March Circuit Cellar: Sneak Preview

The March issue of Circuit Cellar magazine is out next week!. We’ve rounded up an outstanding selection of in-depth embedded electronics articles just for you, and rustled them all into our 84-page magazine.

Not a Circuit Cellar subscriber?  Don’t be left out! Sign up today:

 

Here’s a sneak preview of March 2019 Circuit Cellar:

POWER MAKES IT POSSIBLE

Power Issues for Wearables
Wearable devices put extreme demands on the embedded electronics that make them work—and power is front and center among those demands. Devices spanning across the consumer, fitness and medical markets all need an advanced power source and power management technologies to perform as expected. Circuit Cellar Chief Editor Jeff Child examines how today’s microcontroller and power electronics are enabling today’s wearable products.

Power Supplies for Medical Systems
Over the past year, there’s been an increasing trend toward new products that have some sort of application or industry focus. That means supplies that include either certifications, special performance specs or tailored packaging intended for a specific application area such as medical. This Product Focus section updates readers on these technology trends and provides a product gallery of representative medical-focused power supplies.

DESIGN RESOURCES, ISSUES AND CHALLENGES

Flex PCB Design Services
While not exactly a brand-new technology, flexible printed circuit boards are a critical part of many of today’s challenging embedded system applications from wearable devices to mobile healthcare electronics. Circuit Cellar’s Editor-in-Chief, Jeff Child, explores the Flex PCB design capabilities available today and whose providing them.

Design Flow Ensures Automotive Safety
Fault analysis has been around for years, and many methods have been created to optimize evaluation of hundreds of concurrent faults in specialized simulators. However, there are many challenges in running a fault campaign. Mentor’s Doug Smith presents an improved formal verification flow that reduces the number of faults while simultaneously providing much higher quality of results.

Cooling Electronic Systems
Any good embedded system engineer knows that heat is the enemy of reliability. As new systems cram more functionality at higher speeds into ever smaller packages, it’s no wonder an increasing amount of engineering mindshare is focusing on cooling electronic systems. In this article, George Novacek reviews some of the essential math and science around cooling and looks are several cooling technologies—from cold pates to heat pipes.

MICROCONTROLLER PROJECTS WITH ALL THE DETAILS

MCU-Based Solution Links USB to Legacy PC I/O
In PCs, serial interfaces have now been just about completely replaced by USB. But many of those interfaces are still used in control and monitoring embedded systems. In this project article, Hossam Abdelbaki describes his ATSTAMP design. ATSTAMP is an MCS-51 (8051) compatible microcontroller chip that can be connected to the USB port of any PC via any USB-to-serial bridge currently available in the market.

Pet Collar Uses GPS and Wi-Fi
The PIC32 has proven effective for a myriad of applications, so why not a dog collar? Learn how Cornell graduates Vidya Ramesh and Vaidehi Garg built a GPS-enabled pet collar prototype. The article discusses the hardware peripherals used in the project, the setup, and the software. It also describes the motivation behind the project, and possibilities to expand the project in the future.

Guitar Video Game Uses PIC32
While music-playing video games are fun, their user interfaces tend leave a lot to be desired. Learn how Cornell students Jake Podell and Jonah Wexler designed and built a musical video game that’s interfaced with using a custom-built wireless guitar controller. The game is run on a Microchip PIC32 MCU and uses a TFT LCD display to show notes that move across the screen towards a strum region.

… AND MORE FROM OUR EXPERT COLUMNISTS

Non-Evasive Current Sensor
Gone are the days when you could do most of your own maintenance on your car’s engine. Today they’re sophisticated electronic systems. But there are some things you can do with the right tools. In his article, By Jeff Bachiochi talks about how using the timing light on his car engine introduced him to non-contact sensor technology. He talks about the types of probes available and how to use them to read the magnitude of alternating current (AC

Impedance Spectroscopy using the AD5933
Impedance spectroscopy is the measurement of a device’s impedance (or resistance) over a range of frequencies. Brian Millier has designed many voltammographs and conductivity meters over the years. But he recently came across the Analog Devices AD5933 chip made by which performs most all the functions needed to do impedance spectroscopy. In this article, explores the technology, circuit design and software that serve these efforts.

Side-Channel Power Analysis
Side-channel power analysis is a method of breaking security on embedded systems, and something Colin O’Flynn has covered extensively in his column. This time Colin shows how you can prove some of the fundamental assumptions that underpin side-channel power analysis. He uses the open-source ChipWhisperer project with Jupyter notebooks for easy interactive evaluation.

Firms Team Up to Provide End-to-End LoRa Security Solution

Microchip Technology, in partnership with The Things Industries, has announced the what it claims is industry’s first end-to-end security solution that adds secure, trusted and managed authentication to LoRaWAN devices at a global scale. The solution brings hardware-based security to the LoRa ecosystem, combining the MCU- and radio-agnostic ATECC608A-MAHTN-T CryptoAuthentication device with The Things Industries’ managed join servers and Microchip’s secure provisioning service.

The joint solution significantly simplifies provisioning LoRaWAN devices and addresses the inherent logistical challenges that come with managing LoRaWAN authentication keys from inception and throughout the life of a device. Traditionally, network and application server keys are unprotected in the edge node, and unmonitored, as LoRaWAN devices pass through various supply chain steps and are installed in the field.

The Common Criteria Joint Interpretation Library (JIL) “high”-rated ATECC608A comes pre-configured with secure key storage, keeping a device’s LoRaWAN secret keys isolated from the system so that sensitive keys are never exposed throughout the supply chain nor when the device is deployed. Microchip’s secure manufacturing facilities safely provision keys, eliminating the risk of exposure during manufacturing. Combined with The Things Industries’ agnostic secure join server service to the LoRaWAN network and application server providers, the solution decreases the risk of device identity corruption by establishing a trusted authentication when a device connects to a network.

Similar to how a prepaid data plan works for a mobile device, each purchase of an ATECC608A-MAHTN-T device comes with one year of managed LoRaWAN join server service through The Things Industries. Once a device identifies itself to join a LoRaWAN network, the network contacts The Things Industries join server to verify that the identity comes from a trusted device and not a fraudulent one. The temporary session keys are then sent securely to the network server and application server of choice. The Things Industries’ join server supports any LoRaWAN network, from commercially operated networks to private networks built on open-source components. After the one-year period, The Things Industries provides the option to extend the service.

Microchip and The Things Industries have also partnered to make the onboarding process of LoRaWAN devices seamless and secure. LoRaWAN device identities are claimed by The Things Industries’ join server with minimal intervention, relieving developers from needing expertise in security. Customers can not only choose any LoRaWAN network but can also migrate to any other LoRaWAN join server by rekeying the device. This means there is not a vendor lock-in and customers have full control over where and how the device keys are stored.

The ATECC608A is agnostic and can be paired with any MCU and LoRa radio. Developers can deploy secure LoRaWAN devices by combining the ATECC608A with the SAM L21 MCU, supported by the Arm Mbed OS LoRaWAN stack, or the recently-announced SAM R34 System-in-Package with Microchip’s LoRaWAN stack. For rapid prototyping, designers can use the CryptoAuthoXPRO socket board and The Things Industries provisioned parts in samples with the SAM L21 Xplained Pro (atsamd21-xpro) or SAM R34 Xplained Pro (DM320111).

The ATECC608A-MAHTN-T device for The Things Industries, including the initial year of prepaid TTN service, is available in volume production for $0.81 each in 10,000-unit quantities.

Microchip Technology | www.microchip.com

 

Free IoT Security Platform Runs on OpenWrt Routers and the Raspberry Pi

By Eric Brown

At the Consumer Electronics Show (CES) in Las Vegas, Minim announced a free spin-off of Minim, its cloud-managed Wi-Fi and security Software as a Service (SaaS) platform. Minim Labs is designed to work with a new open source software agent called Unum that runs on Raspbian and OpenWrt Linux devices. Optimized images are available for the OpenWrt-based Gli.Net GL-B1300 router and Raspberry Pi. The first 50 sign-ups will get the B1300 router for free (see below).


Minim Labs setup screen
(click image to enlarge)
The Minim Labs toolkit “secures and manages all connected devices in the home, such as the Google Home Hub, Sony Smart TV, and FreeRTOS devices,” providing “device fingerprinting, security scans, AI-powered recommendations, router management, analytics, and parental controls,” says Minim. By signing up to a Minim Labs account you receive a MAC address to register an Unum-enabled device.

The GitHub hosted Unum agent runs on the Linux router where it identifies connected devices and securely streams device telemetry to the Minim platform. Users can open a free Minim Labs account to register up to 10 Unum-enabled devices, offering access to Minim WiFi management apps and APIs. Alternately, you can use Unum with your own application server.

The GL-B1300 and Raspberry Pi builds are designed to walk “home network tinkerers” through the process of protecting devices with Unum and Minim Labs. More advanced developers can download a Unum SDK to modify the software for any OpenWrt-based router.

“By open sourcing our agent and giving technologists free access to our platform, we hope to build a global community that’ll contribute valuable product feedback and code,” stated Jeremy Hitchcock, Founder and CEO of Minim.

Gli.Net’s OpenWrt routers

Gli.Net’s GL-B1300 router runs OpenWrt on a quad-core, Cortex-A7 Qualcomm Atheros IPQ4028 SoC clocked to 717 MHz. The SoC is equipped with a DSP, 256MB RAM, 32 MB flash, and dual-band 802.11ac with 2×2 MIMO. The SoC and supports up to 5-port Ethernet routers abd provides Qualcomm TEE, Crypto Engine, and Secure Boot technologies.


 
GL-B1300 (left) and GL-AR750S
(click images to enlarge)
The GL-B1300 router has dual GbE ports, a WAN port, and a USB 3.0 port. The $89 price includes a 12V adapter and Ethernet cable.

The testimonial quote below says that the GL-AR750S Slate router, which is a CES 2019 Innovation Awards Honoree, will also support Unum and Minim Labs out of the box. The $70 GL-AR750S Slate runs on a MIPS-based, 775MHz Qualcomm QCA9563 processor and is equipped with 128MB RAM, 128MB NAND flash, and a microSD slot.

The Slate router provides 3x GbE ports and dual-band 802.11ac with dual external antennas. Other features include USB 2.0 and micro-USB power ports plus a UART and GPIO. The router supports WireGuard, OpenVPN, and Cloudflare DNS over TLS.


Gli.Net router comparison chart, including GL-B1300 and GL-AR750S
(click image to enlarge)
In addition to its routers, Gli.Net also sells the OpenWrt-on-Atheros/MIPS Domino Core computer-on-module. The Domino Core shipped in a Kickstarter launched Domino.IO IoT kit back in 2015.

“We are glad that Minim is going to launch open-source tools for DIY users and increase awareness of personal Internet security,” stated GL.iNet CTO Dr. Alfie Zhao. “This initiative shows shared value and vision with GL.iNet. We are happy to provide support for Minim tools on our GL-AR750S Slate router and GL-B1300 router, both of which have support to the latest OpenWrt.”

Further information

The free Minim Labs security platform is available for signup now, and the open source Unum agent is available for download. Minim is offering the first 50 Minim Labs signups with a free startup kit containing the GL-B1300 router. More information may be found at the Minim Labs product page.

This article originally appeared on LinuxGizmos.com on January 9.

Minim | www.minim.co

 

Building Automation LON-IP Standard Earns ANSI/CTA Approval

The Consumer Technology Association(CTA) and LonMark International have announced that the ANSI/CTA-709.7 LON IP is now approved as a new American National Standard (ANS) by the American National Standards Institute (ANSI). The new standard focuses on the interoperability of Internet of Things (IoT) devices and provides a complete model for implementing LON IP device-to-device and device-to-application communication interoperability.
This new standard will provide multiple parties – including users, developers, vendors, integrators and specifiers of open building control systems – a mechanism to develop and deliver a higher level of interoperability using native Ethernet/IP based devices. The new standard describes the complete set of requirements for vendors to develop LON devices with native IP communications, which offers higher speed and better IT integration flexibility. As more building control networks require more data and more IoT application interfaces, this new media type for LON control networks provides all of the benefits and functionality to meet this growing demand.

The ANSI/CTA-709.7 Implementation Guidelines define the application layer requirements for interoperable devices to communicate directly on Ethernet. It defines the addressing requirements for both IPv4 and IPv6. LonMark will offer full interoperability testing of any device utilizing the new channel type. The standard defines all of the timing parameters, configuration, and interface requirements to the full 709.1 protocol stack.

A few years prior the ANSI/CTA-709.6 Application Elements built upon the ANSI/CTA-709.5 Implementation Guidelines by providing a catalog of more than 100 common device profiles, with more than 380 specific implementation options. These profiles define the mandatory and optional design requirements for standard data variables, standard configuration properties, enumeration types and standard interface file requirements. This extensive library of device profiles includes definitions for a broad collection of devices for HVAC, indoor and outdoor (roadway) lighting, security, access, metering, energy management, fire and smoke control, gateways, commercial and industrial I/O, gas detection, generators, room automation, renewable energy, utility, automated food service, semiconductor fabrication, transportation, home appliances and others.

LonMark International | www.lonmark.org

 

Secure MCU Family Targets Low Power, Small Footprint Designs

STMicroelectronics has added the new STM32G0 microcontrollers (MCUs) to the STM32 family. The new G0 series targets entry-level applications that require greater energy efficiency, functionality, security, and value, in a smaller footprint. Extremely flexible packaging and memory options enable designers to do more within less space, and save cost. A new power-distribution architecture reduces external power and ground connections to just a single pair of pins, allowing more of the package pins—a precious resource in many embedded projects—to be allocated for user connectivity.

In addition, ST is making large memory densities available in small and economical low-pin-count packages. On top of this, the new generation features power-saving innovations that trim consumption close to that of specialized ultra-low-power devices.

To provide robust security for today’s connected devices, the STM32G0 series introduces a variety of hardware-based features including memory protection to support secure boot. Some devices in the series add to these features an AES-256 hardware cryptographic accelerator with a true random number generator (TRNG) to aid encryption.

Another valuable feature that anticipates a growing need is support for the latest USB Type-C specifications that allow easy, high-speed connectivity and battery charging, including Power Delivery version 3.0.

The STM32G0 series is based on the Arm Cortex-M0+ core, which is conceived to deliver sharp performance within a tight power budget. It targets fast-evolving products in the connected world, including smartphones, smart kitchen equipment, and appliances, air conditioning, consumer or industrial motor controls, advanced user interfaces, IoT devices, rechargeable connected devices, drones, lighting systems and more.

Package options are available from 8-pin, enabling developers to easily upgrade aging 8-bit MCU designs, to 100-pin. Flash from 16 KB to 512 KB, with 512 KB available in packages as small as 32-pin, enables more sophisticated applications on small, low-cost products.

The maximum CPU frequency of 64 MHz permits high execution speeds, compared to typical entry-level MCUs. On the other hand, extremely flexible clock configuration allows users to tailor performance within the available power budget. The internal clock is remarkably stable and comparable to high-end devices, being accurate to within ±1% from 0-85°C and ±2% over the wider range from -40°C to 125°C. This not only saves the board space and pins needed to connect a dedicated external timing device, but also can trim at least 10 cents from the bill of materials.

The STM32G0 series is extremely efficient, running at less than 100µA/MHz in run mode, and provides multiple reduced-power operating modes to save energy and extend battery runtimes. Devices draw as little as 3-8µA in stop mode with the real-time clock (RTC) running, and just 500 nA in standby with RTC (all at 3.0V, 25°C).

Moreover, peripherals are upgraded to enhance performance, speed, and accuracy. The devices feature a 12-bit 2.5 MSPS ADC, with hardware oversampling for 16-bit precision. There is also a 2-channel DAC, fast comparators, and high-accuracy timers with 7.8 ns resolution.

In addition to permitting extra user-assignable I/Os, the internal (ST-patented) power-distribution scheme also helps save BoM costs by reducing the number of external power-supply decoupling components.

Enhanced internal prevention of electromagnetic susceptibility (EMS) is yet another feature that saves board space and BoM costs. Protection against fast-transient bursts above 4.5kV, in accordance with IEC 61000-4-4, relaxes the demands for surrounding filtering components and eases board layout. For product-development teams, the ability to easily ensure good electromagnetic behavior facilitates EMC certifications for faster time to market.

ST is planning several STM32G0 lines, including the STM32G071 and similar STM32G081 with hardware cryptographic enhancement. There are also Value Line STM32G070 devices for mass-market applications. Pricing starts from $0.69 for the STM32G070CBT6 Value Line MCU in a 48-pin package, with 128 KB flash, for orders of 10,000 pieces.

STMicroelectronics | www.st.com

Internet of Things Security (Part 6)

Identifying Threats

In this final part of his Internet of Things Security article series, this time Bob returns to his efforts to craft a checklist to help us create more secure IoT devices. This time he looks at developing a checklist to evaluate the threats to an IoT device.

By Bob Japenga

A number of years ago (there were woolly mammoths around if I remember correctly), I attended a conference on the Ada programming language. Ada was created for the United States’ Department of Defense to replace the myriad of programming languages that were deployed by the DoD at that time. The language was named after the first programmer, Augusta Ada King Lovelace, a colorful character in her own right and the only legitimate daughter of the poet Lord Byron. Ada is credited with publishing the first algorithm for use on a computing machine: Charles Babbage’s famous analytical engine.

At the conference I attended a breakout session on algorithms. In the conference room next door, a popular speaker, whose name I don’t remember, held another breakout session. About ten minutes into the session, we heard a deafening chant coming from the conference room next door that repeated over and over: “I don’t care.” The speaker was making a point that, as software designers, we should not care about everything. There are legitimate things for which we need to say: “I don’t care.” We need to identify them as not relevant to the task at hand and emphatically say: “I don’t care.”
Although I remember nothing from the breakout session on algorithms, I have never forgotten this principle: “There are some things that we just don’t care to address when designing embedded systems.” Certainly, there is much to be said for thoroughness in design, but when we—with well thought through analysis—determine that some aspect of a design is a “don’t care” we need to let it go.

In designing secure IoT devices this is a very important principle. The threats are diverse and difficult to number. The assets are important and of differing value. This month we will continue to build our checklist for IoT security. Last time we created a checklist to help you identify the assets that you want to protect. This month we will add to that checklist with some questions to help you identify and quantify the threats.

Identifying the Threats

We need to start with definitions. A good working definition for a threat would be: “a person or thing likely to cause damage or danger.” Although this is a good definition, for the purpose of building our checklist, I want to expand upon it a little. Here’s why: In most cases “I don’t care” who the threat is, nor do I care what their capabilities are. Keep in mind that, if there is a threat with very little capabilities, that threat could get passed on. They can always sell either their knowledge or their access to the device to someone who has the capabilities to create a security breach with the device. Let me illustrate that. Imagine there are two threats: One is a disgruntled former employee with little or no capability of reverse engineering your design in order to find a security flaw. The second is an organization with deep pockets and highly skilled hackers. If any of the assets that we identified in the first part of the checklist are worth a significant chunk of change, the former employee can always sell what they have to this other organization. With all that in mind, in general “I don’t care” about who the threat is.

But I do care about the activities of these threat agents. This is in line with the way the OWASP Top Ten IoT Security Threats is laid out. The Open Web Application Security Project (OWASP) is a worldwide organization focused on improving the security of software. I introduced OWASP as a valuable resource in my August 2016 column (Circuit Cellar 313) when we discussed their list of the top ten security vulnerabilities. The list was updated in 2017 and worthwhile to review [1]. OWASP also provides what its calls the top ten threats to IoT devices. We will look at these a little later in this article. They agree with my assessment that we don’t care who it is or what their capability is. What we care about is the action that they can take.

Figure 1
Shown here are the five areas of threat I’ve identified for IoT devices.

When thinking about threats to the security of our IoT device, I would identify five areas of threat as shown in Figure 1: access to the physical device; access to the wireless services on the device; access to the network (LAN or WAN) the device is on; access to the cloud server used by the device; and access to the mobile app used by the device. Anyone who has access to one or more of these is a threat agent. So, the beginning of our checklist needs to analyze what harm could be done by such a threat agent who gained access to any of these five areas of threat. Not all of your IoT devices have all of these areas of threat but most have a majority of them. For each of the areas of threat we need to ask the question: What would be the potential cost if someone with a lot of time, highly skilled hackers and a lot of money got access to one of these areas of threat without permission?

This provides the first five elements of the Threat portion of the IoT Security Checklist. Let’s look at each of these.

Five Threat Elements

Physical access: Not all IoT device designers will consider physical access to the device an area of threat. For example, we are currently working with a client who has determined that there is very little risk of an unauthorized person having physical access to their device. For most cases this is true. The device is only touched by employees and is physically inaccessible to everyone else. But I have not pushed them to protect the assets accessible through physical access for other reasons. I have gone along with that assessment because the assets available inside the device are minimal. But if the assets were valued higher, I would push back more strongly primarily due to the potential of a disgruntled or greedy insider handing the unit off to a qualified hacker.

Figure 2
Shown here are the access areas of threat if physical access is a threat area for your device.

If physical access is a threat area for your device, then the following access areas portrayed in Figure 2 need to be protected: access to data storage; access to user interfaces; access to USB ports; access to console ports; access to side channel information; and access to debug ports.

Mobile app: Many of our IoT devices have a mobile app associated with it. Although not strictly part of the IoT, it is certainly something that needs to be considered when designing your IoT device. Certainly, one approach is to limit who can put your mobile app on their phone or tablet. This certainly provides a great physical barrier to access. But the integration of Google’s Play Store and Apple’s App Store with your phone and tablet makes for very easy deployment and is very tempting to us designers. Surely the next line of defense is to drastically limit what the mobile app can access. Again, this is the power of the mobile app interface and you hate to lose it. Requiring a username and strong password is your next line of defense. For now, our job is to identify what harm someone bent on destroying your business would do if they were given unlimited access to your mobile app. How your mobile app communicates to the device is another concern we’ll look at next.

Wireless access: Your IoT device may provide several wireless ways to connect to it: cellular, Wi-Fi, Zigbee, Thread, Bluetooth, IrDA and Near Field Communication (NFC) are some of the most common. At this point in our checklist we need to ask: What if an unauthorized person got on your device wirelessly? What harm could be done? What if someone could perform a man-in-the-middle attack? The most recent Bluetooth hacking technique [2] shows us that even secure transmissions can have holes in their implementations allowing for man-in-the-middle attacks. So, we cannot just rely on secure transmissions as our only source of protection. I think about this every time I connect over Bluetooth to my OBD2 (on-board diagnostics) interface in my car. What would happen if someone could get on that interface and muck with my on-board computer? There’s no doubt that providing good access control through usernames and passwords, encrypting and authenticating all traffic and limiting physical access are all in your arsenal of protection. For now, we are concentrating on evaluating the harm nefarious access over the wireless interfaces on your IoT device could do.

Cloud access: Like mobile access, your cloud access is not strictly part of the IoT device. But again, we must pursue the questions: What if an unauthorized person got on your cloud interface? What harm could be done? The cost of that harm will help you to evaluate the amount of security you need to provide to the cloud interface. Clearly, we don’t want to use unencrypted transmissions. HTTPS provides encryption for us. But we found that on one of our major projects the cell modem chip only supported HTTP. So, we needed to encrypt the transmissions ourselves. Secure user access is pretty standard for cloud interfaces. But again, don’t rely on these layers. Seriously address what harm a malicious hacker intent on destroying your company could do if they had full access to your IoT cloud interface.

IoT network: Some of our IoT devices still have an Ethernet interface and provide some form of local area networking (LAN) or wide area networking (WAN). But this could be any wired network interface. Again, we need to look hard at what someone could gain from watching the traffic on the network. Our company’s most serious security breach came because of a little used Ethernet port that provided unencrypted traffic to a Link Local address. A researcher sniffed it out and found a security flaw. …

Read the full article in the December 341 issue of Circuit Cellar

Bob’s IoT Checklist can be found here.

Don’t miss out on upcoming issues of Circuit Cellar. Subscribe today!

Note: We’ve made the October 2017 issue of Circuit Cellar available as a free sample issue. In it, you’ll find a rich variety of the kinds of articles and information that exemplify a typical issue of the current magazine.

January Circuit Cellar: Sneak Preview

Happy New Years! The January issue of Circuit Cellar magazine is coming soon. Don’t miss this 1st issue of Circuit Cellar 2019. Enjoy pages and pages of great, in-depth embedded electronics articles.

Not a Circuit Cellar subscriber?  Don’t be left out! Sign up today:

 

Here’s a sneak preview of January 2019 Circuit Cellar:

TRENDS & CHOICES IN EMBEDDED COMPUTING

Comms and Control for Drones
Consumer and commercial drones represent one of the most dynamic areas of embedded design today. Chip, board and system suppliers are offering improved ways for drones to do more processing on board the drone, while also providing solutions for implementing the control and communication subsystems in drones. This article by Circuit Cellar’s Editor-in-Chief Jeff Child looks at the technology and products available today that are advancing the capabilities of today’s drones.

Choosing an MPU/MCU for Industrial Design
By Microchip Technology’s Jacko Wilbrink
As MCU performance and functionality improve, the traditional boundaries between MCUs and microprocessor units (MPUs) have become less clear. In this article, Jacko examines the changing landscape in MPU vs. MCU capabilities, OS implications and the specifics of new SiP and SOM approaches for simplifying higher-performance computing requirements in industrial applications.

Product Focus: COM Express Boards
The COM Express architecture has found a solid and growing foothold in embedded systems. COM Express boards provide a complete computing core that can be upgraded when needed, leaving the application-specific I/O on the baseboard. This Product Focus section updates readers on this technology and provides a product album of representative COM Express products.

MICROCONTROLLERS ARE DOING EVERYTHING

Connecting USB to Simple MCUs
By Stuart Ball
Sometimes you want to connect a USB device such as a flash drive to a simple microcontroller. Problem is most MCUs cannot function as a USB host. In this article, Stuart steps through the technology and device choices that solve this challenge. He also puts the idea into action via a project that provides this functionality.

Vision System Enables Overlaid Images
By Daniel Edens and Elise Weir
In this project article, learn how these two Cornell students designed a system to overlay images from a visible light camera and an infrared camera. They use software running on a PIC32 MCU to interface the two types of cameras. The MCU does the computation to create the overlaid images, and displays them on an LCD screen.

DATA ACQUISITION AND MEASUREMENT

Data Acquisition Alternatives
By Jeff Child
While the fundamentals of data acquisition remain the same, its interfacing technology keeps evolving and changing. USB and PCI Express brought data acquisition off the rack, and onto the lab bench top. Today solutions are emerging that leverage Mini PCIe, Thunderbolt and remote web interfacing. Circuit Cellar’s Editor-in-Chief, Jeff Child, dives into the latest technology trends and product developments in data acquisition.

High-Side Current Sensing
By Jeff Bachiochi
Jeff says he likes being able to measure things—for example, being able to measure load current so he can predict how long a battery will last. With that in mind, he recently found a high-side current sensing device, Microchip’s EMC1701. In his article, Jeff takes you through the details of the device and how to make use of it in a battery-based system.

Power Analysis Capture with an MCU
By Colin O’Flynn
Low-cost microcontrollers integrate many powerful peripherals in them. You can even perform data capture directly to internal memory. In his article, Colin uses the ChipWhisperer-Nano as a case study in how you might use such features which would otherwise require external programmable logic.

TOOLS AND TECHNIQUES FOR EMBEDDED SYSTEM DESIGN

Easing into the IoT Cloud (Part 2)
By Brian Millier
In Part 1 of this article series Brian examined some of the technologies and services available today enabling you to ease into the IoT cloud. Now, in Part 2, he discusses the hardware features of the Particle IoT modules, as well as the circuitry and program code for the project. He also explores the integration of a Raspberry Pi solution with the Particle cloud infrastructure.

Hierarchical Menus for Touchscreens
By Aubrey Kagan
In his December article, Aubrey discussed his efforts to build a display subsystem and GUI for embedded use based on a Noritake touchscreen display. This time he shares how he created a menu system within the constraints of the Noritake graphical display system. He explains how he made good use of Microsoft Excel worksheets as a tool for developing the menu system.

Real Schematics (Part 2)
By George Novacek
The first part of this article series on the world of real schematics ended last month with wiring. At high frequencies PCBs suffer from the same parasitic effects as any other type of wiring. You can describe a transmission line as consisting of an infinite number of infinitesimal resistors, inductors and capacitors spread along its entire length. In this article George looks at real schematics from a transmission line perspective.

Cypress Semi Teams with Arm for Secure IoT MCU Solution

Cypress Semiconductor has expanded its collaboration with Arm to provide management of IoT edge nodes. The solution integrates the Arm Pelion IoT Platform with Cypress’ low power, dual-core PSoC 6 microcontrollers (MCUs) and CYW4343W Wi-Fi and Bluetooth combo radios. PSoC 6 provides Arm v7-M hardware-based security that adheres to the highest level of device protection defined by the Arm Platform Security Architecture (PSA).
Cypress and Arm demonstrated hardware-secured onboarding and communication through the integration of the dual-core PSoC 6 MCU and Pelion IoT Platform in the Arm booth at Arm TechCon last month. In the demo, the PSoC 6 was running Arm’s PSA-defined Secure Partition Manager to be supported in Arm Mbed OS version 5.11 open-source embedded operating system, which will be available this December. Embedded systems developers can leverage the private key storage and hardware-accelerated cryptography in the PSoC 6 MCU for cryptographically-secured lifecycle management functions, such as over-the-air firmware updates, mutual authentication and device attestation and revocation. According to the company, Cypress is making a strategic push to integrate security into its compute, connect and store portfolio for the IoT.

The PSoC 6 architecture is built on ultra-low-power 40-nm process technology, and the MCUs feature low-power design techniques to extend battery life up to a full week for wearables. The dual-core Arm Cortex-M4 and Cortex-M0+ architecture lets designers optimize for power and performance simultaneously. Using its dual cores combined with configurable memory and peripheral protection units, the PSoC 6 MCU delivers the highest level of protection defined by the Platform Security Architecture (PSA) from Arm.

Designers can use the MCU’s software-defined peripherals to create custom analog front-ends (AFEs) or digital interfaces for innovative system components such as electronic-ink displays. The PSoC 6 MCU features the latest generation of Cypress’ industry-leading CapSense capacitive-sensing technology, enabling modern touch and gesture-based interfaces that are robust and reliable.

Cypress Semiconductor | www.cypress.com

Three Firms Team Up for Industrial IoT Security Effort

IAR Systems, Secure Thingz and Renesas Electronics have announced their collaboration to secure Industrial Internet of Things (IIoT) applications. As part of this collaboration, the companies will develop new solutions that combine IAR Systems’ software development technology, Secure Thingz’ expertise in advanced IoT security, and Renesas Electronics’ secure semiconductor technologies.

Security is an inherent risk when it comes to connected devices. In the Industrial IoT, incoming threats and system vulnerabilities can result in life-threatening or high-risk situations. Therefore, embedded applications in this area require very strong features for security and reliability. To meet these requirements, Secure Thingz’ Embedded Trust, which is a security development environment that leverages the IAR Embedded Workbench IDE from IAR Systems, will support Renesas microcontrollers (MCUs) when Embedded Trust is launched to the broader market in 2019. This new hardware and software solution will enable organizations to secure their systems, intellectual property (IP) and data.

“Despite legislation and new security standards mandating greater protection, the news stories of hacking, theft and counterfeiting still persist. It is now a question of when, and not if, you will be compromised,” says Haydn Povey, CEO, Secure Thingz. “At Secure Thingz, we are collaborating with trusted industry friends to secure the connected world and inhibit these compromises. The collaboration between Secure Thingz, IAR Systems and Renesas will help organizations conquer the security challenges of today and tomorrow.”

“To really deliver on the promise of the IoT, embedded applications will need to include security from start, both in hardware and software,” says Stefan Skarin, CEO, IAR Systems. “IAR Systems’ long-standing collaboration with Renesas has resulted in a number of successful activities and solutions. Now with connected IoT devices all around us and ongoing security threats, we as suppliers need to help our customers in the best way we can. IAR Systems and Secure Thingz are working together to make superior security available for all, and we are pleased to have Renesas with us on this journey.”

“With increased connectivity come greater security risks, and the growing number of connected industrial devices requires a stronger focus on security from the early stages of chip design to protect both the silicon solution and the application from potential security issues,” says Yoshikazu Yokota, Executive Vice President and General Manager of Industrial Solution Business Unit, Renesas Electronics Corporation. “For the past 30 years, our collaboration with IAR Systems has introduced reliable and high-performance solutions that have enabled the creation of innovative embedded designs, and with the addition of Secure Thingz moving forward, we are poised to support the next generation of Industrial IoT design with the security it needs.”

IAR Systems | www.iar.com

Secure Thingz | www.securethingz.com

Renesas Electronics | www.renesas.com

 

 

IoT Door Security System Uses Wi-Fi

Control Via App or Web

Discover how these Cornell students built an Internet-connected door security system with wireless monitoring and control through web and mobile applications. The article discusses the interfacing of a Microchip PIC32 MCU with the Internet, and the application of IoT to a door security system.

By Norman Chen, Ram Vellanki and Giacomo Di Liberto

The idea for an Internet of Things (IoT) door security system came from our desire to grant people remote access to and control over their security system. Connecting the system with the Internet not only improves safety by enabling users to monitor a given entryway remotely, but also allows the system to transmit information about the traffic of the door to the Internet. With these motivations, we designed our system using a Microchip Technology PIC32 microcontroller (MCU) and an Espressif ESP8266 Wi-Fi module to interface a door sensor with the Internet, which gives the user full control over the system via mobile and web applications.

The entire system works in the following way. To start, the PIC32 tells the Wi-Fi module to establish a connection to a TCP socket, which provides fast and reliable communication with the security system’s web server. Once a connection has been established, the PIC32 enters a loop to analyze the distance sensor reading to detect motion in the door. Upon any detection of motion, the PIC32 commands the Wi-Fi module to signal the event to the web server. Each motion detection is saved in memory, and simultaneously the data are sent to the website, which graphs the number of motion detections per unit time. If the security system was armed at the time of motion detection, then the PIC32 will sound the alarm via a piezoelectric speaker from CUI. The alarm system is disarmed at default, so each motion detection is logged in the web application but no sound is played. From both the web and mobile application, the user can arm, disarm and sound the alarm immediately in the case of an emergency.

DESIGN

The PIC32 acts as the hub of the whole system. As shown in Figure 1, each piece of hardware is connected to the MCU, as it detects motion by analyzing distance sensor readings, generates sound for the piezoelectric speaker and commands the Wi-Fi module for actions that pertain to the web server. The distance sensor used in our system is rated to accurately measure distances of only 10 to 80 cm [1]. That’s because motion detection requires us only to measure large changes in distances instead of exact distances, the sensor was sufficient for our needs.

Figure 1
The schematic of the security system. Note that the door sensor runs on 5  V, whereas the rest of the components run on 3.3 V

In our design, the sensor is facing down from the top of the doorway, so the nearest object to the sensor is the floor at idle times, when there is no movement through the door. For an average height of a door, about 200 cm, the sensor outputs a miniscule amount of voltage of less than 0.5 V. If a human of average height, about 160 cm, passes through the doorway, then according to the datasheet [1], the distance sensor will output a sudden spike of about 1.5 V. The code on the PIC32 constantly analyzes the distance sensor readings for such spikes, and interprets an increase and subsequent decrease in voltage as motion through the door. The alarm sound is generated by having the PIC32 repeatedly output a 1,500 Hz wave to the piezoelectric speaker through a DAC. We used the DMA feature on the PIC32 for playing the alarm sound, to allow the MCU to signal the alarm without using an interrupt-service-routine. The alarm sound output therefore, did not interfere with motion detection and receiving commands from the web server.

The Wi-Fi module we used to connect the PIC32 to the Internet is the ESP8266, which has several variations on the market. We chose model number ESP8266-01 for its low cost and small form factor. This model was not breadboard-compatible, but we designed a mount for the device so that it could be plugged into the breadboard without the need for header wires. Figure 2 shows how the device is attached to the breadboard, along with how the rest of the system is connected.

Figure 2
The full system is wired up on a breadboard. The door sensor is at the bottom of the photo, and is attached facing down from the top of a doorway when in use. The device at the top of the figure is the PIC32 MCU mounted on a development board.

The module can boot into two different modes, programming or normal, by configuring the GPIO pins during startup. To boot into programming mode, GPIO0 must be pulled to low, while GPIO2 must be pulled high. To boot into normal mode, both GPIO0 and GPIO2 must be pulled high. Programming mode is used for flashing new firmware onto the device, whereas normal mode enables AT commands over UART on the ESP8266. Because we only needed to enable the AT commands on the module, we kept GPIO0 and GPIO2 floating, which safely and consistently booted the module into normal mode.

SENDING COMMANDS

Before interfacing the PIC32 with the Wi-Fi module, we used a USB-to-TTL serial cable to connect the module to a computer, and tested the functionality of its AT commands by sending it commands from a serial terminal. …

Read the full article in the December 341 issue of Circuit Cellar

Don’t miss out on upcoming issues of Circuit Cellar. Subscribe today!

Note: We’ve made the October 2017 issue of Circuit Cellar available as a free sample issue. In it, you’ll find a rich variety of the kinds of articles and information that exemplify a typical issue of the current magazine.

December Circuit Cellar: Sneak Preview

The December issue of Circuit Cellar magazine is coming soon. Don’t miss this last issue of Circuit Cellar in 2018. Pages and pages of great, in-depth embedded electronics articles prepared for you to enjoy.

Not a Circuit Cellar subscriber?  Don’t be left out! Sign up today:

 

Here’s a sneak preview of December 2018 Circuit Cellar:

AI, FPGAs and EMBEDDED SUPERCOMPUTING

Embedded Supercomputing
Gone are the days when supercomputing levels of processing required a huge, rack-based systems in an air-conditioned room. Today, embedded processors, FPGAs and GPUs are able to do AI and machine learning kinds of operation, enable new types of local decision making in embedded systems. In this article, Circuit Cellar’s Editor-in-Chief, Jeff Child, looks at these technology and trends driving embedded supercomputing.

Convolutional Neural Networks in FPGAs
Deep learning using convolutional neural networks (CNNs) can offer a robust solution across a wide range of applications and market segments. In this article written for Microsemi, Ted Marena illustrates that, while GPUs can be used to implement CNNs, a better approach, especially in edge applications, is to use FPGAs that are aligned with the application’s specific accuracy and performance requirements as well as the available size, cost and power budget.

NOT-TO-BE-OVERLOOKED ENGINEERING ISSUES AND CHOICES

DC-DC Converters
DC-DC conversion products must juggle a lot of masters to push the limits in power density, voltage range and advanced filtering. Issues like the need to accommodate multi-voltage electronics, operate at wide temperature ranges and serve distributed system requirements all add up to some daunting design challenges. This Product Focus section updates readers on these technology trends and provides a product gallery of representative DC-DC converters.

Real Schematics (Part 1)
Our magazine readers know that each issue of Circuit Cellar has several circuit schematics replete with lots of resistors, capacitors, inductors and wiring. But those passive components don’t behave as expected under all circumstances. In this article, George Novacek takes a deep look at the way these components behave with respect to their operating frequency.

Do you speak JTAG?
While most engineers have heard of JTAG or have even used JTAG, there’s some interesting background and capabilities that are so well know. Robert Lacoste examines the history of JTAG and looks at clever ways to use it, for example, using a cheap JTAG probe to toggle pins on your design, or to read the status of a given I/O without writing a single line of code.

PUTTING THE INTERNET-OF-THINGS TO WORK

Industrial IoT Systems
The Industrial Internet-of-Things (IIoT) is a segment of IoT technology where more severe conditions change the game. Rugged gateways and IIoT edge modules comprise these systems where the extreme temperatures and high vibrations of the factory floor make for a demanding environment. Here, Circuit Cellar’s Editor-in-Chief, Jeff Child, looks at key technology and product drives in the IIoT space.

Internet of Things Security (Part 6)
Continuing on with his article series on IoT security, this time Bob Japenga returns to his efforts to craft a checklist to help us create more secure IoT devices. This time he looks at developing a checklist to evaluate the threats to an IoT device.

Applying WebRTC to the IoT
Web Real-time Communications (WebRTC) is an open-source project created by Google that facilitates peer-to-peer communication directly in the web browser and through mobile applications using application programming interfaces. In her article, Callstats.io’s Allie Mellen shows how IoT device communication can be made easy by using WebRTC. With WebRTC, developers can easily enable devices to communicate securely and reliably through video, audio or data transfer.

WI-FI AND BLUETOOTH IN ACTION

IoT Door Security System Uses Wi-Fi
Learn how three Cornell students, Norman Chen, Ram Vellanki and Giacomo Di Liberto, built an Internet connected door security system that grants the user wireless monitoring and control over the system through a web and mobile application. The article discusses the interfacing of a Microchip PIC32 MCU with the Internet and the application of IoT to a door security system.

Self-Navigating Robots Use BLE
Navigating indoors is a difficult but interesting problem. Learn how these two Cornell students, Jane Du and Jacob Glueck, used Received Signal Strength Indicator (RSSI) of Bluetooth Low Energy (BLE) 4.0 chips to enable wheeled, mobile robots to navigate towards a stationary base station. The robot detects its proximity to the station based on the strength of the signal and moves towards what it believes to be the signal source.

IN-DEPTH PROJECT ARTICLES WITH ALL THE DETAILS

Sun Tracking Project
Most solar panel arrays are either fixed-position, or have a limited field of movement. In this project article, Jeff Bachiochi set out to tackle the challenge of a sun tracking system that can move your solar array to wherever the sun is coming from. Jeff’s project is a closed-loop system using severs, opto encoders and the Microchip PIC18 microcontroller.

Designing a Display System for Embedded Use
In this project article, Aubrey Kagan takes us through the process of developing an embedded system user interface subsystem—including everything from display selection to GUI development to MCU control. For the project he chose a 7” Noritake GT800 LCD color display and a Cypress Semiconductor PSoC5LP MCU.

Connected Padlock Uses U-Blox BLE and Cellular Modules

U‑blox has announced their collaboration with India‑based Play Inc. on a connected GPS padlock for industrial applications. The lock, which doubles as a location tracker, features a U‑blox M8 GNSS receiver, MAX‑M8Q, and uses the u‑blox CellLocate service to extend positioning to indoor locations. U‑blox Bluetooth low energy with NINA‑B112, and 2G, 3G and 4G U‑blox cellular communication modules, including some that are ATEX certified, enable communication between users and the lock.
According to the company, In many industrial settings, locks are an unwelcome bottleneck. They typically require the physical presence of a person with a key to open them, they need to be checked periodically for signs of tampering, and when they are forced open, owners typically find out too late. Play Inc’s i‑Lock combines physical toughness and wireless technology to address these challenges. Offering a variety of access methods, including physical keys and keyless approaches using remote GPRS and SMS passwords as well as Bluetooth low energy or cloud‑based communication via mobile device apps, the i‑Lock lets plant managers or other customers flexibly grant authorization to access the goods that are under lock. And in the event that the padlock is forcefully opened, they are immediately alerted via a server or, optionally, SMS texting.

In addition to securing mobile and stationary goods, the lock’s GNSS receiver lets users track goods in transit. The i‑Lock supports a variety of tracking modes to optimize power consumption for increased autonomy. Location‑awareness further enables geofence restricted applications, in which the i‑Lock can only be open if it is within predefined geographical bounds—for example a petroleum filling station.

The security lock was designed to endure both physical attempts of tampering and cyberattacks. Its fiberglass reinforced enclosure withstands temperatures from -20 to +80 degrees C. The lock features Super Admin, Admin, and User access levels, 128-bit AES encryption, user‑configurable passwords, and a secure protocol to ensure data‑transmission accuracy.

The i‑Lock will be presented at The IoT Solutions Congress Barcelona on October 16‑18, 2018.

U-blox | www.u-blox.com

November Circuit Cellar: Sneak Preview

The November issue of Circuit Cellar magazine is coming soon. Clear your decks for a new stack of in-depth embedded electronics articles prepared for you to enjoy.

Not a Circuit Cellar subscriber?  Don’t be left out! Sign up today:

 

Here’s a sneak preview of November 2018 Circuit Cellar:

SOLUTIONS FOR SYSTEM DESIGNS

3D Printing for Embedded Systems
Although 3D printing for prototyping has existed for decades, it’s only in recent years that it’s become a mainstream tool for embedded systems development. Today the ease of use of these systems has reached new levels and the types of materials that can be used continues to expand. This article by Circuit Cellar’s Editor-in-Chief, Jeff Child looks at the technology and products available today that enable 3D printing for embedded systems.

Add GPS to Your Embedded System
We certainly depend on GPS technology a lot these days, and technology advances have brought fairly powerful GPS functionally into our pockets. Today’s miniaturization of GPS receivers enables you to purchase an inexpensive but capable GPS module that you can add to your embedded system designs. In this article, Stuart Ball shows how to do this and take advantage of the GPS functionality.

FCL for Servo Drives
Servo drives are a key part of many factory automation systems. Improving their precision and speed requires attention to fast-current loops and related functions. In his article, Texas Instruments’ Ramesh Ramamoorthy gives an overview of the functional behavior of the servo loops using fast current loop algorithms in terms of bandwidth and phase margin.

FOCUS ON ANALOG AND POWER

Analog and Mixed-Signal ICs
Analog and mixed-signal ICs play important roles in a variety of applications. These applications depend heavily on all kinds of interfacing between real-world analog signals and the digital realm of processing and control. Circuit Cellar’s Editor-in-Chief, Jeff Child, dives into the latest technology trends and product developments in analog and mixed-signal chips.

Sleeping Electronics
Many of today’s electronic devices are never truly “off.” Even when a device is in sleep mode, it draws some amount of power—and drains batteries. Could this power drain be reduced? In this project article, Jeff Bachiochi addresses this question by looking at more efficient ways to for a system to “play dead” and regulate power.

BUILDING CONNECTED SYSTEMS FOR THE IoT EDGE

Easing into the IoT Cloud (Part 1)
There’s a lot of advantages for the control/monitoring of devices to communicate indirectly with the user interface for those devices—using some form of “always-on” server. When this server is something beyond one in your home, it’s called the “cloud.” Today it’s not that difficult to use an external cloud service to act as the “middleman” in your system design. In this article, Brian Millier looks at the technologies and services available today enabling you to ease in to the IoT cloud.

Sensors at the Intelligent IoT Edge
A new breed of intelligent sensors has emerged aimed squarely at IoT edge subsystems. In this article, Mentor Graphics’ Greg Lebsack explores what defines a sensor as intelligent and steps through the unique design flow issues that surround these kinds of devices.

FUN AND INTERESTING PROJECT ARTICLES

MCU-Based Project Enhances Dance Game
Microcontrollers are perfect for systems that need to process analog signals such as audio and do real-time digital control in conjunction with those signals. Along just those lines, learn how two Cornell students Michael Solomentsev and Drew Dunne recreated the classic arcade game “Dance Dance Revolution” using a Microchip Technology PIC32 MCU. Their version performs wavelet transforms to detect beats from an audio signal to synthesize dance move instructions in real-time without preprocessing.

Building an Autopilot Robot (Part 2)
In part 1 of this two-part article series, Pedro Bertoleti laid the groundwork for his autopiloted four-wheeled robot project by exploring the concept of speed estimation and speed control. In part 2, he dives into the actual building of the robot. The project provides insight to the control and sensing functions of autonomous electrical vehicles.

… AND MORE FROM OUR EXPERT COLUMNISTS

Embedded System Security: Live from Las Vegas
This month Colin O’Flynn summarizes a few interesting presentations from the Black Hat conference in Las Vegas. He walks you through some attacks on bitcoin wallets, x86 backdoors and side channel analysis work—these and other interesting presentations from Black Hat.

Highly Accelerated Product Testing
It’s a fact of life that every electronic system eventually fails. Manufacturers use various methods to weed out most of the initial failures before shipping their product. In this article, George Novacek discusses engineering attempts to bring some predictability into the reliability and life expectancy of electronic systems. In particular, he focuses on Highly Accelerated Lifetime Testing (HALT) and Highly Accelerated Stress Screening (HASS).

Security Takes Center Stage for MCUs

Enabling Secure IoT

Embedded systems face security challenges unlike those in the IT realm. To meet those needs, microcontroller vendors continue to add ever-more sophisticated security features to their devices—both on their own and via partnerships with security specialists.

By Jeff Child, Editor-in-Chief

For embedded systems, there is no one piece of technology that can take on all the security responsibilities of a system on their own. Indeed, everything from application software to firmware to data storage has a role to play in security. That said, microcontollers have been trending toward assuming a central role in embedded security. One driving factor for this is the Internet-of-Things (IoT). As the IoT era moves into full gear, all kinds of devices are getting more connected. And because MCUs are a key component in those connected systems, MCUs have evolved in recent years to include more robust security features on chip.

That trend has continued over the last 12 months, with the leading MCU vendors ramping up those embedded security capabilities in a variety of ways—some on their own and some by teaming up with hardware and software security specialists.

Built for IoT Security

Exemplifying these trends, Microchip Technology in June released its SAM L10 and SAM L11 MCU families (Figure 1). The devices were designed to address the increasing risks of exposing intellectual property (IP) and sensitive information in IoT-based embedded systems. The MCU families are based on the Arm Cortex-M23 core, with the SAM L11 featuring Arm TrustZone for Armv8-M, a programmable environment that provides hardware isolation between certified libraries, IP and application code. Security features on the MCUs include tamper resistance, secure boot and secure key storage. These, combined with TrustZone technology, protect applications from both remote and physical attacks.

Figure 1
The SAM L10 and SAM L11 MCU families provide TrustZone for Armv8-M hardware isolation between certified libraries, IP and application code. The MCUs also feature tamper resistance, secure boot and secure key storage.

In addition to TrustZone technology, the SAM L11 security features include an on-board cryptographic module supporting Advanced Encryption Standard (AES), Galois Counter Mode (GCM) and Secure Hash Algorithm (SHA). The secure boot and secure key storage with tamper detection capabilities establish a hardware root of trust. It also offers a secure bootloader for secure firmware upgrades.

Microchip has partnered with Trustonic, a member of Microchip’s Security Design Partner Program, to offer a comprehensive security solution framework that simplifies implementation of security and enables customers to introduce end products faster. Microchip has also partnered with Secure Thingz and Data I/O Corporation to offer secure provisioning services for SAM L11 customers that have a proven security framework.

Wireless MCU

Likewise focusing on IoT security, NXP Semiconductor in February announced its K32W0x wireless MCU platform. According to NXP, it’s the first single-chip device with a dual-core architecture and embedded multi-protocol radio. It provides a solution for miniaturizing sophisticated applications that typically require a larger, more costly two-chip solution. Examples include consumer devices such as wearables, smart door locks, thermostats and other smart home devices.

The K32W0x embeds a dual-core architecture comprised of an Arm Cortex-M4 core for high performance application processing and a Cortex-M0+ core for low-power connectivity and sensor processing. Memory on chip includes 1.25 MB of flash and 384 KB of SRAM. Its multi-protocol radio supports Bluetooth 5 and IEEE 802.15.4 including the Thread IP-based mesh networking stack and the Zigbee 3.0 mesh networking stack.

Figure 2
Security features of the K32W0x MCU include a cryptographic sub-system that has a dedicated core, dedicated instruction and data memory for encryption, signing and hashing algorithms including AES, DES, SHA, RSA and ECC.

Features of the K32W0x’s security system include a cryptographic sub-system that has a dedicated core, dedicated instruction and data memory for encryption, signing and hashing algorithms including AES, DES, SHA, RSA and ECC. Secure key management is provided for storing and protecting sensitive security keys (Figure 2). Support is enabled for erasing the cryptographic sub-system memory, including security keys, upon sensing a security breach or physical tamper event. The device has a Resource Domain Controller for access control, system memory protection and peripheral isolation. Built-in secure boot and secure over-the-air programming is supported to assure only authorized and authenticated code runs in the device.

To extend the on-chip security features of the K32W0x MCU platform, NXP has collaborated with B-Secur, an expert in biometric authentication, to develop a system that uses an individual’s unique heart pattern (electrocardiogram/ECG) to validate identity, making systems more secure than using an individual’s fingerprint or voice.

IP Boosts Security

For its part, Renesas Electronics addressed the IoT security challenge late last year when it expanded its RX65N/RX651 Group MCU lineup.  …

Read the full article in the October 339 issue of Circuit Cellar

Don’t miss out on upcoming issues of Circuit Cellar. Subscribe today!

Note: We’ve made the October 2017 issue of Circuit Cellar available as a free sample issue. In it, you’ll find a rich variety of the kinds of articles and information that exemplify a typical issue of the current magazine.