We launched our second-generation microcontroller, RP2350, in August last year. Building on the success of its predecessor, RP2040, this adds faster processors, more memory, lower power states, and a security model built around Arm TrustZone for Cortex-M. Alongside our own Raspberry Pi Pico 2 board, and numerous partner boards, RP2350 also featured on the DEF CON badge, designed by Entropic Engineering, with firmware by our friend Dmitry Grinberg.

All chips have vulnerabilities, and most vendors’ strategy is not to talk about them. We consider this to be suboptimal, so instead, we entered into the DEF CON spirit by offering a one-month, $10,000 prize to the first person to retrieve a secret value from the one-time-programmable (OTP) memory on the device. Our aim was to smoke out weaknesses early, so that we could fix them before RP2350 became widely deployed in secure applications. This open approach to security engineering has been generally well received: call it “security through transparency”, in contrast with the “security through obscurity” philosophy of other vendors.

Nobody claimed the prize by the deadline, so in September we extended the deadline to the end of the year and doubled the prize to $20,000. Today, we’re pleased (ish) to announce that we received not one but four valid submissions, all of which require physical access to the chip, with varying degrees of intrusiveness. Outside of the contest, Thomas “stacksmashing” Roth and the team at Hextree also discovered a vulnerability, which we describe below.

So with no further ado, the winners are:

“Hazardous threes” – Aedan Cullen

RP2350’s antifuse OTP memory is a security-critical component: security configuration bits are stored in OTP and read early in the reset process. A state machine called the OTP PSM is responsible for these reads. Unfortunately, it turns out that the OTP PSM has an exploitable weakness.

The antifuse array is powered via the USB_OTP_VDD pin. To protect against power faults, the PSM uses “guard reads”: reads of known data very close to reads of security-critical data. A power fault should cause a mismatch in the known guard data, indicating that the associated security-critical read is untrustworthy. We use a single guard word: 0x333333.

However, the OTP may retain the last sensed read data during a power fault, and subsequent reads return the most-recently-read data from when power was good. This is not itself a flaw, but it interacts poorly with the choice of guard word. If USB_OTP_VDD is dropped precisely after a guard read has occurred, 0x333333 will be read until power is restored. Therefore, an attacker can overwrite security-critical configuration data with this value.

If the CRIT0 and CRIT1 words are replaced by 0x333333 during the execution of the OTP PSM, the RISCV_DISABLE and ARM_DISABLE bits will be set, and the DEBUG_DISABLE bit will be cleared. ARM_DISABLE takes precedence, so the chip leaves reset with the RISC-V cores running and debugging allowed, regardless of the actual configuration written in the fuses. Dumping secret data from the OTP is then straightforward.

More information can be found in Aedan’s GitHub repository here, and in his Chaos Communication Congress presentation here.

No mitigation is currently available for this vulnerability, which has been assigned erratum number E16. It is likely to be addressed in a future stepping of RP2350.

USB bootloader single-instruction fault with supply-voltage injection – Marius Muench

A foundational security feature of RP2350 is secure boot, which restricts the chip to only run code signed with a specific private key. If an attacker can bypass or break out of secure boot, they can run their own unsigned code, which can potentially dump secret data from the OTP.

Marius discovered a weakness in the boot ROM’s reboot API. This supports several different reboot modes, one of which is REBOOT_TYPE_PC_SP, which reboots and starts execution with a specific program counter and stack pointer. This can only be triggered from secure firmware already running on the chip, but if an attacker could trigger this boot mode externally, and with controlled parameters, we would start executing code at an attacker-supplied address – without verifying the signature of the code!

But how can one enter this boot mode, if it is only accessible to signed and verified firmware?

The answer (of course) is fault injection. By issuing a normal reboot command to the USB bootloader, and injecting a fault (in this case by glitching the supply voltage) so that an instruction is skipped just at the right time, it is possible to trick the reboot API into believing that REBOOT_TYPE_PC_SP was requested. If an attacker has loaded malicious code beforehand into the RAM, this code can be executed and used to extract the secret.

An interesting aspect of this attack is that the code for accepting the reboot command is actually hardened against fault injection. Unfortunately, the function implementing the reboot logic itself assumes that the incoming parameters (including the requested boot mode) are sanitised. Due to an unlucky arrangement of instructions emitted by the compiler, injecting a fault which skips one out of two very specific instructions confuses the chip into rebooting to the hazardous boot type.

Marius says: “While this break may seem straightforward in retrospect, reality is quite different. Identifying and exploiting these types of issues is far from trivial. Overall, this hacking challenge was a multi-month project for me, with many dead-ends explored along the way and countless iterations of attack code and setups to confirm or refute potential findings. Nonetheless, I had plenty of fun digging deep into the intricacies of the new RP2350 microcontroller, and I would like to thank Raspberry Pi and Hextree for hosting the challenge!”

Several effective mitigations are available against this attack, which has been assigned erratum number E20. The most precise mitigation is to set the OTP flag BOOT_FLAGS0.DISABLE_WATCHDOG_SCRATCH, which disables the ability to reboot to a particular PC/SP where that function is not required by application code.

Signature check single-instruction fault with laser injection – Kévin Courdesses

Kévin discovered an exploitable weakness in the secure boot path, just after the firmware to be validated has been loaded into RAM, and just before the hash function needed for the signature check is computed. Injecting a single precisely timed fault at this stage can cause the hash function to be computed over a different piece of data, controlled by the attacker. If that data is a valid signed firmware, the signature check will pass, and the attacker’s unsigned firmware will run!

The most common method of introducing faults, seen in Marius’s attack, is to briefly pull down the supply voltage, introducing a brief “glitch”, which causes the digital logic in the chip to misbehave. RP2350 contains glitch detector circuitry, which is designed to spot most voltage glitches and to purposely halt the chip in response. To permit the injection of faults without triggering the glitch detectors, Kévin built a custom laser fault injection system; this applies a brief pulse of laser light to the back of the die, which has been exposed by grinding away part of the package. And, although several technical compromises were necessary to keep the setup within a limited budget, it worked!

More information can be found in Kévin’s paper here.

No mitigation is available for this attack, which has been assigned erratum number E24. It is likely to be addressed in a future stepping of RP2350.

Extracting antifuse secrets from RP2350 by FIB/PVC – IOActive

OTP memories based on antifuses are widely used for storing small amounts of data (such as serial numbers, keys, and factory trimming) in integrated circuits because they are inexpensive and require no additional mask steps to fabricate. RP2350 uses an off-the-shelf antifuse memory block for storing secure boot keys and other sensitive configuration data.

Antifuses are widely considered to be a “high security” storage medium, meaning that they are significantly more difficult for an attacker to extract data from than other types of memory, such as flash or mask ROM. However, with this attack, IOActive has (almost) demonstrated that data bits stored in the RP2350 antifuse memory array can be extracted using a well-known semiconductor failure analysis technique: passive voltage contrast (PVC) with a focused ion beam (FIB).

The current form of the attack recovers the bitwise OR of two physically adjacent memory cells sharing common metal-1 contacts. However, with some per-bit effort it may be possible for an attacker to separate the even/odd cell values by taking advantage of the circuit-editing capabilities of the FIB.

IOActive has not yet tested the technique against other antifuse IP blocks or on other process nodes. Nonetheless, it is believed to have broad applicability to all antifuse-based memories. Dr Andrew Zonenberg, who led the technical team on this project along with Antony Moor, Daniel Slone, Lain Agan, and Mario Cop, commented: “Our team found a unique attack vector for reading data out of antifuse memory, which we intend to further develop. Those who rely on antifuse memory for confidentiality should immediately reassess their security posture.”

The suggested mitigation for this attack is to employ a “chaffing” technique, storing either {0, 1} or {1, 0} in each pair of bit cells, as the attack in its current form is unable to distinguish between these two states. To guard against a hypothetical version of the attack which uses circuit editing to distinguish between these states, it is recommended that keys and other secrets be stored as larger blocks of chaffed data, from which the secret is recovered by hashing.

Glitch detector evaluation, and OTP read double-instruction fault with EM injection – Hextree

We commissioned the Hextree team to evaluate the secure boot process, and the effectiveness of the redundancy coprocessor (RCP) and glitch detectors. They found that at the highest sensitivity setting, the glitch detectors can detect many voltage glitches; however, the rate of undetected glitches is still high enough to make attacks feasible with some effort.

The majority of their work focused on electromagnetic fault injection (EMFI), which delivers a high-voltage pulse to a small coil on top of the chip. This creates an electromagnetic field which will collapse in the chip, providing for the injection of very localized faults which do not disturb the glitch detectors. Testing yielded multiple security-relevant results, notably that it is possible to corrupt values read from OTP by injecting faults very early in the boot process, and that random delays provided by the RCP are susceptible to side-channel measurements.

The team also found a path to bypass an aspect of the OTP protection of the chip using a double fault: the s_varm_crit_nsboot function, which locks down the OTP permissions prior to entering BOOTSEL mode, has two instructions which, when both are disturbed by precisely timed faults, can prevent an OTP page from being correctly locked, effectively allowing the user to read-out and write to the OTP even when the chip configuration forbids this. The double fault can be triggered with reasonable reliability by EMFI.

Several effective mitigations are available against this attack, which has been assigned erratum number E21. The attack occurs when the device is running non-secure bootloader code, and the OTP keys are extracted via the PICOBOOT interface. The USB bootloader can be disabled by setting the OTP flags BOOT_FLAGS0.DISABLE_BOOTSEL_USB_PICOBOOT_IFC and BOOT_FLAGS0.DISABLE_BOOTSEL_USB_MSD_IFC, which mitigates this vulnerability at the cost of removing the ability to update firmware on the device over USB.

We’d also like to express gratitude to Colin O’Flynn and his team at NewAE for collaborating with both us and Thomas Roth / Hextree on this advanced silicon security research, as well as enabling us with their fantastic ChipWhisperer kit.

What’s next?

We’d like to thank everyone who participated in the challenge. While the rules specify a single $20,000 prize for the “best” attack, we were so impressed by the quality of the submissions that we have chosen to pay the prize in full for each of them.

As expected, we’ve learned a lot. In particular, we’ve revised downward our estimate of the effectiveness of our glitch detection scheme; the difficulty of reliably injecting multiple faults even in the presence of timing uncertainty; and the cost and complexity of laser fault injection. We’ll take these lessons into account as we work to harden future chips, and anticipated future steppings of RP2350.

And while this hacking challenge is over, another one is about to start. As a component of the broader RP2350 security architecture, we’ve been working to develop an implementation of AES which is hardened against side-channel attacks (notably differential power analysis), and we’ll be challenging you to defeat it. Check back next week for more details.

All vendors have security vulnerabilities in their chips. We are unusual because we talk about them, and aim to fix them, rather than brushing them under the carpet. Security through transparency is here to stay.

The post Security through transparency: RP2350 Hacking Challenge results are in appeared first on Raspberry Pi.

We first announced Raspberry Pi 5 back in the autumn of 2023, with just two choices of memory density: 4GB and 8GB. Last summer, we released the 2GB variant, aimed at cost-sensitive applications. And today we’re launching its bigger sibling, the 16GB variant, priced at $120.

Why 16GB, and why now?

We’re continually surprised by the uses that people find for our hardware. Many of these fit into 8GB (or even 2GB) of SDRAM, but the threefold step up in performance between Raspberry Pi 4 and Raspberry Pi 5 opens up use cases like large language models and computational fluid dynamics, which benefit from having more storage per core. And while Raspberry Pi OS has been tuned to have low base memory requirements, heavyweight distributions like Ubuntu benefit from additional memory capacity for desktop use cases.

The optimised D0 stepping of the Broadcom BCM2712 application processor includes support for memories larger than 8GB. And our friends at Micron were able to offer us a single package containing eight of their 16Gbit LPDDR4X die, making a 16GB product feasible for the first time.

Carbon Removal Credits

We’re proud of the low environmental impact of Raspberry Pi computers. They are small and light, which translates directly into a small upfront carbon footprint for manufacturing, logistics and disposal. With an idle power consumption in the 2–3W range, and a fully loaded power consumption of less than 10W, replacing a legacy x86 PC with a Raspberry Pi typically results in a significant reduction in operating power consumption, and thus ongoing carbon footprint.

But while our upfront carbon footprint is small, it is not zero. So today, we’re launching Raspberry Pi Carbon Removal Credits, priced at $4, giving you the option to mitigate the emissions associated with the manufacture and disposal of a modern Raspberry Pi.

How does it work?

We commissioned Inhabit to conduct an independent assessment of the carbon footprint of manufacturing, shipping, and disposing of a Raspberry Pi 4 or 5, which came to 6.5kg of CO₂ equivalent. When you buy a Raspberry Pi Carbon Removal Credit from one of our Approved Resellers, we pay our friends at UNDO Carbon to begin capturing that quantity of CO₂ from the atmosphere using enhanced rock weathering (ERW) technology.

It’s that simple.

What is enhanced rock weathering?

As rain falls through the atmosphere, it combines with CO₂ to form carbonic acid. When this weak acid falls on mountains, forests and grassland, the CO₂ interacts with rocks and soil, mineralises, and is safely stored in solid carbonate form. The natural process of weathering already accounts for the removal of one billion tonnes of CO₂ from the atmosphere every year.

ERW accelerates this natural process by spreading crushed silicate rock (in our case, basalt) on agricultural land, increasing the surface area of the rock and therefore increasing its contact with CO₂. Overall, this reduces the timescales involved from millions of years to mere decades. Once the reaction takes place, the CO₂ is permanently locked away for 100,000+ years.

In addition to capturing CO₂, spreading basalt on agricultural land also brings with it significant co-benefits. Silicate rocks are mineral-rich; as they weather, they release nutrients such as magnesium, calcium and potassium, improving soil health and reducing the need for fertilisers. Trials with the University of Newcastle have shown an increase in crop yield following the application of crushed basalt rock. In addition, the alkaline bicarbonate ions captured during the ERW process are eventually washed out to sea, where they help to deacidify our oceans.

You can find out more about UNDO’s work here.

Why capture carbon in the future, not the past?

Generally, when you buy carbon offsets, you are paying for carbon capture which has taken place in the past (for example by planting and growing trees). When you buy Raspberry Pi Carbon Removal Credits, UNDO spreads basalt now, which then captures the rated quantity of carbon over, roughly, the next twenty years.

We’ve chosen ERW because we believe it’s a more rigorous, scalable, verifiable approach to carbon capture than traditional approaches like planting (or, more ridiculously, agreeing not to cut down) trees: quite simply, it’s our best shot at drawing down a material fraction of humanity’s carbon emissions in our lifetimes. But, as it is a relatively new technology, there is no pool of offsets corresponding to historical capture available for us to purchase.

So, we’re doing the next best thing: paying UNDO to start an irrevocable process of carbon capture which will continue over the next two decades and beyond. We hope that our embrace of ERW will help raise awareness of this world-changing technology, and perhaps inspire others to take their first steps with it.

The post 16GB Raspberry Pi 5 on sale now at $120 appeared first on Raspberry Pi.

Just in time for Christmas, we’re delighted to announce the release of two hotly anticipated products that we think will look great under the tree. One of them might even fit in a stocking if you push hard enough. Introducing Raspberry Pi 500, available now at $90, and the Raspberry Pi Monitor, on sale at $100: together, they’re your complete Raspberry Pi desktop setup.

Integral calculus

Our original mission at Raspberry Pi was to put affordable, programmable personal computers in the hands of young people all over the world. And while we’ve taken some detours along the way – becoming one of the world’s largest manufacturers of industrial and embedded computers – this mission remains at the heart of almost everything we do. It drives us to make lower-cost products like the $15 Raspberry Pi Zero 2 W, and more powerful products, like our flagship Raspberry Pi 5 SBC. These products provide just the essential processing element of a computer, which can be combined with the family television, and second-hand peripherals, to build a complete and cost-effective system.

But over time we have come to understand the benefits of integration: some people are better served by a system that is ready to use straight out of the box. This need was dramatized during the early days of the COVID pandemic, when we worked with the Raspberry Pi Foundation to deliver thousands of Raspberry Pi 4 Desktop Kits and monitors to young people studying from home in the UK. Our experiences with that programme informed the development of Raspberry Pi 400, our all-in-one PC, whose form factor (and name) harks back to the great 8-bit and 16-bit computers – the BBC Micro, Sinclair Spectrum, and Commodore Amiga – of the 1980s and 1990s.

Meet Raspberry Pi 500

In the four years since it launched, Raspberry Pi 400 has become a hugely popular choice for enthusiasts and educators. And today, we’re launching its successor, Raspberry Pi 500, bringing the features and performance of the Raspberry Pi 5 platform to our all-in-one form factor:

• 2.4GHz quad-core 64-bit Arm Cortex-A76 processor
• 8GB LPDDR4X-4267 SDRAM
• VideoCore VII GPU, supporting OpenGL ES 3.1 and Vulkan 1.3
• Dual 4Kp60 HDMI® display output
• Dual-band 802.11ac Wi-Fi® and Bluetooth 5.0
• 2 × USB 3.0 ports, supporting simultaneous 5Gbps operation
• 1 × USB 2.0 port
• Gigabit Ethernet port
• Horizontal 40-pin Raspberry Pi GPIO connector

Raspberry Pi 500 is priced at $90, including a 32GB Raspberry Pi-branded SD card, and is also available in a $120 Desktop Kit, which adds:

• Raspberry Pi Mouse
• Raspberry Pi 27W USB-C Power Supply
• 2m micro HDMI to HDMI cable
• Raspberry Pi Beginner’s Guide, 5th Edition

The vision thing – an official Raspberry Pi Monitor

Although it’s highly integrated, Raspberry Pi 500 is only half the story: to build a complete system, you still need a display device. Which is why we’re also launching the Raspberry Pi Monitor, available now at $100. Designed to coordinate perfectly with your Raspberry Pi 500 or cased Raspberry Pi 5, it incorporates a 15.6″ full HD IPS panel with a 45% colour gamut and an 80° viewing angle, together with a pair of 1.2W speakers, in a slender enclosure with a fold-away integrated stand and VESA mounting points.

Power is provided via a USB-C connector. Cost-conscious users can power the monitor directly from their Raspberry Pi via the included USB-A to USB-C cable; in this mode display brightness is limited to 60% of maximum (still quite bright!) and volume to 50% of maximum (still quite loud!). Using a dedicated USB-C supply capable of delivering 5V/3A, like the Raspberry Pi 15W USB-C Power Supply, enables the full brightness and volume ranges.

Faster, better, cheaper: Raspberry Pi 400 price cuts

While we’re incredibly excited about Raspberry Pi 500, we need to remember that cost remains a barrier to access for many people, young and old. So we’re also taking this opportunity to cut the price of Raspberry Pi 400 from $70 to $60, and the Raspberry Pi 400 Personal Computer Kit from $100 to $80. We’re also bundling a Raspberry Pi-branded SD card with every Raspberry Pi 400, to help you get the best possible performance out of the system.

We know that quite a few of you have been eagerly awaiting both of our new products, and we hope you enjoy them now they’re here. We’ve seen Raspberry Pi 400 everywhere from retro gaming setups to university exam facilities and hospital offices; we’re really looking forward to finding out where Raspberry Pi 500 and our new Raspberry Pi Monitor end up.

The post Raspberry Pi 500 and Raspberry Pi Monitor on sale now appeared first on Raspberry Pi.

Today we’re happy to announce the much-anticipated launch of Raspberry Pi Compute Module 5, the modular version of our flagship Raspberry Pi 5 single-board computer, priced from just $45.

An unexpected journey

We founded the Raspberry Pi Foundation back in 2008 with a mission to give today’s young people access to the sort of approachable, programmable, affordable computing experience that I benefitted from back in the 1980s. The Raspberry Pi computer was, in our minds, a spiritual successor to the BBC Micro, itself the product of the BBC’s Computer Literacy Project.

But just as the initially education-focused BBC Micro quickly found a place in the wider commercial computing marketplace, so Raspberry Pi became a platform around which countless companies, from startups to multi-billion-dollar corporations, chose to innovate. Today, between seventy and eighty percent of Raspberry Pi units go into industrial and embedded applications.

While many of our commercial customers continue to use the “classic” single-board Raspberry Pi form factor, there are those whose needs aren’t met by that form factor, or by the default set of peripherals that we choose to include on the SBC product. So, in 2014 we released the first Raspberry Pi Compute Module, providing just the core functionality of Raspberry Pi 1 – processor, memory, non-volatile storage and power regulation – in an easy-to-integrate SODIMM module.

Compute Modules make it easier than ever for embedded customers to build custom products which benefit from our enormous investments in the Raspberry Pi hardware and software platform. Every subsequent generation of Raspberry Pi, except for Raspberry Pi 2, has spawned a Compute Module derivative. And today, we’re happy to announce the launch of Compute Module 5, the modular version of our flagship Raspberry Pi 5 SBC.

Meet Compute Module 5

Compute Module 5 gives you everything you love about Raspberry Pi 5, but in a smaller package:

• A 2.4GHz quad-core 64-bit Arm Cortex-A76 CPU
• A VideoCore VII GPU, supporting OpenGL ES 3.1 and Vulkan 1.3
• Dual 4Kp60 HDMI® display output
• A 4Kp60 HEVC decoder
• Optional dual-band 802.11ac Wi-Fi® and Bluetooth 5.0
• 2 × USB 3.0 interfaces, supporting simultaneous 5Gbps operation
• Gigabit Ethernet, with IEEE 1588 support
• 2 × 4-lane MIPI camera/display transceivers
• A PCIe 2.0 x1 interface for fast peripherals
• 30 GPIOs, supporting 1.8V or 3.3V operation
• A rich selection of peripherals (UART, SPI, I2C, I2S, SDIO, and PWM)

It is available with 2GB, 4GB, or 8GB of LPDDR4X-4267 SDRAM, and with 16GB, 32GB, or 64GB of MLC eMMC non-volatile memory. 16GB SDRAM variants are expected to follow in 2025.

Compute Module 5 is mechanically compatible with its predecessor, Compute Module 4, exposing all signals through a pair of high-density perpendicular connectors, which attach to corresponding parts on the customer’s carrier board. Additional stability is provided by four M2.5 mounting holes arranged at the corners of the board.

There are a small number of changes to the pin-out and electrical behaviour of the module, mostly associated with the removal of the two two-lane MIPI interfaces, and the addition of two USB 3.0 interfaces. A detailed summary of these changes can be found in the Compute Module 5 datasheet.

Accessories accessorise

But Compute Module 5 is only part of the story. Alongside it, we’re offering a range of new accessories to help you get the most out of our new modular platform.

IO Board

Every generation of Compute Module has been accompanied by an IO board, and Compute Module 5 is no exception.

The Raspberry Pi Compute Module 5 IO Board breaks out every interface from a Compute Module 5. It serves both as a development platform and as reference baseboard (with design files in KiCad format), reducing the time to market for your Compute Module 5-based designs.

The IO Board features:

• A standard 40-pin GPIO connector
• 2 × full-size HDMI 2.0 connectors
• 2 × 4-lane MIPI DSI/CSI-2 FPC connectors (22-pin, 0.5mm pitch cable)
• 2 × USB 3.0 connectors
• A Gigabit Ethernet jack with PoE+ support (requires a separate Raspberry Pi PoE+ HAT+)
• An M.2 M-key PCIe socket (for 2230, 2242, 2260 and 2280 modules)
• A microSD card socket (for use with Lite modules)
• An RTC battery socket
• A 4-pin fan connector

Power is provided by a USB-C power supply (sold separately).

IO Case

As in previous generations, we expect some users to deploy the IO Board and Compute Module combination as a finished product in its own right: effectively an alternative Raspberry Pi form factor with all the connectors on one side. To support this, we are offering a metal case which turns the IO Board into a complete encapsulated industrial-grade computer. The Raspberry Pi IO Case for Raspberry Pi Compute Module 5 includes an integrated fan, which can be connected to the 4-pin fan connector on the IO Board to improve thermal performance.

Cooler

While Compute Module 5 is our most efficient modular product yet in terms of energy consumed per instruction executed, like all electronic products it gets warm under load. The Raspberry Pi Cooler for Raspberry Pi Compute Module 5 is a finned aluminium heatsink, designed to fit on a Compute Module 5, and including thermal pads to optimise heat transfer from the CPU, memory, wireless module and eMMC.

Antenna Kit

Wireless-enabled variants of Compute Module 5 provide both an onboard PCB antenna, and a UFL connector for an external antenna. Use of the Raspberry Pi Antenna Kit (identical to that already offered for use with Compute Module 4) with Compute Module 5 is covered by our FCC modular compliance.

Development Kit

The Raspberry Pi Development Kit for Raspberry Pi Compute Module 5 comprises a Compute Module 5, an IO Board, and all the other accessories you need to start building your own design:

• CM5104032 (Compute Module 5, with wireless, 4GB RAM, 32GB eMMC storage)
• IO Case for Compute Module 5
• Compute Module 5 IO Board
• Cooler for Compute Module 5
• Raspberry Pi 27W USB-C PD Power Supply (local variant as applicable)
• Antenna Kit
• 2 × Raspberry Pi standard HDMI to HDMI Cable
• Raspberry Pi USB-A to USB-C Cable

Early adopters

Today’s launch is accompanied by announcements of Compute Module 5-based products from our friends at KUNBUS and TBS, who have built successful products on previous Raspberry Pi Compute Modules and whom we have supported to integrate our new module into their latest designs. Other customers are preparing to announce their own Compute Module 5-powered solutions over the next weeks and months. The world is full of innovative engineering companies of every scale, and we’re excited to discover the uses to which they’ll put our powerful new module. Try Compute Module 5 for yourself and let us know what you build with it.

The post Compute Module 5 on sale now from $45 appeared first on Raspberry Pi.

Most Raspberry Pi single-board computers, with the exception of the Raspberry Pi Zero and A+ form factors, incorporate an on-board USB hub to fan out a single USB connection from the core silicon, and provide multiple downstream USB Type-A ports. But no matter how many ports we provide, sometimes you just need more peripherals than we have ports. And with that in mind, today we’re launching the official Raspberry Pi USB 3 Hub, a high-quality four-way USB 3.0 hub for use with your Raspberry Pi or other, lesser, computer.

Key features include:

• A single upstream USB 3.0 Type-A connector on an 8 cm captive cable
• Four downstream USB 3.0 Type-A ports
• Aggregate data transfer speeds up to 5 Gbps
• USB-C socket for optional external 3A power supply (sold separately)

Race you to the bottom

Why design our own hub? Well, we’d become frustrated with the quality and price of the hubs available online. Either you pay a lot of money for a nicely designed and reliable product, which works well with a broad range of hosts and peripherals; or you cheap out and get something much less compatible, or unreliable, or ugly, or all three. Sometimes you spend a lot of money and still get a lousy product.

It felt like we were trapped in a race to the bottom, where bad quality drives out good, and marketplaces like Amazon end up dominated by the cheapest thing that can just about answer to the name “hub”.

So, we worked with our partners at Infineon to source a great piece of hub silicon, CYUSB3304, set Dominic to work on the electronics and John to work on the industrial design, and applied our manufacturing and distribution capabilities to make it available at the lowest possible price. The resulting product works perfectly with all models of Raspberry Pi computer, and it bears our logo because we’re proud of it: we believe it’s the best USB 3.0 hub on the market today.

Grab one and have a play: we think you’ll like it.

The post Raspberry Pi USB 3 Hub on sale now at $12 appeared first on Raspberry Pi.

To help you get the best out of your Raspberry Pi 5, today we’re launching a range of Raspberry Pi-branded NVMe SSDs. They are available both on their own and bundled with our M.2 HAT+ as ready-to-use SSD Kits.

When we launched Raspberry Pi 5, almost exactly a year ago, I thought the thing people would get most excited about was the three-fold increase in performance over 2019’s Raspberry Pi 4. But very quickly it became clear that it was the other new features – the power button (!), and the PCI Express port – that had captured people’s imagination.

We’ve seen everything from Ethernet adapters, to AI accelerators, to regular PC graphics cards attached to the PCI Express port. We offer our own low-cost M.2 HAT+, which converts from our FPC standard to the standard M.2 M-key format, and there are a wide variety of third-party adapters which do basically the same thing. We’ve also released an AI Kit, which bundles the M.2 HAT+ with an AI inference accelerator from our friends at Hailo.

But the most popular use case for the PCI Express port on Raspberry Pi 5 is to attach an NVMe solid-state disk (SSD). SSDs are fast; faster even than our branded A2-class SD cards. If no-compromises performance is your goal, you’ll want to run Raspberry Pi OS from an SSD, and Raspberry Pi SSDs are the perfect choice.

The entry-level 256GB drive is priced at $30 on its own, or $40 as a kit; its 512GB big brother is priced at $45 on its own, or $55 as a kit. Both densities offer minimum 4KB random read and write performance of 40k IOPS and 70k IOPS respectively. The 256GB SSD and SSD Kit are available to buy today, while the 512GB variants are available to pre-order now for shipping by the end of November.

So, there you have it: a cost-effective way to squeeze even more performance out of your Raspberry Pi 5. Enjoy!

The post Raspberry Pi SSDs and SSD Kits on sale now appeared first on Raspberry Pi.