IoT Security at Scale.

We support NXP's new i.MX 8M Mini

"The i.MX 8M Mini is NXP’s first embedded multicore applications processor built using advanced 14LPC FinFET process technology (...) that may be used in any general purpose industrial and IoT application."

Build Secure and Trustworthy Devices

Implement Advanced Security--Painlessly

EmSPARKTM is preconfigured to use NXP’s Trust Architecture available in the Layerscape and i.MX processors. EmSPARKTM Security Suite:

  • Streamlines secure boot implementation providing integrity and confidentiality for the entire boot chain from bootloader to TEE to Linux kernel
  • Hardware enforced domain isolation (Arm® TrustZone®) for security related tasks, keystore and certificate management and Trusted execution of critical processes

Reduce Firmware Development Time

EmSPARKTM abstracts away security complexity via Linux APIs for pre-built, TrustZone secured security functions including:

  • Firmware update
  • Secure storage
  • Key store and certificate management
  • Cryptographic operations

Prepare Firmware for Secure Volume Manufacturing

Provisioning devices during manufacturing without compromising customer secrets (keys and certificates) is big challenge. Without the right tools and processes, OEMs risk losing control over their intellectual property and incur loss of revenue through piracy. EmSPARKTM provides tools and processes for firmware preparation making it possible for OEMs to manufacture devices in untrusted facilities without risking theft of firmware or unauthorized manufacturing of devices. Sequitur works closely with companies and their ODMs/OEMs to ensure secure device provisioning within existing manufacturing workflows.

EmSPARK architecture

Key Features

Trusted ID:

EmSPARKTM Security Suite gives your device a unique ID tied to the hardware root of trust. This ID cannot be spoofed and therefore facilitates a number of secure processes such as authentication.

Encrypted Boot Chain:

Extends secure boot capabilities of the hardware platform. It secures the boot process from initial ROM boot to deploying a trusted, authenticated Linux OS and your firmware. This process ensures the fidelity of your firmware, preventing theft or compromise by malware.

Key and Certificate Management:

From mutual authentication to securely connecting to IoT cloud, public-private key combinations offer a proven mechanism to execute a variety of functions securely. EmSPARKTM includes robust key and certificate management in a TrustZone-isolated keystore.

Firmware Authentication and Secure Firmware Update:

Complementing the trusted boot architecture, the secure firmware update provides assurance for the device’s lifecycle.

Supported Platforms and Availability

Supported platforms include Layerscape LS1043A, LS1012A, i.MX: 6, 7, 8 series. EmSPARKTM Suite is immediately available for purchase. To learn more please go to www.sequiturlabs.com, or Email us.

Learn More About EmSPARK™ Security Suite for NXP Layerscape

To learn more or schedule a technical overview of the EmSPARKTM Suite for NXP please contact us.

What do you see?


Secure Edge Gateway platform using EmSPARKTM demonstrated with Azure IoT Edge.

Grapeboard from Scalys

Introducing the Grapeboard from Scalys, based on NXP’s LS1012A Layerscape processor.

Explore Our Products

For further information, please Email us.