB Armory enclosure is a four-piece design customized to accommodate and protect the USB Armory.
The enclosure is easily assembled by snapping together three separate body parts, one of which acts as a sliding cover for the microSD card. A small removable cap protects the 5-pin breakout header.
Note: A cap for the USB plug was included in earlier enclosures but later removed due to width tolerance issues.
The USB Armory is an open source hardware and software project created by Inverse Path, an Italian information technology consulting group specializing in securing critical embedded systems in the avionic, automotive, and industrial control sectors. The Inverse Path team, with the help of the open source community, will develop applications that explore the potential of the USB Armory. Please participate!