Cypherbridge Systems

 Products & Services from Cypherbridge Systems

Our product portfolio includes a wide range of SDKs and Toolkits supported on numerous chips and platforms:
  • Renesas Synergy S7, S5, S3
  • Renesas V850
  • Texas Instruments MSP430, Stellaris Cortex M3, Sitara CA8 and ARM9. DSP BIOS/NDK platforms including DM642
  • NXP3250 ARM9, LPC175x, LPC1768, LPC1788, LPC18Sx57, LPC43x37
  • ST Microelectronics STM32F2xx and STM32F4xx 
  • Freescale Kinetis K6x
  • Renesas M16C, RX62N
  • Atmel AT91SAM
  • ADI Blackfin
  • Evaluation boards from Freescale, STMicro Eval and Discovery, TI, NXP, Phytec, Keil, Atmel, Embedded Artists, Critical Link, and more!

If you don't see your chip or board contact us to inquire.   We can usually adapt and quickly integrate a SDK or Toolkit on a target platform.
We can also provide system integration  including custom chip and board platform kits so you can hit the ground running on your project!

 Software Development Kits


  Cyclone IoT Device Kit This integrated end-to-end solution enables IoT devices to connect securely to the cloud, to synchronize and replicate sensor and actuator data. It provides TLS secure MQTT messaging across the cloud, along with optional FAT encrypted local file system, to ensure data integrity and privacy. The CDK device client is integrated with the Cyclone IoT Cloud for an end-to-end system solution. The CDK ANSI C software includes subscriber and publisher APIs, platform interface layer, and is RTOS and TCP stack portable.
Embedded SSL SDK 

dHTTP Webserver
Portable ANSI C software stack implementing standards based SSL, TLS 1.0, 1.1 and 1.2, PKI X.509 certificates, crypto, hashing and network protocols. The optional Certbuilder certificate management toolkit generates and embeds self-signed X.509 certificates for embedded server and client authentication. 

Add the dHTTP  full featured embedded Webserver for HTTP and HTTPS content.  Standalone or fully integrated with uSSL SDK. Standard dHTTP is included with uSSL SDK at no extra charge.  Feature Pack upgrade option adds advanced features.
uLoad Product Family This product family delivers both an advanced software update installer and a boot loader solution for embedded platforms to authenticate, install and activate firmware updates.  Images are encrypted and signed to authenticate genuine origin and block malware installs.
 SSH SDK Add SSH and secure TCP/IP tunnel with uSSH embedded SDK. This product includes an embedded server and client, flexible interactive shell. SCP copy option transfers files in source, sink, client, and server modes.
VPN IPsec/IKEv2 SDK The uVPN SDK implements IKEv1/IKEv2/IPsec for a cryptographically secure solution for IP packet networking. It provides authentication, data encryption and message integrity for embedded devices. VPN SDK is a standards-based, full-featured toolkit delivering system benefits including security and performance for embedded platforms, smartphones, tablets and more.




    Certbuilder Toolkit  X.509 Certificate management toolkit to generate, compile, self-sign and import X.509 certificates for embedded server, client and Certificate Authoritity.
uFTP Toolkit
ANSI C FTP client library implements standards RFC 959, 2228, and 4217 non-protected and TLS protected modes. Includes command line client application and local file system porting interface.
uFile Toolkit The uFile toolkit includes a portable FAT file system, plug & play device manager, and file encryption for safe storage on removable storage media.
 uCrypt Toolkit Low footprint cryptographic library implements a robust set of ciphers and hashes.  It includes standard block and stream ciphers AES and ECC, RSA support, and  X.509 certificate processing including RSA and ECDSA keys.  Library support framework includes big number processing, integrated memory manager and self-test.  Platform kits interface to target system.  
 uMQTT Toolkit

Low footprint embedded MQTT library.  Lightweight messaging for scalable Internet of Things and Big Data systems.  Add MQTT 3.1 client to subscribe and publish message data to the cloud.  Fully integrated with uSSL for TLS based secure MQTT messaging.
eU2F Toolkit The FIDO U2F open standard delivers easier user experience and strong security benefits.  Using FIDO U2F, web services can use strong second factor authentication and simplified login to achieve high security while reducing password fatigue.
The eU2F Toolkit implements U2F standard message protocol and crypto layer operations for MCU and SOC platforms.
 uSMTP Toolkit Send TLS secure email to any server using the uSMTP Toolkit.  Connects in non-TLS and TLS modes to private and public SMTP relays including godaddy and gmail.

Cyclone IoT Device Kit  

Targeting vertical markets including smart meter and grid, commercial and residential energy management, smart building, security monitoring, M2M, SCADA or telemetry?  This integrated end-to-end solution enables embedded devices to connect securely to the cloud.  Device data can now be managed in small to large scale systems using cloud based data replication.  The CDK enables big data scalability for visualization and business logic. Privacy and security can be seamlessly integrated to meet industry standards, regulatory requirements, and electronic data privacy policy for in-flight and at-rest data.

The CDK is build on the industry proven uSSL TLS 1.2 SDK, and uMQTT Toolkit. The embedded uCloud Device Client connects with the Cyclone cloud.  Data topics corresponding to sensor and actuator IO points, are published and subscribed by the device.  Topics are replicated to subscribers, that in turn write to actuators or perform other event driven action. The Cyclone IoT cloud is bundled with the uCloud Device Client, providing an integrated end-to-end solution.

The optional uFile Toolkit implements a FAT32 file system to encrypt data-at-rest on the device to protect privacy if the device or file system media is lost, stolen or hacked. 

The CDK ANSI C library is portable to a wide range of embedded OS, RTOS and TCP platforms. 


  Cyclone IoT Data Sheet

Return to Top

uSSL Software Stack 

Portable ANSI C software stack implementing standards based SSL, PKI, crypto, hashing, and network protocols. Targeted for embedded systems and devices, uSSL employs proven interoperable features to securely authenticate and cryptographically secure end-to-end system transactions. uSSL can be easily integrated with existing or new applications, and can be tailored to enable a subset of the supported protocols to achieve the lowest possible memory footprint.

uSSL includes self-test support for integration, test, and compatibility verification. uSSL includes a network adaptation layer to integrate with a variety of TCP stacks, wired and wireless networks.  uSSL is interoperable with back-end Linux and Windows SSL-ware.

Upgrades to existing applications employing legacy proprietary encryption schemes, can use uSSL to strengthen security and interoperability. Existing applications can be merged with uSSL features to preserve investment in existing applications and protocols.


  • SSL3 and TLS 1.2 server and client protocol support
  • Sample server and client applications
  • Supported crypto and hash functions include: RSA, 3DES, AES, ARC4, SHA1, SHA2, MD2, MD4, MD5
  • X.509 certificate processing, signing, verification
  • Portable ANSI C
  • Integrated memory manager for zero heap solution
  • Certbuilder toolkit option to generate, manage and embed X509 device certificates
  • Small RAM and ROM footprint perates on low-power 16, and 32 bit microcontrollers
  • Integrated with 3rd party RTOS and TCP stacks, with pre-built x86 GCC and IAR projects

dHTTP Webserver 
  • Standalone or fully integrated with uSSL TLS HTTPS
  • ROM content compiler and platform file system support
  • HTTP 1.1, form POST, GET, CGI, ENV, SSI, CSS, media plugins, redirect, client side javascript
  • Sample forms, CGI, media plugins
  • Platform Abstraction layer for OS, file system and TCP stacks
  • Feature Pack option modules include file upload, download, login and authentication, cookies, AJAX

  • Smart meter
  • Energy management gateways
  • EVSE Charging Stations
  • SCADA telemetry
  • M2M WiFi and Cellular modules
  • Payment Card Industry point-of-sale terminals
  • Gaming Industry terminals and printers
  • Industrial Control and Machine-to-Machine
  • Network appliances 
  uSSL Data Sheet


uLoad Product Family 

Portable ANSI C software update installer and secure boot loader. 

Installing software updates by web, serial port or removable flash drive?  Images can now be securely distributed and managed.  Encrypted files are protected in case the file or removable media is lost, stolen or hacked.  The uLoad Product Family includes advanced software updates and boot loader solutions for embedded platforms.  uLoad can be used for safe install,  to manage multiple images for an update, activation and safe-boot to last-known-good  or factory version, and to integrate a boot loader with optional security features.

Free or low cost boot loaders and flash utilities, such as USB DFU flash burners, have limited functionality and do not implement multiple image management.  The uLoad SDK delivers advanced features including multiple image management, robust image hash integrity checks, and system error recovery features.   Images can be installed from network, serial, and local USB or SD flash drives.  uLoad includes a command line toolkit or Windows GUI for image management, processing and encryption, and firmware push to the target.

The uLoad SDK is available in the following configurations for the best match to specific project requirements:

  • The uLoad-IDE Install Defender Edition controls software updates and distribution, authenticates genuine origin, and blocks malware installs in SCADA, POS terminals, industrial controllers, and anytime software updates are used. Secure images can be transferred by email, file copy, local USB, SD flash drives, serial port, LAN/WAN network.                                                                                                                                                                                                                                                                                                                                                                                 
  • The uLoad-DFE Device Firmware Edition supports factory and clear text images with zero encryption and no passphrase.  It is targeted to embedded systems that require multiple images and rollback features in a robust solution.  The image model is the same as the uLoad Secure Edition, only without encryption features.
  • The uLoad-SE Secure Edition adds a security model to control software updates using encrypted images with a security header, passphrase, and multi-level keys.  Images can be decrypted during the installation, or during the boot loading stage, to provide maximum defense against reverse engineering, cloning and un-authorized use.

uLoad-SE can be used to encrypt the software update image distributed on USB flash drive.  When the field engineer or end user starts a software upgrade, the encryption pass phrase is interactively or programmatically entered to decrypt the image.  This authenticates the image to insure it is genuine, and can be used to distribute optional features with different software SKUs and pass phrases. 

  • Process software image with toolkit supported on command line, Windows GUI and MacOSXMCU and FPGA image file hash signing and authentication.
  • Use standard toolchain to compile and link  software images. Supports IAR, Keil, GCC and all other toolchains.
  • Secure pass-phrase protected distribution of embedded product keyset.
  • Image installation and rollback
  • Flexible, easy to use and extensible design can be integrated with product startup and initialization
  • Optional support for trust chip DS28E01 hardware based challenge-response authentication for PCB board level verification


  • Enhanced product integrity
  • Protection against product tampering, reverse engineering and unauthorized use.
  • Unlock optional user features
 uLoad SDK Data Sheet  uLoad-IDE Data Sheet


uSSH Secure Shell Server & Client

Portable ANSI C SSH embedded server and client for interactive shell and tunneled TCP/IP security layer.

Implement secure interactive shell and SSH tunneled application functions using the uSSH solution. Secure telnet replacement is just the beginning. uSSH provides a flexible TCP/IP security layer for existing and new applications using the built-in command dispatcher. Easy to integrate with run-time environment using RTOS integration features.

The uSSH SDK can be complied for a range of processors and platforms, and comes equipped with utilities and toolkits to manage user accounts and private keys. Build options include tailored asymmetric and symmetric crypto suite, login banner, account access control and other features. The compact uSSH protocols and fully integrated math and crypto library can be tailored to a very compact memory footprint under 70K on a typical Cortex-M3 flash MCU.

Take advantage of SSH security architecture and accelerate your time to market with the uSSH SDK.

  • Standards based SSH 2.0 inter-operates with GUI and command line SSH clients
  • Flexible command dispatch to implement any secure client server application
  • Built-in starter shell extensible for application specific commands. For non-interactive applications no shell is needed
  • Authenticates with user name and protected password
  • Access control feature supports Technician, Supervisor, Factory levels
  • Configurable DSS and RSA asymmetric session support with private key generator utility
  • Configurable crypto with 3DES, AES and Blowfish support
  • Portable ANSI-C SDK with small footprint ported to ARM, Cortex-M3, x86
  • Integrated memory management
  • RTOS integrated using simple task launcher
  • SCP secure copy integrated with embedded file system.  Operates in all modes; source, sink, transfer initiated by desktop or embedded uSSH client.
  • Rate Control  DOS hardening control
  uSSH Data Sheet


uHDMI/HDCP Software Stack 

uHDMI implements a complete feature set for HDMI applications including video and audio processing, format and color conversion, DDC, state and timing, EDID, and CEC. HDCP 1.3 is fully supported for source, sink and repeater processing.

The uHDMI software stack is an ANSI C platform portable solution supporting Silicon Image™ HDMI receiver, transmitter and switch ICs including 9135, 9134, 918x, and a variety of related product family ICs.

uHDMI is a comprehensive solution. The core HDMI middleware libraries are integrated to the embedded system with a platform porting layer supporting 8, 16, and 32 bit controllers. The features of the HDMI middleware are accessed through a application level API and test application, allowing the developer to quickly integrate and test HDMI board functions. uHDMI is supported under operating systems including Linux, Windows/Cygwin, RTOS and dedicated microcontroller, and can be readily ported to systems supporting the I2C, file system, trace log, and NV interfaces used in the platform porting layer.

  • Multiple HDMI input ports and discrete switch controllers
  • HDMI and DVI compatible
  • Repeater supports HDCP 1.3 with OESS (DVI) and ESS (HDMI)
  • Receiver-only, Transmit and Repeater operating modes
  • HDMI/HDCP timer driven scheduler and connection manager
  • Debug features include diagnostic log trace, DDC transactions, device register level access over I2C
  • External host microcontroller interface kit option to control target board
  • I2S and SPDIF digital audio support
  • Up to 8 channels PCM, DVD-Audio, and 6 channels DSD (SACD)
  • Audio sample rate up to 192 k



The Cypherbridge Systems VPN SDK implements IKEv1/IKEv2/IPsec for a cryptographically secure solution for IP packet networking. It provides authentication, data encryption and message integrity for embedded devices. VPN SDK is a standards based, full featured toolkit delivering system benefits including security and performance for embedded platforms, smartphones, tablets and more.

uVPN SDK Features
  • Supports Tunnel and Transport Modes
  • Compact Portable ANSI-C small memory footprint solution
  • RTOS, Android, Embedded Linux operating system support
  • ARM, PowerPC, x86 processors
  • Interoperates with Openswan, Strongswan, OpenBSD, Windows IPsec VPN


IPsec adds peer authentication, encryption and message integrity to IP packet networks, protecting against loss of data privacy, integrity, identity spoofing, and replay attack. IPsec adds security at the network IP layer, with no changes needed to existing client/server or streaming applications. Widely adopted, standards based and interoperable with all network equipment, IPsec can be deployed in host-to-host security channels, remote access VPN to corporate network, or network-to-network.

The VPN SDK supports AH and ESP protocols, as illustrated in the following diagram showing ESP enscapulation over a network-to-network tunneled VPN:

The VPN SDK is designed for both IPv4 and IPv6 operation and is optimized for deployment in embedded systems.

IPsec Features
  • Supports AH and ESP connections
  • Integrated uCrypt cryptographic library includes DHM, AES, 3DES, RC4, SHA1, MD5
  • TCP/IP StacK NetIF interface integrates with RTOS, Kernel, User Mode TCP/IP stacks

IKE- Internet Key Exchange

VPN uIKE implements IKEv1 and IKEv2 standards based protocols to set up Security Associations (SA) for IPsec. Peer systems dynamically establish and synchronize the IKE SA through mutual authentication and secure exchange of session keys.
The SPD governs the policy and management of the security layers. The Security Policy Database (SPD) is used to define traffic flows, such that selected network traffic and direction can be configured on a granular basis. This allows all or selected network traffic to be protected with IPsec.
VPN uIKE stores the keys in the Security Association Database (SAD). IPsec fetches the cipher and authentication type and keys from the SAD, then applies security to an IP packet to encrypt outbound traffic, and decrypt inbound packets.

uVPN Integrated Solution

The following diagram shows the relationship between IKEv2 protocol, the SPD/SAD tables, IPsec, and the components of the embedded TCP/IP stack. The VPN SDK implements “bump-in-stack” security processing at the datagram layer, interfaced by the NetIF ingress and egress software APIs:

IKE Features
  • Supports embedded IKE initiator mode, Phase1 and Phase2 security association SA
  • Configurable session options for Security Association negotiation
  • Automatic negotiation of IKE connection
  • Authentication using shared secret and RSA key pairs

Certbuilder Toolkit 

X.509 certificates can be easily managed using the Certbuilder toolkit.  

Certificates and private keys are generated using offline scripts and configuration files.  Edit configuration files to establish your self-signing Certificate Authority, organization and common name, along with attributes such as key strength, signing hash, and optional certificate properties.  Externally generated certificates can be imported to the Certstore toolkit and compiled in the certificate catalog.

Next, the Certstore compiler processes certificates and keys to generate ANSI C certificate catalog and storage output files.  The catalog files are compiled in your project using the standard toolchain.

At run-time, the catalog is indexed by the uSSL SDK or other embedded application, to selectively load the CA, server and client keys. Seamlessly integrated with the uSSL X.509 loader, the certificate and keys are parsed and dynamically loaded into memory.

  • Use self-signed certificates and avoid overhead fees for 3rd party CA
  • Supports multiple certificate types including RSA and ECDSA
  • Supports range of key strength from low, mid to high strength for tradeoff between storage, CPU and security levels.
  • ASCII text configuration files
  • Command line certificate compiler is supported on Linux and Windows Cygwin
  • Uses interoperable standards based X.509 certificate format
  • Generates ANSI C portable .C and .H certificate catalog and storage files that can be compiled in const ROM


uFTP Toolkit 

The Cypherbridge Systems uFTP Toolkit implements standards based FTP and FTPS file transfer protocols. The uFTP library supports standard RFC 959 (non-protected mode) transfers, PASV and PORT modes, plus TLS implicit and RFC 2228 and 4217 explicit AUTH and PROT transfers.

The Cypherbridge Systems uSSL SDK and uCrypt library implement the cipher and TLS security layers used by uFTP, including TLS 1.2 support .

  • FTP client for secure transfer of files between embedded target and server
  • Complete implementation of commands
  • Interactive command line client
  • uFTP library API for integration with system application
  • Efficient portable ANSI C implementation is zero-threaded and RTOS neutral
  • Interoperates with servers including vsFTPd, FileZilla server, and Windows IIS
  • Includes server setup and configuration files to configure TLS modes
  • Build options include authentication policy for server to accept or reject unauthenticated server certificate
  • Local file system interface with out-of-box support for ANSI stdio file APIs. Use with removable SD or USB storage media.
  uFTP Toolkit Data Sheet


uFile Toolkit 

The uFile Toolkit includes ANSI C stdio.h file system based APIs, portable FAT file system, device manager, and support for removable media including SD and USB flash drives. It also includes the SFP Secure File Plugin for file
system encryption.

The uFile Toolkit uses the Cypherbridge common uCrypt library to process encrypted files.  The common library can be used in combination with other Cypherbridge SDKs and Toolkits including uSSL and uFTP, for a total end-to-end solution for data at-rest and data in-flight.

  • Includes portable FAT file system support with LFN and multi-byte code page support.
  • Device plug and play manager handles SD, MicroSD, and USB file system enumeration and media eject
  • Storage media can be transferred to any FAT compatible desktop
  • FAT file time stamp integrated with platform RTC
  • Encrypted file system encrypts files on removable media.  
  • Encrypted files are 1:1 size compared with plain text
  • Encrypted files have unique per-file keys
  • Advanced stream oriented random access to encrypted files
  • Plain-text and encrypted files can be mixed in any combination on storage media
  • uCrypt integrated with platform crypto hardware engine accelerates crypt operations and reduces memory size
  uFile Toolkit Data Sheet

uCrypt Toolkit 

The Cypherbridge uCrypt common crypto library, shared by SDKs and Toolkits, implements commercial grade and high-strength Suite B cryptographic algorithms.  

Add electronic data privacy, authentication, and integrity to your product. The Cypherbridge Systems uCrypt Toolkit can be used for a wide variety of applications such as stream and block ciphers, hashing, RSA asymmetric raw key, file based encryption, and PKI based authentication.

The uCrypt compact ANSI C software library is targeted for small and medium memory models where CPU, RAM and flash resources are carefully
allocated and balanced. The uCrypt Library uses a proven nonthreaded, run-to-completion synchronous execution design for fast, efficient cryptographic operations.

  • Commercial grade stream and block ciphers
  • Hash and HMAC
  • PKI processing including X.509 parsing
  • Asymmetric ciphers including RSA 
  • Efficient portable ANSI C library is RTOS and thread-free design
  • Diagnostic trace output
  • Framework includes big number processing, base64, integrated memory manager
  • Includes self-test and examples
  • Platform kit integrates with target MCU and toolchain
  • uCryptB high-strength includes ECC NIST curves, AES CCM, GCM
  • MCU dependent Hardware engine integration 
  uCrypt Toolkit Data Sheet

uMQTT Toolkit   

The uMQTT Toolkit is a full function MQTT 3.1 embedded client.  Bundled with uSSL TLS, this integrated solution can be used to securely publish and subscribe message data to the cloud.  Add data replication and synchronization, sensor data reporting, remote device operation, general purpose device control and status.  

  • MQTT 3.1 protocol support
  • Subscriber configuration and start API
  • Publisher configuration and start API
  • uJson embedded JSON encode & decode JSON datatypes 
  • Platform Interface to Sensor & Actuator IO points
  • Client ID options including unique ID generation
  • QoS levels 0, 1 and 2
  • Wildcard mqtt topics
  • Authorization Credentials Name and AuthCode
  • Will topic, payload and QoS
  • Standards based and interoperates with leading cloud services 
  • TLS secure connection supports MQTT port 8883
  • Configurable security model and broker authentication
  • 2 WAY X509 TLS client authentication

uMQTT Datasheet


eU2F Toolkit 

eU2F is a purpose built software solution for FIDO(R) SOC and MCU platforms.  Based on FIDO specifications, U2F is an open and interoperable PKI based authentication standard using USB and NFC devices.  The eU2F Toolkit implements all raw message protocol processing and crypto operations to register and authenticate in user presence and biometric sensing U2F devices.  Features include:
  • Message request and response handlers for registration, authentication, and PKI signing
  • Crypto layer operations support NIST-P256 ECC key pair generate, ECDSA sign and verify, SHA256 and RNG
  • Key chain insert and lookup with driver interface to SPI flash or secure element storage
  • Attestation DER certificate and private key import
  • Platform abstraction layer for SOC resources, crypto engine, TRNG
  • Integrated self-test with registration and authentication

uSMTP Toolkit 

Our SMTP Toolkit implements a lightweight embedded SMTP client. Using the uSMTP Toolkit, your application can send periodic status reports, telemetry data, alarm conditions, and virtually any data payload, to easily and securely synchronize device to cloud.

The RFC standards based uSMTP inter-operates with proprietary smtp relays, sendmail servers, and public SMTP services.  It supports non-TLS, TLS explicit STARTTLS, and TLS implicit SMTPS modes.

Designed for small footprint, it includes a variable length message mode to transmit data generated on-the-fly by the target application.  This memory conserving feature allows the application to synchronize large data sets in real-tie without having to buffer large email payloads.  It includes base64 support to input binary data and output ASCII ready for email transmit.

uSMTP uses the Cypherbridge uSSL SDK for TLS secure communication, and supports server and optional client 2WAY TLS authentication.

uSMTP supports binary and text MIME attachments. The RFC email system is based on ASCII only content, and binary data must be sent base64 encoded.  This standard process sends attachments using standard MIME multi-part message encoding.  During email processing, uSMTP initializes the session with a multipart boundary.  The text body is sent, followed by the binary payload as an attachment.  Any binary content can be transferred including binary telemetry history, multimedia image or audio content, etc.

Email servers and port numbers are standardized but can vary depending on the SMTP relay server.  uSMTP can operate on any port, and supports the following modes and protocols:

  • RFC2831 TCP port 25 and 3535 non-TLS
  • RFC3207 TCP port 587 TLS explicit using STARTTLS command
  • SMTPS TCP port 465 TLS implicit
Website Builder