Secure Edge Gateway platform using EmSPARKTM demonstrated with Azure IoT Edge.

EmSPARK™ for NXP QorIQ LayerScape SoCs

NXP’s QorIQ® communications processor portfolio provides scalable performance and security from the smallest form factor, power-constrained networking and industrial applications to new virtualized networks and embedded systems requiring an advanced datapath and network peripheral interfaces.

Our EmSPARKTM Security Suite for NXP QorIQ LayerScape family of SoCs is packaged software that leverages NXP Trust Architecture 2.1 which provides hardware roots of trust for platform security with features like secure-boot, key-management, secure storage, tamper-detection, run-time Integrity checking and hardware isolation, in addition to support for random number generation and cryptography. Trust Architecture is an integral part of every Layerscape SoC.

EmSPARKTM Security Suite streamlines secure boot implementation, firmware packaging for manufacturing, secure provisioning and device lifecycle. It provides:

  • Integrity and confidentiality for the entire boot chain from bootloader to TEE to Linux kernel
  • Hardware enforced domain isolation (Arm® TrustZone®) for security related tasks, keystore and certificate management
  • Trusted execution of critical processes
  • Integrated with hardware crypto accelerators for efficient crypto operations
  • Abstraction APIs for pre-built, TrustZone isolated security functions:

    • firmware update
    • secure storage
    • Key store and certificate management
    • Cryptographic operations

  • Supported SoCs: LS1043, LS1012
All NXP QorIQ SoCs support Trust Architecture
Source: NXP

Key Features

Trusted ID:

EmSPARKTM Security Suite gives your device a unique ID tied to the hardware root of trust. This ID cannot be spoofed and therefore facilitates a number of secure processes such as authentication.

Encrypted Boot Chain:

Extends secure boot capabilities of the hardware platform. It secures the boot process from initial ROM boot to deploying a trusted, authenticated Linux OS and your firmware. This process ensures the fidelity of your firmware, preventing theft or compromise by malware.

Key and Certificate Management:

From mutual authentication to securely connecting to IoT cloud, public-private key combinations offer a proven mechanism to execute a variety of functions securely. EmSPARKTM includes robust key and certificate management in a TrustZone-isolated keystore.

Firmware Authentication and Secure Firmware Update:

Complementing the trusted boot architecture, the secure firmware update provides assurance for the device’s lifecycle.

Join the Private Preview for EmSPARK™ Security Suite for NXP Layerscape

The Private Preview is accepting a limited number of companies who will have the opportunity to evaluate the EmSPARKTM Security Suite for NXP Layerscape. The Preview offers a downloadable software package for evaluation, along with documentation, code examples and support.

What do you see?


Secure Edge Gateway platform using EmSPARKTM demonstrated with Azure IoT Edge.

Explore Our Products

For further information, please Email us.