Dear element 14,
Would you consider making a version of BBB that has high security version of the TI SoC.
In this day and age of systems being compromised, it would be great to have an open source friendly piece of HW when the owner would control the security keys 
Thank you
May 30, 2015 10:20 PM
Security. The built-in M-Shield™ security technology enables operators to add value-added services for content protection, transaction security and secure network access, plus terminal security functions such as secure flashing and booting, terminal identity protection and network lock protection. Enhanced with ARM TrustZone™ support, OMAP3430 security is based on open APIs and provides an environment for secure applications that deliver robust performance and interoperability.
The requested URL /m-shield was not found on this server.
I thought that m-shield block and secure boot was only available on high security version, was I wrong?
May 31, 2015 5:29 AM
Actually I could write my own secure boot since I have the working knowledge how of works
This is on my ToDo list for a while, too (since my discussion with the creator of the CryptoCape which diverted in an other direction)
Good starting points are:
Happy Hacking!
Glad to read that you are chatting with Josh Datko. He's a driving force in the topic of security applications for the BeagleBone.
Phil Polstra may also be worth a look: BeagleBoard.org - 2013-10-08-project-spotlight-the-deck
This was in 2013, looong time ago! 
I was thinking of a secure platform for online banking etc. and while at it I found Josh blog on the CryptoCape. Since then I got lost in other projects. I still have to check the Rev C for it's capabilities. From clem57's answer I decuct that they have added some more security features.
Opposed to Phil Polstra I am more interested in the defensive side of security, even if the world looks much brighter for the attackers.
Yeah, that blog post was from awhile ago, but Phil continues to develop the platform: BeagleBoard.org - Forums. You are right that he is more focused on penetration testing.
The prospect of secure boot is interesting. I found this on LWN.net:
Verified U-Boot
https://lwn.net/Articles/571031/
It is from 2013 but does mention the BaegleBone Black:
The crypto code is simple and does not deal with multiple indirections and data conversions. In fact, it typically takes longer to hash a kernel than it does to verify it using RSA. On a BeagleBone Black (OMAP4), it takes about 6ms to verify a configuration and only adds 6.2KB to U-Boot's code size.
thanks,
drew
It looks like this person, Teddy Reed, had been working on TPM and BBB, too:
http://prosauce.org/blog/2012/7/5/embedded-trust-p1-beginning-to-trust-my-beaglebone.html
And has repo for libSboot:
https://github.com/theopolis/sboot/
"libSboot provides an example 'Secured Boot' for U-Boot and a U-Boot Second
Phase Loader (SPL)."
That are all great finds! I'll surely have a closer look when I am finished with the design challenge!
btw, some interesting discussion from google plus:
https://plus.google.com/u/0/+DrewFustini/posts/h3yfWfhWGgm
uboot maintainer Tom Rini commented:
OK, oops, my fault for not catching that when proof reading what Simon Glass wrote back then. But yes, that was all about BBB and is still in tree as an example with am335x_boneblack_vboot_defconfig.
And the author of that LWN article, Simon Glass, commented:
Yes it is BBB. I'm not sure why I thought it was OMAP4. Maybe just a typo
Thank you everyone for your replies and handy links.
Yes, the boot can be secured at software level starting from MLO, but I am being extra paranoid about compromise of the initial boot. Would like to know that firmware was verified based on a signature before being loaded.
P.S. The reason I asked about HS version of BBB, because I was under (perhaps mistaken) impression that HS chips were pin compatible and would not require significant redesign and would be a question of burning the key into the chip.
From what I remember only the second level boot loader is writable through software. If your threat model excludes physical access you can do the following:
write 2 stage boot loader to some spi flash memory with a write protection pin and connect that to a jumper / switch. When you have to update it simply disable write protection. This boot loader then checks the authenticity and integrity of all components loaded afterwards.
This would be enough security for my level of paranoia
