We launched our second-generation microcontroller, RP2350, in August last year. Building on the success of its predecessor, RP2040, this adds faster processors, more memory, lower power states, and a security model built around Arm TrustZone for Cortex-M. Alongside our own Raspberry Pi Pico 2 board, and numerous partner boards, RP2350 also featured on the DEF CON badge, designed by Entropic Engineering, with firmware by our friend Dmitry Grinberg.

All chips have vulnerabilities, and most vendors’ strategy is not to talk about them. We consider this to be suboptimal, so instead, we entered into the DEF CON spirit by offering a one-month, $10,000 prize to the first person to retrieve a secret value from the one-time-programmable (OTP) memory on the device. Our aim was to smoke out weaknesses early, so that we could fix them before RP2350 became widely deployed in secure applications. This open approach to security engineering has been generally well received: call it “security through transparency”, in contrast with the “security through obscurity” philosophy of other vendors.

Nobody claimed the prize by the deadline, so in September we extended the deadline to the end of the year and doubled the prize to $20,000. Today, we’re pleased (ish) to announce that we received not one but four valid submissions, all of which require physical access to the chip, with varying degrees of intrusiveness. Outside of the contest, Thomas “stacksmashing” Roth and the team at Hextree also discovered a vulnerability, which we describe below.

So with no further ado, the winners are:

“Hazardous threes” – Aedan Cullen

RP2350’s antifuse OTP memory is a security-critical component: security configuration bits are stored in OTP and read early in the reset process. A state machine called the OTP PSM is responsible for these reads. Unfortunately, it turns out that the OTP PSM has an exploitable weakness.

The antifuse array is powered via the USB_OTP_VDD pin. To protect against power faults, the PSM uses “guard reads”: reads of known data very close to reads of security-critical data. A power fault should cause a mismatch in the known guard data, indicating that the associated security-critical read is untrustworthy. We use a single guard word: 0x333333.

However, the OTP may retain the last sensed read data during a power fault, and subsequent reads return the most-recently-read data from when power was good. This is not itself a flaw, but it interacts poorly with the choice of guard word. If USB_OTP_VDD is dropped precisely after a guard read has occurred, 0x333333 will be read until power is restored. Therefore, an attacker can overwrite security-critical configuration data with this value.

If the CRIT0 and CRIT1 words are replaced by 0x333333 during the execution of the OTP PSM, the RISCV_DISABLE and ARM_DISABLE bits will be set, and the DEBUG_DISABLE bit will be cleared. ARM_DISABLE takes precedence, so the chip leaves reset with the RISC-V cores running and debugging allowed, regardless of the actual configuration written in the fuses. Dumping secret data from the OTP is then straightforward.

More information can be found in Aedan’s GitHub repository here, and in his Chaos Communication Congress presentation here.

No mitigation is currently available for this vulnerability, which has been assigned erratum number E16. It is likely to be addressed in a future stepping of RP2350.

USB bootloader single-instruction fault with supply-voltage injection – Marius Muench

A foundational security feature of RP2350 is secure boot, which restricts the chip to only run code signed with a specific private key. If an attacker can bypass or break out of secure boot, they can run their own unsigned code, which can potentially dump secret data from the OTP.

Marius discovered a weakness in the boot ROM’s reboot API. This supports several different reboot modes, one of which is REBOOT_TYPE_PC_SP, which reboots and starts execution with a specific program counter and stack pointer. This can only be triggered from secure firmware already running on the chip, but if an attacker could trigger this boot mode externally, and with controlled parameters, we would start executing code at an attacker-supplied address – without verifying the signature of the code!

But how can one enter this boot mode, if it is only accessible to signed and verified firmware?

The answer (of course) is fault injection. By issuing a normal reboot command to the USB bootloader, and injecting a fault (in this case by glitching the supply voltage) so that an instruction is skipped just at the right time, it is possible to trick the reboot API into believing that REBOOT_TYPE_PC_SP was requested. If an attacker has loaded malicious code beforehand into the RAM, this code can be executed and used to extract the secret.

An interesting aspect of this attack is that the code for accepting the reboot command is actually hardened against fault injection. Unfortunately, the function implementing the reboot logic itself assumes that the incoming parameters (including the requested boot mode) are sanitised. Due to an unlucky arrangement of instructions emitted by the compiler, injecting a fault which skips one out of two very specific instructions confuses the chip into rebooting to the hazardous boot type.

Marius says: “While this break may seem straightforward in retrospect, reality is quite different. Identifying and exploiting these types of issues is far from trivial. Overall, this hacking challenge was a multi-month project for me, with many dead-ends explored along the way and countless iterations of attack code and setups to confirm or refute potential findings. Nonetheless, I had plenty of fun digging deep into the intricacies of the new RP2350 microcontroller, and I would like to thank Raspberry Pi and Hextree for hosting the challenge!”

Several effective mitigations are available against this attack, which has been assigned erratum number E20. The most precise mitigation is to set the OTP flag BOOT_FLAGS0.DISABLE_WATCHDOG_SCRATCH, which disables the ability to reboot to a particular PC/SP where that function is not required by application code.

Signature check single-instruction fault with laser injection – Kévin Courdesses

Kévin discovered an exploitable weakness in the secure boot path, just after the firmware to be validated has been loaded into RAM, and just before the hash function needed for the signature check is computed. Injecting a single precisely timed fault at this stage can cause the hash function to be computed over a different piece of data, controlled by the attacker. If that data is a valid signed firmware, the signature check will pass, and the attacker’s unsigned firmware will run!

The most common method of introducing faults, seen in Marius’s attack, is to briefly pull down the supply voltage, introducing a brief “glitch”, which causes the digital logic in the chip to misbehave. RP2350 contains glitch detector circuitry, which is designed to spot most voltage glitches and to purposely halt the chip in response. To permit the injection of faults without triggering the glitch detectors, Kévin built a custom laser fault injection system; this applies a brief pulse of laser light to the back of the die, which has been exposed by grinding away part of the package. And, although several technical compromises were necessary to keep the setup within a limited budget, it worked!

More information can be found in Kévin’s paper here.

No mitigation is available for this attack, which has been assigned erratum number E24. It is likely to be addressed in a future stepping of RP2350.

Extracting antifuse secrets from RP2350 by FIB/PVC – IOActive

OTP memories based on antifuses are widely used for storing small amounts of data (such as serial numbers, keys, and factory trimming) in integrated circuits because they are inexpensive and require no additional mask steps to fabricate. RP2350 uses an off-the-shelf antifuse memory block for storing secure boot keys and other sensitive configuration data.

Antifuses are widely considered to be a “high security” storage medium, meaning that they are significantly more difficult for an attacker to extract data from than other types of memory, such as flash or mask ROM. However, with this attack, IOActive has (almost) demonstrated that data bits stored in the RP2350 antifuse memory array can be extracted using a well-known semiconductor failure analysis technique: passive voltage contrast (PVC) with a focused ion beam (FIB).

The current form of the attack recovers the bitwise OR of two physically adjacent memory cells sharing common metal-1 contacts. However, with some per-bit effort it may be possible for an attacker to separate the even/odd cell values by taking advantage of the circuit-editing capabilities of the FIB.

IOActive has not yet tested the technique against other antifuse IP blocks or on other process nodes. Nonetheless, it is believed to have broad applicability to all antifuse-based memories. Dr Andrew Zonenberg, who led the technical team on this project along with Antony Moor, Daniel Slone, Lain Agan, and Mario Cop, commented: “Our team found a unique attack vector for reading data out of antifuse memory, which we intend to further develop. Those who rely on antifuse memory for confidentiality should immediately reassess their security posture.”

The suggested mitigation for this attack is to employ a “chaffing” technique, storing either {0, 1} or {1, 0} in each pair of bit cells, as the attack in its current form is unable to distinguish between these two states. To guard against a hypothetical version of the attack which uses circuit editing to distinguish between these states, it is recommended that keys and other secrets be stored as larger blocks of chaffed data, from which the secret is recovered by hashing.

Glitch detector evaluation, and OTP read double-instruction fault with EM injection – Hextree

We commissioned the Hextree team to evaluate the secure boot process, and the effectiveness of the redundancy coprocessor (RCP) and glitch detectors. They found that at the highest sensitivity setting, the glitch detectors can detect many voltage glitches; however, the rate of undetected glitches is still high enough to make attacks feasible with some effort.

The majority of their work focused on electromagnetic fault injection (EMFI), which delivers a high-voltage pulse to a small coil on top of the chip. This creates an electromagnetic field which will collapse in the chip, providing for the injection of very localized faults which do not disturb the glitch detectors. Testing yielded multiple security-relevant results, notably that it is possible to corrupt values read from OTP by injecting faults very early in the boot process, and that random delays provided by the RCP are susceptible to side-channel measurements.

The team also found a path to bypass an aspect of the OTP protection of the chip using a double fault: the s_varm_crit_nsboot function, which locks down the OTP permissions prior to entering BOOTSEL mode, has two instructions which, when both are disturbed by precisely timed faults, can prevent an OTP page from being correctly locked, effectively allowing the user to read-out and write to the OTP even when the chip configuration forbids this. The double fault can be triggered with reasonable reliability by EMFI.

Several effective mitigations are available against this attack, which has been assigned erratum number E21. The attack occurs when the device is running non-secure bootloader code, and the OTP keys are extracted via the PICOBOOT interface. The USB bootloader can be disabled by setting the OTP flags BOOT_FLAGS0.DISABLE_BOOTSEL_USB_PICOBOOT_IFC and BOOT_FLAGS0.DISABLE_BOOTSEL_USB_MSD_IFC, which mitigates this vulnerability at the cost of removing the ability to update firmware on the device over USB.

We’d also like to express gratitude to Colin O’Flynn and his team at NewAE for collaborating with both us and Thomas Roth / Hextree on this advanced silicon security research, as well as enabling us with their fantastic ChipWhisperer kit.

What’s next?

We’d like to thank everyone who participated in the challenge. While the rules specify a single $20,000 prize for the “best” attack, we were so impressed by the quality of the submissions that we have chosen to pay the prize in full for each of them.

As expected, we’ve learned a lot. In particular, we’ve revised downward our estimate of the effectiveness of our glitch detection scheme; the difficulty of reliably injecting multiple faults even in the presence of timing uncertainty; and the cost and complexity of laser fault injection. We’ll take these lessons into account as we work to harden future chips, and anticipated future steppings of RP2350.

And while this hacking challenge is over, another one is about to start. As a component of the broader RP2350 security architecture, we’ve been working to develop an implementation of AES which is hardened against side-channel attacks (notably differential power analysis), and we’ll be challenging you to defeat it. Check back next week for more details.

All vendors have security vulnerabilities in their chips. We are unusual because we talk about them, and aim to fix them, rather than brushing them under the carpet. Security through transparency is here to stay.

The post Security through transparency: RP2350 Hacking Challenge results are in appeared first on Raspberry Pi.

We first announced Raspberry Pi 5 back in the autumn of 2023, with just two choices of memory density: 4GB and 8GB. Last summer, we released the 2GB variant, aimed at cost-sensitive applications. And today we’re launching its bigger sibling, the 16GB variant, priced at $120.

Why 16GB, and why now?

We’re continually surprised by the uses that people find for our hardware. Many of these fit into 8GB (or even 2GB) of SDRAM, but the threefold step up in performance between Raspberry Pi 4 and Raspberry Pi 5 opens up use cases like large language models and computational fluid dynamics, which benefit from having more storage per core. And while Raspberry Pi OS has been tuned to have low base memory requirements, heavyweight distributions like Ubuntu benefit from additional memory capacity for desktop use cases.

The optimised D0 stepping of the Broadcom BCM2712 application processor includes support for memories larger than 8GB. And our friends at Micron were able to offer us a single package containing eight of their 16Gbit LPDDR4X die, making a 16GB product feasible for the first time.

Carbon Removal Credits

We’re proud of the low environmental impact of Raspberry Pi computers. They are small and light, which translates directly into a small upfront carbon footprint for manufacturing, logistics and disposal. With an idle power consumption in the 2–3W range, and a fully loaded power consumption of less than 10W, replacing a legacy x86 PC with a Raspberry Pi typically results in a significant reduction in operating power consumption, and thus ongoing carbon footprint.

But while our upfront carbon footprint is small, it is not zero. So today, we’re launching Raspberry Pi Carbon Removal Credits, priced at $4, giving you the option to mitigate the emissions associated with the manufacture and disposal of a modern Raspberry Pi.

How does it work?

We commissioned Inhabit to conduct an independent assessment of the carbon footprint of manufacturing, shipping, and disposing of a Raspberry Pi 4 or 5, which came to 6.5kg of CO₂ equivalent. When you buy a Raspberry Pi Carbon Removal Credit from one of our Approved Resellers, we pay our friends at UNDO Carbon to begin capturing that quantity of CO₂ from the atmosphere using enhanced rock weathering (ERW) technology.

It’s that simple.

What is enhanced rock weathering?

As rain falls through the atmosphere, it combines with CO₂ to form carbonic acid. When this weak acid falls on mountains, forests and grassland, the CO₂ interacts with rocks and soil, mineralises, and is safely stored in solid carbonate form. The natural process of weathering already accounts for the removal of one billion tonnes of CO₂ from the atmosphere every year.

ERW accelerates this natural process by spreading crushed silicate rock (in our case, basalt) on agricultural land, increasing the surface area of the rock and therefore increasing its contact with CO₂. Overall, this reduces the timescales involved from millions of years to mere decades. Once the reaction takes place, the CO₂ is permanently locked away for 100,000+ years.

In addition to capturing CO₂, spreading basalt on agricultural land also brings with it significant co-benefits. Silicate rocks are mineral-rich; as they weather, they release nutrients such as magnesium, calcium and potassium, improving soil health and reducing the need for fertilisers. Trials with the University of Newcastle have shown an increase in crop yield following the application of crushed basalt rock. In addition, the alkaline bicarbonate ions captured during the ERW process are eventually washed out to sea, where they help to deacidify our oceans.

You can find out more about UNDO’s work here.

Why capture carbon in the future, not the past?

Generally, when you buy carbon offsets, you are paying for carbon capture which has taken place in the past (for example by planting and growing trees). When you buy Raspberry Pi Carbon Removal Credits, UNDO spreads basalt now, which then captures the rated quantity of carbon over, roughly, the next twenty years.

We’ve chosen ERW because we believe it’s a more rigorous, scalable, verifiable approach to carbon capture than traditional approaches like planting (or, more ridiculously, agreeing not to cut down) trees: quite simply, it’s our best shot at drawing down a material fraction of humanity’s carbon emissions in our lifetimes. But, as it is a relatively new technology, there is no pool of offsets corresponding to historical capture available for us to purchase.

So, we’re doing the next best thing: paying UNDO to start an irrevocable process of carbon capture which will continue over the next two decades and beyond. We hope that our embrace of ERW will help raise awareness of this world-changing technology, and perhaps inspire others to take their first steps with it.

The post 16GB Raspberry Pi 5 on sale now at $120 appeared first on Raspberry Pi.

Just in time for Christmas, we’re delighted to announce the release of two hotly anticipated products that we think will look great under the tree. One of them might even fit in a stocking if you push hard enough. Introducing Raspberry Pi 500, available now at $90, and the Raspberry Pi Monitor, on sale at $100: together, they’re your complete Raspberry Pi desktop setup.

Integral calculus

Our original mission at Raspberry Pi was to put affordable, programmable personal computers in the hands of young people all over the world. And while we’ve taken some detours along the way – becoming one of the world’s largest manufacturers of industrial and embedded computers – this mission remains at the heart of almost everything we do. It drives us to make lower-cost products like the $15 Raspberry Pi Zero 2 W, and more powerful products, like our flagship Raspberry Pi 5 SBC. These products provide just the essential processing element of a computer, which can be combined with the family television, and second-hand peripherals, to build a complete and cost-effective system.

But over time we have come to understand the benefits of integration: some people are better served by a system that is ready to use straight out of the box. This need was dramatized during the early days of the COVID pandemic, when we worked with the Raspberry Pi Foundation to deliver thousands of Raspberry Pi 4 Desktop Kits and monitors to young people studying from home in the UK. Our experiences with that programme informed the development of Raspberry Pi 400, our all-in-one PC, whose form factor (and name) harks back to the great 8-bit and 16-bit computers – the BBC Micro, Sinclair Spectrum, and Commodore Amiga – of the 1980s and 1990s.

Meet Raspberry Pi 500

In the four years since it launched, Raspberry Pi 400 has become a hugely popular choice for enthusiasts and educators. And today, we’re launching its successor, Raspberry Pi 500, bringing the features and performance of the Raspberry Pi 5 platform to our all-in-one form factor:

• 2.4GHz quad-core 64-bit Arm Cortex-A76 processor
• 8GB LPDDR4X-4267 SDRAM
• VideoCore VII GPU, supporting OpenGL ES 3.1 and Vulkan 1.3
• Dual 4Kp60 HDMI® display output
• Dual-band 802.11ac Wi-Fi® and Bluetooth 5.0
• 2 × USB 3.0 ports, supporting simultaneous 5Gbps operation
• 1 × USB 2.0 port
• Gigabit Ethernet port
• Horizontal 40-pin Raspberry Pi GPIO connector

Raspberry Pi 500 is priced at $90, including a 32GB Raspberry Pi-branded SD card, and is also available in a $120 Desktop Kit, which adds:

• Raspberry Pi Mouse
• Raspberry Pi 27W USB-C Power Supply
• 2m micro HDMI to HDMI cable
• Raspberry Pi Beginner’s Guide, 5th Edition

The vision thing – an official Raspberry Pi Monitor

Although it’s highly integrated, Raspberry Pi 500 is only half the story: to build a complete system, you still need a display device. Which is why we’re also launching the Raspberry Pi Monitor, available now at $100. Designed to coordinate perfectly with your Raspberry Pi 500 or cased Raspberry Pi 5, it incorporates a 15.6″ full HD IPS panel with a 45% colour gamut and an 80° viewing angle, together with a pair of 1.2W speakers, in a slender enclosure with a fold-away integrated stand and VESA mounting points.

Power is provided via a USB-C connector. Cost-conscious users can power the monitor directly from their Raspberry Pi via the included USB-A to USB-C cable; in this mode display brightness is limited to 60% of maximum (still quite bright!) and volume to 50% of maximum (still quite loud!). Using a dedicated USB-C supply capable of delivering 5V/3A, like the Raspberry Pi 15W USB-C Power Supply, enables the full brightness and volume ranges.

Faster, better, cheaper: Raspberry Pi 400 price cuts

While we’re incredibly excited about Raspberry Pi 500, we need to remember that cost remains a barrier to access for many people, young and old. So we’re also taking this opportunity to cut the price of Raspberry Pi 400 from $70 to $60, and the Raspberry Pi 400 Personal Computer Kit from $100 to $80. We’re also bundling a Raspberry Pi-branded SD card with every Raspberry Pi 400, to help you get the best possible performance out of the system.

We know that quite a few of you have been eagerly awaiting both of our new products, and we hope you enjoy them now they’re here. We’ve seen Raspberry Pi 400 everywhere from retro gaming setups to university exam facilities and hospital offices; we’re really looking forward to finding out where Raspberry Pi 500 and our new Raspberry Pi Monitor end up.

The post Raspberry Pi 500 and Raspberry Pi Monitor on sale now appeared first on Raspberry Pi.

Today we’re happy to announce the much-anticipated launch of Raspberry Pi Compute Module 5, the modular version of our flagship Raspberry Pi 5 single-board computer, priced from just $45.

An unexpected journey

We founded the Raspberry Pi Foundation back in 2008 with a mission to give today’s young people access to the sort of approachable, programmable, affordable computing experience that I benefitted from back in the 1980s. The Raspberry Pi computer was, in our minds, a spiritual successor to the BBC Micro, itself the product of the BBC’s Computer Literacy Project.

But just as the initially education-focused BBC Micro quickly found a place in the wider commercial computing marketplace, so Raspberry Pi became a platform around which countless companies, from startups to multi-billion-dollar corporations, chose to innovate. Today, between seventy and eighty percent of Raspberry Pi units go into industrial and embedded applications.

While many of our commercial customers continue to use the “classic” single-board Raspberry Pi form factor, there are those whose needs aren’t met by that form factor, or by the default set of peripherals that we choose to include on the SBC product. So, in 2014 we released the first Raspberry Pi Compute Module, providing just the core functionality of Raspberry Pi 1 – processor, memory, non-volatile storage and power regulation – in an easy-to-integrate SODIMM module.

Compute Modules make it easier than ever for embedded customers to build custom products which benefit from our enormous investments in the Raspberry Pi hardware and software platform. Every subsequent generation of Raspberry Pi, except for Raspberry Pi 2, has spawned a Compute Module derivative. And today, we’re happy to announce the launch of Compute Module 5, the modular version of our flagship Raspberry Pi 5 SBC.

Meet Compute Module 5

Compute Module 5 gives you everything you love about Raspberry Pi 5, but in a smaller package:

• A 2.4GHz quad-core 64-bit Arm Cortex-A76 CPU
• A VideoCore VII GPU, supporting OpenGL ES 3.1 and Vulkan 1.3
• Dual 4Kp60 HDMI® display output
• A 4Kp60 HEVC decoder
• Optional dual-band 802.11ac Wi-Fi® and Bluetooth 5.0
• 2 × USB 3.0 interfaces, supporting simultaneous 5Gbps operation
• Gigabit Ethernet, with IEEE 1588 support
• 2 × 4-lane MIPI camera/display transceivers
• A PCIe 2.0 x1 interface for fast peripherals
• 30 GPIOs, supporting 1.8V or 3.3V operation
• A rich selection of peripherals (UART, SPI, I2C, I2S, SDIO, and PWM)

It is available with 2GB, 4GB, or 8GB of LPDDR4X-4267 SDRAM, and with 16GB, 32GB, or 64GB of MLC eMMC non-volatile memory. 16GB SDRAM variants are expected to follow in 2025.

Compute Module 5 is mechanically compatible with its predecessor, Compute Module 4, exposing all signals through a pair of high-density perpendicular connectors, which attach to corresponding parts on the customer’s carrier board. Additional stability is provided by four M2.5 mounting holes arranged at the corners of the board.

There are a small number of changes to the pin-out and electrical behaviour of the module, mostly associated with the removal of the two two-lane MIPI interfaces, and the addition of two USB 3.0 interfaces. A detailed summary of these changes can be found in the Compute Module 5 datasheet.

Accessories accessorise

But Compute Module 5 is only part of the story. Alongside it, we’re offering a range of new accessories to help you get the most out of our new modular platform.

IO Board

Every generation of Compute Module has been accompanied by an IO board, and Compute Module 5 is no exception.

The Raspberry Pi Compute Module 5 IO Board breaks out every interface from a Compute Module 5. It serves both as a development platform and as reference baseboard (with design files in KiCad format), reducing the time to market for your Compute Module 5-based designs.

The IO Board features:

• A standard 40-pin GPIO connector
• 2 × full-size HDMI 2.0 connectors
• 2 × 4-lane MIPI DSI/CSI-2 FPC connectors (22-pin, 0.5mm pitch cable)
• 2 × USB 3.0 connectors
• A Gigabit Ethernet jack with PoE+ support (requires a separate Raspberry Pi PoE+ HAT+)
• An M.2 M-key PCIe socket (for 2230, 2242, 2260 and 2280 modules)
• A microSD card socket (for use with Lite modules)
• An RTC battery socket
• A 4-pin fan connector

Power is provided by a USB-C power supply (sold separately).

IO Case

As in previous generations, we expect some users to deploy the IO Board and Compute Module combination as a finished product in its own right: effectively an alternative Raspberry Pi form factor with all the connectors on one side. To support this, we are offering a metal case which turns the IO Board into a complete encapsulated industrial-grade computer. The Raspberry Pi IO Case for Raspberry Pi Compute Module 5 includes an integrated fan, which can be connected to the 4-pin fan connector on the IO Board to improve thermal performance.

Cooler

While Compute Module 5 is our most efficient modular product yet in terms of energy consumed per instruction executed, like all electronic products it gets warm under load. The Raspberry Pi Cooler for Raspberry Pi Compute Module 5 is a finned aluminium heatsink, designed to fit on a Compute Module 5, and including thermal pads to optimise heat transfer from the CPU, memory, wireless module and eMMC.

Antenna Kit

Wireless-enabled variants of Compute Module 5 provide both an onboard PCB antenna, and a UFL connector for an external antenna. Use of the Raspberry Pi Antenna Kit (identical to that already offered for use with Compute Module 4) with Compute Module 5 is covered by our FCC modular compliance.

Development Kit

The Raspberry Pi Development Kit for Raspberry Pi Compute Module 5 comprises a Compute Module 5, an IO Board, and all the other accessories you need to start building your own design:

• CM5104032 (Compute Module 5, with wireless, 4GB RAM, 32GB eMMC storage)
• IO Case for Compute Module 5
• Compute Module 5 IO Board
• Cooler for Compute Module 5
• Raspberry Pi 27W USB-C PD Power Supply (local variant as applicable)
• Antenna Kit
• 2 × Raspberry Pi standard HDMI to HDMI Cable
• Raspberry Pi USB-A to USB-C Cable

Early adopters

Today’s launch is accompanied by announcements of Compute Module 5-based products from our friends at KUNBUS and TBS, who have built successful products on previous Raspberry Pi Compute Modules and whom we have supported to integrate our new module into their latest designs. Other customers are preparing to announce their own Compute Module 5-powered solutions over the next weeks and months. The world is full of innovative engineering companies of every scale, and we’re excited to discover the uses to which they’ll put our powerful new module. Try Compute Module 5 for yourself and let us know what you build with it.

The post Compute Module 5 on sale now from $45 appeared first on Raspberry Pi.

Update: In advance of official MicroPython support for Pico 2 W, you can download our unofficial MicroPython build here; you’ll find the README here.

Today our epic autumn of product launches continues with Raspberry Pi Pico 2 W, the wireless-enabled variant of this summer’s Pico 2. Built around our brand new RP2350 microcontroller, featuring the tried and tested wireless modem from the original Pico W, and priced at just $7, it’s the perfect centrepiece for your connected Internet of Things projects.

RP2350: the connoisseur’s microcontroller, redux

When we launched our debut microcontroller, RP2040, way back in 2021, we couldn’t have imagined the incredible range of products that would be built around it, or the uses that the community would put them to. Combining a symmetric pair of fast integer cores; a large, banked, on-chip memory; rich support for high-level languages; and our patented programmable I/O (PIO) subsystem, it quickly became the go-to device for enthusiasts and professional engineers seeking high-performance, deterministic interfacing at a low price point.

RP2350 builds on this legacy, offering faster cores, more memory, floating point support, on-chip OTP, optimised power consumption, and a rich security model built around Arm’s TrustZone for Cortex-M. It debuted in August on Pico 2, on the DEF CON 32 badge (designed by our friends at Entropic Engineering, with firmware and a gonzo sidewalk badge presentation by the redoubtable Dmitry Grinberg), and on a wide variety of development boards and other products from our early-access partners.

Wireless things

Many of the projects and products that people build on top of our platforms — whether that’s our Linux-capable Raspberry Pi computers, our microcontroller boards, or our silicon products — answer to the general description “Internet of Things”. They combine local compute, storage, and interfacing to the real world with connectivity back to the cloud.

Raspberry Pi Pico 2 W brings all the power of RP2350 to these IoT projects. The on-board CYW43439 modem from our friends at Infineon provides 2.4GHz 802.11n wireless LAN and Bluetooth 5.2 connectivity, and is supported by C and MicroPython libraries. Enthusiasts benefit from the breadboard-friendly Pico form factor, while our upcoming RM2 radio module (already in use on Pimoroni’s Pico Plus 2 W) provides a route to scale for professional products which have been prototyped on the platform.

More to come

We’re very pleased with how Pico 2 W has turned out. And, where the Pico 1 series ended with Pico W, we have a few more ideas in mind for the Pico 2 series. Keep an eye out for more news in early 2025.

The post Raspberry Pi Pico 2 W on sale now at $7 appeared first on Raspberry Pi.

Most Raspberry Pi single-board computers, with the exception of the Raspberry Pi Zero and A+ form factors, incorporate an on-board USB hub to fan out a single USB connection from the core silicon, and provide multiple downstream USB Type-A ports. But no matter how many ports we provide, sometimes you just need more peripherals than we have ports. And with that in mind, today we’re launching the official Raspberry Pi USB 3 Hub, a high-quality four-way USB 3.0 hub for use with your Raspberry Pi or other, lesser, computer.

Key features include:

• A single upstream USB 3.0 Type-A connector on an 8 cm captive cable
• Four downstream USB 3.0 Type-A ports
• Aggregate data transfer speeds up to 5 Gbps
• USB-C socket for optional external 3A power supply (sold separately)

Race you to the bottom

Why design our own hub? Well, we’d become frustrated with the quality and price of the hubs available online. Either you pay a lot of money for a nicely designed and reliable product, which works well with a broad range of hosts and peripherals; or you cheap out and get something much less compatible, or unreliable, or ugly, or all three. Sometimes you spend a lot of money and still get a lousy product.

It felt like we were trapped in a race to the bottom, where bad quality drives out good, and marketplaces like Amazon end up dominated by the cheapest thing that can just about answer to the name “hub”.

So, we worked with our partners at Infineon to source a great piece of hub silicon, CYUSB3304, set Dominic to work on the electronics and John to work on the industrial design, and applied our manufacturing and distribution capabilities to make it available at the lowest possible price. The resulting product works perfectly with all models of Raspberry Pi computer, and it bears our logo because we’re proud of it: we believe it’s the best USB 3.0 hub on the market today.

Grab one and have a play: we think you’ll like it.

The post Raspberry Pi USB 3 Hub on sale now at $12 appeared first on Raspberry Pi.

Way back in 2015, we launched the Raspberry Pi Touch Display, a 7″ 800×480-pixel LCD panel supporting multi-point capacitive touch. It remains one of our most popular accessories, finding a home in countless maker projects and embedded products. Today, we’re excited to announce Raspberry Pi Touch Display 2, at the same low price of $60, offering both a higher 720×1280-pixel resolution and a slimmer form factor.

Key features of Raspberry Pi Touch Display 2 include:

• 7″ diagonal display
• 88mm × 155mm active area
• 720 (RGB) × 1280 pixels
• True multi-touch capacitive panel, supporting five-finger touch
• Fully supported by Raspberry Pi OS
• Powered from the host Raspberry Pi

Simple setup

Touch Display 2 is powered from your Raspberry Pi, and is compatible with all Raspberry Pi computers from Raspberry Pi 1B+ onwards, except for the Raspberry Pi Zero series which lack the necessary DSI port. It attaches securely to your Raspberry Pi with four screws, and ships with power and data cables compatible with both standard and mini FPC connector formats. Unlike its predecessor, Touch Display 2 integrates the display driver PCB into the display enclosure itself, delivering a much slimmer form factor.

Like its predecessor, Touch Display 2 is fully supported by Raspberry Pi OS, which provides drivers to support five-finger touch and an on-screen keyboard. This gives you full functionality without the need for a keyboard or mouse. While it is a native portrait-format 720×1280-pixel panel, Raspberry Pi OS supports screen rotation for users who would prefer to use it in landscape orientation.

Consistent with our commitment to long product availability lifetimes, the original Touch Display will remain in production for the foreseeable future, though it is no longer recommended for new designs. Touch Display 2 will remain in production until 2030 at the earliest, allowing our embedded and industrial customers to build it into their products and installations with confidence.

We’ve never gone nine years between refreshes of a significant accessory before. But we took the time to get this one just right, and are looking forward to seeing how you use Touch Display 2 in your projects and products over the next nine years and beyond.

The post Raspberry Pi Touch Display 2 on sale now at $60 appeared first on Raspberry Pi.

To help you get the best out of your Raspberry Pi 5, today we’re launching a range of Raspberry Pi-branded NVMe SSDs. They are available both on their own and bundled with our M.2 HAT+ as ready-to-use SSD Kits.

When we launched Raspberry Pi 5, almost exactly a year ago, I thought the thing people would get most excited about was the three-fold increase in performance over 2019’s Raspberry Pi 4. But very quickly it became clear that it was the other new features – the power button (!), and the PCI Express port – that had captured people’s imagination.

We’ve seen everything from Ethernet adapters, to AI accelerators, to regular PC graphics cards attached to the PCI Express port. We offer our own low-cost M.2 HAT+, which converts from our FPC standard to the standard M.2 M-key format, and there are a wide variety of third-party adapters which do basically the same thing. We’ve also released an AI Kit, which bundles the M.2 HAT+ with an AI inference accelerator from our friends at Hailo.

But the most popular use case for the PCI Express port on Raspberry Pi 5 is to attach an NVMe solid-state disk (SSD). SSDs are fast; faster even than our branded A2-class SD cards. If no-compromises performance is your goal, you’ll want to run Raspberry Pi OS from an SSD, and Raspberry Pi SSDs are the perfect choice.

The entry-level 256GB drive is priced at $30 on its own, or $40 as a kit; its 512GB big brother is priced at $45 on its own, or $55 as a kit. Both densities offer minimum 4KB random read and write performance of 40k IOPS and 70k IOPS respectively. The 256GB SSD and SSD Kit are available to buy today, while the 512GB variants are available to pre-order now for shipping by the end of November.

So, there you have it: a cost-effective way to squeeze even more performance out of your Raspberry Pi 5. Enjoy!

The post Raspberry Pi SSDs and SSD Kits on sale now appeared first on Raspberry Pi.