IoT Security Checklist


The most recent version of the IoT Checklist can be
downloaded in Word format here


For your reference, it’s also available here online (HTML format):

1.      Identifying Assets

☐ Have you identified all intellectual property that needs to be protected?

☐ Have you determined if the entire electronic design needs to be protected?

☐ Have you determined if certain proprietary circuits need to be protected?

☐ Have you determined if the binary / executable needs to be protected?

☐ Have you determined if there are algorithms that need to be protected?

☐ Have you determined if there is any source code shipped in the product (Python, PHP, script files) that needs protection?

☐ Have you determined if there is any data, if it got into the wrong hands, could cause harm to your company, your client or someone else?

☐ Have you determined if there is any removable data storage device that needs to be protected?

☐ Have you determined if the file system needs to be protected?

☐ Do you need to protect the device from being reprogrammed from an unauthenticated user?

☐ Do you need to protect the entire fleet from being reprogrammed from an unauthenticated user?

☐ Have you determined ways the company’s reputation could be harmed from a security breach with this system?

☐ Have you determined what functionality must remain functional in the face of the most extreme security breach?

☐ Have you determined if a security breach on one device could bring down or be used to take over the entire fleet?

☐ Have you determined if a security breach on one device could bring down or be used to take over other similar products that you make?

☐ Is there personal information, direct or indirect, available in our device that needs to be protected?

☐ Are there keys, passwords, and certificates of authority that need to be protected?

☐ Are there aspects of a wireless network that need to be protected?

☐ Are there aspects of a wired network that need to be protected?

2.      Identifying Threats

☐ Have you identified all intellectual property that needs to be protected?

☐ Verify that the estimated cost of losing all or some of the above identified assets has been documented should a threat agent have access to the wireless services on the device

☐ Verify that the estimated cost of losing all or some of the above identified assets has been documented should a threat agent have access to the Cloud services used by the device

☐ Verify that the estimated cost of losing all or some of the above identified assets has been documented should a threat agent have access to the Mobile app used by the device

☐ Verify that the estimated cost of losing all or some of the above identified assets has been documented should a threat agent have access to the physical device

☐ Verify that the estimated cost of losing all or some of the above identified assets has been documented should a threat agent have access to the wired networks used by the device

Insecure Web, Cloud or Mobile App Interface – Anyone who has access to the web interface or the Internet or the Mobile App (OWASP #1 Threat & OWASP #6 Threat & OWASP #7 Threat – Insecure Mobile App)

☐ Verify that default usernames and default passwords are changed during initial setup

☐ Verify that weak passwords are not allowed

☐ Verify that usernames and passwords are not sent in plain text over any network

☐ Verify that there is no backdoor hard coded username and password

☐ Verify that the username is locked out after 3-5 failed attempts to log on

☐ Verify that usernames cannot be identified with the password recovery scenario

☐ Verify that the code has been reviewed for code injection errors

☐ Verify that the code has been reviewed for cross-site request forgeries

☐ Verify that the code has been reviewed for cross-site scripting

Insufficient Authorization / Authentication – Anyone who has access to the web interface/ mobile interface / cloud interface (OWASP #2 Threat )

☐ Verify that the device has some mechanism to time out access after a period of inactivity requiring the user to re-login

☐ Verify that extremely sensitive functions require the user to re-verify their credentials

☐ Verify that the need for two factor authentication has been reviewed and implemented if necessary (Especially for administrative functions)

☐ Verify that the need for granular access controls (ie different levels of access for different users) was evaluated when the system was designed.

☐ Verify that access controls are implemented properly.

☐ Verify that neither the usernames nor the passwords are stored in clear text in the device

Insecure Network Services – Anyone who has access to the device via a network connection (OWASP #3 Threat)

☐ Verify that there are no open ports

☐ Verify that all open ports need really need to be open

☐ Verify that a Denial of Service attack does not shut down essential functionality of the device

Lack of Transport Encryption – Anyone who has access to the network the device is connected to (OWASP #4 Threat)

☐ Verify that no data is passed in clear text after installation

☐ Verify that the encryption method is secure to the level of the value of the assets

☐ If SSL, TLS or other secure libraries are used, verify that there are no pre-existing security flaws in them

☐ If SSL, TLS or other secure libraries are used, verify that they are configured properly

Privacy Concerns – Anyone who has access to the device, the network, the mobile application (if applicable) and the cloud interface (OWASP #5 Threat)

☐ Verify all data types collected by the device, the mobile app, and the cloud have no privacy issues – or that special procedures and processes are created for this private data

☐ Verify that medical information stored in the device or in the cloud conforms to the HIPAA requirements

☐ Verify that, if medical information is transmitted to or stored in the cloud, that the cloud server is HIPAA compliant (See and  for other HIPAA checklists that may be helpful)

☐ Verify that the only data collected and stored is that data which is necessary

☐ Verify that all personal data (e.g. date of birth; home address; phone number; etc.) that is stored on the device, in the cloud or in an app is encrypted when both sent and stored

☐ Verify that access controls to personal data is appropriate for the level of access

Insufficient Security Configurability – Anyone who has access to the device (OWASP #8 Threat )

☐ Verify that the administrative access to the configuration of the device has appropriate security measures (username, strong password, two step verification)

☐ Verify that the administrative access to the configuration of the device requires strong passwords configuring users if security is very important.

☐ Verify that administrative access is more secure than user access

☐ Verify that the administrative configuration allows for logging, security alerts and alarms. For example logging whenever someone logs in as an administrator; sending an alert any time a security option is changed, etc.

☐ Verify that there is software to monitor security violations and either log them or send alerts or both. For example, in a Bluetooth mesh network, log anytime a non-authenticated device sends a beacon to request provisioning.[1]

Insecure Software / Firmware – Anyone who has access to the device, the device’s network and the device’s update server (OWASP #9 Threat)

☐ Verify that the device has the ability to update remotely. If not, provide a justification to the Director of Development.

☐ Verify that the update file is encrypted at all stages after development

☐ Verify that the device has the ability to authenticate the update and uses it.

☐ Verify that the update server is itself secure.

☐ Verify that keys used to decrypt the file are not stored in plain text on the device or in the cloud

Insufficient Physical Security – Anyone who has physical access to the device (OWASP #10 Threat)

☐ Verify that the data storage devices cannot be easily disassembled and data recovered

☐ Verify that all external ports require authentication (including the boot serial port)

☐ Verify that all external ports exposed are indeed required in production and if only needed in development are not easily accessible (for example by adding a connector).

☐ Verify that all administrative configuration capabilities are limited to local access if possible


[1] This assumes that only pre-authenticated devices can be provisioned on a Bluetooth Mesh network.

The Midwest’s Only Embedded Systems Conference

Embedded Systems Conference (ESC) Minneapolis is the premier conference for chip, board and systems design engineers, deep dive into testing and measurement equipment, system boards, debugging software tools, security products, and more. It’s running October 31 – November 1, 2018 at the Minneapolis Convention Center
Minneapolis, MN


Pioneer Chooses Cypress Wi-Fi/ Bluetooth IC for Infotainment System

Cypress Semiconductor has announced that Pioneer has integrated Cypress’ Wi-Fi and Bluetooth Combo solution into its flagship in-dash navigation AV receiver. The solution enables passengers to display and use their smartphone’s apps on the receiver’s screen via Apple CarPlay or Android Auto, which provide the ability to use smartphone voice recognition to search for information or respond to text messages. The Cypress Wi-Fi and Bluetooth combo solution uses Real Simultaneous Dual Band (RSDB) technology so that Apple CarPlay and Android Auto can operate concurrently without degradation caused by switching back and forth between bands.
The Pioneer AVH-W8400NEX receiver uses Cypress’ CYW89359 combo solution, which includes an advanced coexistence engine that enables optimal performance for dual-band 2.4-GHz and 5-GHz 802.11ac Wi-Fi and dual-mode Bluetooth/Bluetooth Low Energy (BLE) simultaneously for superior multimedia experiences. The CYW89359’s RSDB architecture enables two unique data streams to run at full throughput simultaneously by integrating two complete Wi-Fi subsystems into a single chip.

The CYW89359 is fully automotive qualified with AECQ-100 grade-3 validation and is being designed in by numerous top-tier car OEMs and automotive suppliers as a full in-vehicle connectivity solution, supporting infotainment and telematics applications such as smartphone screen-mirroring, content streaming and Bluetooth voice connectivity in car kits.

Cypress Semiconductor |

Raspberry Pi’s PoE HAT Ships for $20, Tosses in a Free Fan

By Eric Brown

Raspberry Pi Trading has launched a $20 Power-over-Ethernet HAT board for the Raspberry Pi 3 Model B+ that delivers up to 15W and ships with a small fan. The Power-over-Ethernet HAT that was promised with the release of the Raspberry Pi 3 Model B+ SBC has arrived. The $20, 802.3af-compliant “Raspberry Pi PoE HAT” allows delivery of up to 15W over the RPi 3 B+’s USB-based GbE port without reducing the port’s up to 300Mbps bandwidth.

Raspberry Pi PoE HAT alone (left) and fitted on Raspberry Pi 3 Model B+
(click images to enlarge)

We’ve seen an increase in the use of PoE in embedded equipment over the last year, perhaps due to the growth in IoT applications in which embedded gear must be placed in remote locations. It’s cheaper and easier to run Ethernet cable to a remote device than to extend electrical lines.

With the help of the RPi 3 B+’s improved PXE boot function, which enables network booting, “you can now dispense with not only the power supply but also the SD Card, making deployment even cheaper for a Raspberry Pi based system in your factory or workplace,” writes Roger Thornton in the Raspberry Pi blog announcement.

The Raspberry Pi PoE HAT features a fully isolated switched-mode power supply with 37-57V DC, Class 2 input and 5V/2.5A DC output. The HAT connects to both the 40-pin header and a new PoE-specific 4-pin header introduced with the B+ located near the USB ports. To enable PoE, you need power sourcing equipment, which is either “provided by your network switch or with power injectors on an Ethernet cable,” writes Thornton.

Raspberry Pi PoE HAT with RPi 3 B+ (left) and close-up of 4-pin header on B+ between the USB ports and the 40-pin GPIO header
(click images to enlarge)

The PoE HAT ships with a 25 x 25mm brushless fan for cooling the Broadcom SoC. This does not appear to be due to any additional heat generated by PoE. Instead: “We see the product as a useful component for people building systems that may be in tougher environments,” writes Thornton.

The fan is connected via I2C and controlled with an Atmel MCU chip. This setup turns on the fan automatically when the SBC hits a certain temperature threshold, a trick that requires the latest sudo rpi-update firmware.

You can add another HAT board on top of the fan with the help of some pass-through headers for the 40-pin GPIO and the 4-way header to expose the pins on the other side of the PoE HAT. Raspberry Pi Trading recommends the 2×20 pin header from Pimoroni and 4-way risers from RS and element14.

The Raspberry Pi 3 Model B+ won LinuxGizmos’ reader survey of 116 Linux/Android hacker boards. The community-backed SBC builds upon the RPi 3 Model B design with a faster, up to 1.4GHz quad-core Broadcom SoC, as well as faster Ethernet (GbE). You also get various power management improvements and faster dual-band 802.11ac and Bluetooth 4.2, which comes in a pre-certified, shielded module.

Further information

The Raspberry Pi PoE HAT is available now for $20 at a variety of resellers. The blog announcement may be found here. The product page with links to resellers is here.

This article originally appeared on on August 25.

Raspberry Pi Foundation |

SMARC 2.0 Module Serves up NXP i.MX8 Processor

Congatec has announced the conga-SMX8, the company’s first SMARC 2.0 Computer-on-Module based on the 64-bit NXP i.MX8 multi-core Arm processor family. The Arm Cortex-A53/A72 based conga-SMX8 provides high-performance multi-core computing along with extended graphics capabilities for up to three independent 1080p displays or a single 4K screen. Further benefits of this native industrial-grade platform include hardware-based real-time and hypervisor support along with broad scalability as well as resistance against harsh environments and extended temperature ranges. The SMARC 2.0 module is designed to meet the recent performance and feature set needs for low power embedded, industrial and IoT as well as new mobility sector.The new SMARC 2.0 modules with NXP i.MX8 processors, hardware based virtualization and resource partitioning are well suited for a wide range of stationary and mobile industrial applications including real-time robotics and motion controls. Since the modules are qualified for the extended ambient temperature range from -40°C to +85°C, they can also be used in fleet systems for commercial vehicles or infotainment applications in cabs, buses and trains as well as new electric and autonomous vehicles.

The new conga-SMX8 modules feature up to 8 cores (2x A72 + 4x A53 + 2x M4F), up to 8 GByte of LPDDR4 MLC or pseudo SLC memory and up to 64 GByte of non-volatile memory on the module. The extraordinary interface set includes 2x GbE including optional IEEE1588 compliant precision clock synchronization, up to 6x USB including 1x USB 3.1, up to 2x PCIe Gen 3.0, 1x SATA 3.0, 2x CAN bus, 4x UART as well as an optional onboard Wi Fi/Bluetooth module with Wi-Fi 802.11 b/g/n and BLE.

Up to 3 displays can be connected via HDMI 2.0 with HDCP 2.2, 2x LVDS and 1x eDP 1.4. For video cameras, the modules support 2 MIPI CSI-2 video inputs. The new NXP i.MX8 based SMARC 2.0 modules come as application-ready super components including U-Boot and complete Board Support Packages for Linux, Yocto and Android.

Congatec |

Mini PCIe Expansion Module Delivers Dual Gbit Ethernet

Versalogic has extended its line of industrial temperature, rugged Mini PCIe expansion products with the “E5”. This new Dual Gbit Ethernet expansion board provides an easy and economical way to add additional Ethernet ports to high-stress embedded computer systems. Unlike similar Mini PCIe boards, the E5 is completely self-contained with on-board magnetic isolation. There is no need for off-board magnetics or special cabling.

The E5’s extremely small form factor format allows it to be added to systems with very little impact to the overall size of the solution. It’s well suited for size and weight optimized applications.

Many applications required extreme temperature operation. Fully tested thermal management assures reliable operation over the full industrial temperature range (-40° to +85°C). Latching connectors and Mil Standard 202 shock and vibration testing ensure performance in demanding environments. The E5E is engineered and validated to excel in unforgiving environments. Bundle it with a rugged embedded computer board from VersaLogic for a one-stop solution to your industrial application needs.

The E5 is customizable, even in low OEM quantities. Customization options include conformal coating, revision locks, custom labeling, customized testing and screening and so on. The E5 is compatible with a variety of popular operating systems such as Linux and Windows.

The E5, part number VL-MPEe-E5E, is in stock at both Versalogic and Digi-Key. OEM quantity pricing starts at $137.

Versalogic |

DC Panel Meters Display Voltage, Current and Power

Murata Power Solutions has introduced its DCM20 series of multifunction panel meters. For DC systems, these meters measure DC voltage and current, calculate power up to 96 kW, and display values either manually selected or continuously cycling. The miniature panel-mount product provides an input voltage range of 0.5 VDC to 72 VDC, with 10 mV of resolution. The meter also supports current measurement ranges from 5 A to 1,200 A when used with an external user-supplied resistive shunt. Targeted for use in 12 V, 24 V or 48 V systems, out-of-the-box accuracy of the product is +/-1 % for voltage and +/-2 % for current.
Packaged in a rugged, one-piece polycarbonate housing, with dimensions of 2.1″  x 1.43″ or 53.3 mm x 36.3 mm, the DCM20 fits in ‘0U’ and ‘1U’ racks making it well-suited for laboratory instrumentation as well as industrial and telecom equipment. Threaded mounting studs and caged terminal blocks for application wiring ensure reliable operation in harsh environments.

Applications for the product include, but are not limited to, real-time monitoring and display of DC power in telecom power distribution systems, battery management/backup systems, laboratory instrumentation and alternative energy and marine installations.

The DCM20 features a large (0.36″ /9.2 mm) bright red display easily readable at 15 feet (5 m), with green or blue displays a future option. A front-panel capacitive touch sensor is incorporated for selection of operating mode, avoiding wear-out issues possible with a membrane of other mechanical switches. Using the touch sensor control, the user may configure the unit to display voltage, current or power, or set the unit to continually cycle between the three measurements.

The unit can be self-powered from the measured voltage or powered separately from an external power supply, which can range from 9 VDC to 72 VDC. When self-powered, the input voltage range that can be measured is 9 VDC to 72 VDC and when externally powered the lowest measurable input voltage extends down to 0.5V. Current consumption of the DCM20 is generally negligible compared with the measured current being typically 6 mA at 12 V and only 2 m A at 72 V input.

A DIP switch on the DCM20 allows selection of 16 different full-scale current readings from 5 A to 1,200 A providing compatibility with a wide range of external shunt resistors, available both from Murata and other manufacturers. A fine adjustment potentiometer is also provided to calibrate the unit to compensate for shunt resistor tolerance for improved system measurement accuracy. The external shunt resistor may be placed in either the ‘high’ or the ‘low’ side of the power system, as the DCM20 has a common-mode voltage range of 72 V. A jumper is available to set where the voltage is actually measured, either remotely or at the shunt resistor. In this way, high or low side current sensing is practical and power measurement can exclude losses in wiring and the shunt resistor itself.

Murata Power Solutions |

Compact MCU Offers Enhanced Security Features

Maxim Integrated Products has announced the MAX32558 “DeepCover” family of secure microcontrollers that provide advanced cryptography, secure key storage and tamper detection in a 50% smaller package. As electronic products become smaller and increasingly connected, there is a growing threat to sensitive information and privacy, requiring manufacturers to keep security top of mind when designing their devices. While designers should prevent security breaches at the device level, they often struggle with the tradeoff of enhanced security with minimized board space, as well as the cost of design complexity and meeting time to market goals.
The MAX32558 DeepCover Arm Cortex-M3 flash-based secure microcontroller solves these challenges by delivering strong security in a small footprint while simplifying design integration and speeding time to market. It integrates several security features into a small package, including secure key storage, a secure bootloader, active tamper detection and secure cryptographic engines. It also supports multiple communications channels such as USB, serial peripheral interface (SPI), universal asynchronous receiver-transmitter (UART) and I2C, making it ideal for a wide range of applications. Maxim’s long-standing reputation and experience in payment terminal certifications as well as its established support and technology can help streamline the certification process for customers, reducing the process up to 6 months’ time (rather than the typical 12 to 18 months).


  • Shields sensitive data by providing the most secure key storage available
  • Offers secure bootloader, active tamper detection and secure cryptographic engines
  • Compliant with Federal Information Processing Standard (FIPS) 140-2 L3&4 certification

Compared to a secure authenticator, the MAX32558 provides 30x more general-purpose input/output (GPIO) in the same PCB footprint (4.34 mm x 4.34 mm) wafer-level package (WLP). The closest competitor, meanwhile, offers a device with similar features but in a much larger package (8 mm x 9 mm ball-grid array 121 (BGA121)). The devices reduces footprint by embedding a number of security features to address point-of-sale Payment Card Industry (PCI) pin transaction security (PTS) requirements, as well as several analog interfaces. It provides 512 KB of internal flash and 96 KB of internal SRAM

Easy design integration is enabled by a complete software framework including real-time operating system (RTOS) integration and code examples in evaluation kit. Code can be easily ported from one device to another as it shares the same API software library as the rest of the product family. A pre-certified Europay, Mastercard and Visa (EMV)-L1 stack for smartcard interface is provided. Extensive documentation and code is provided for managing the device lifecycle, such as secure firmware signing and device personalization. The MAX32558 is available at Maxim’s website for $3.80 (1,000-up).

Maxim Integrated |

Chip Marries 60 V Buck Controller and 4 Buck Regulators

Analog Devices has announced the Power by Linear LTC3372, an integrated power management solution for systems that require multiple low voltage outputs generated from an input voltage as high as 60 V. The LTC3372 features a 60 V synchronous buck switching regulator controller followed by four configurable synchronous monolithic buck regulators. This combination provides up to five high efficiency low quiescent current outputs in a single IC, well-suited for automotive, industrial and medical applications.

The LTC3372’s buck controller operates over a 4.5 V to 60 V input voltage range and drives an all N-channel MOSFET power stage. Its output can be programmed to either 3.3 V or 5 V and can generate an output current up to 20 A. The controller output is typically used to feed the four monolithic buck regulators. Each monolithic buck channel can be programmed to regulate an output voltage as low as 0.8 V with a configurable output current up to 4 A. Eight 1 A integrated power stages are programmed by the C1-C3 pins into one of eight unique configurations, from a quad 2 A buck to a dual 4 A buck. This allows only one inductor per channel.

The LTC3372 offers a low IQ solution ideal for battery-powered or automotive applications in which one or more power supply rails are always on. With just the high voltage controller enabled, the device draws 15 µA from a 12 V input supply while regulating the output to 5 V at no load. Each monolithic buck regulator adds only 8 µA of additional IQ per channel enabled. The LTC3372’s monolithic buck switching frequency can be programmed from 1 MHz to 3 MHz and can be synchronized to an external clock while the buck controller switches at 1/6 of this frequency. Additional features include foldback current limiting, soft-start, short-circuit protection and output overvoltage protection.

The LTC3372 is available from stock in a thermally enhanced 48-pin 7 mm × 7 mm QFN package. E and I grades are specified over an operating junction temperature range of –40°C to 125°C, and the H grade features operation from –40°C to 150°C.

Analog Devices |

Next Newsletter: Embedded Boards

Coming to your inbox tomorrow: Circuit Cellar’s Embedded Boards newsletter. Tomorrow’s newsletter content focuses on both standard and non-standard embedded computer boards that ease prototyping efforts and let you smoothly scale up to production volumes.

Bonus: We’ve added Drawings for Free Stuff to our weekly newsletters. Make sure you’ve subscribed to the newsletter so you can participate.

Already a Circuit Cellar Newsletter subscriber? Great!
You’ll get your
Embedded Boards newsletter issue tomorrow.

Not a Circuit Cellar Newsletter subscriber?
Don’t be left out! Sign up now:

Our weekly Circuit Cellar Newsletter will switch its theme each week, so look for these in upcoming weeks:

Analog & Power. (9/4) This newsletter content zeros in on the latest developments in analog and power technologies including DC-DC converters, AD-DC converters, power supplies, op amps, batteries and more.

Microcontroller Watch (9/11) This newsletter keeps you up-to-date on latest microcontroller news. In this section, we examine the microcontrollers along with their associated tools and support products.

IoT Technology Focus. (9/18) Covers what’s happening with Internet-of-Things (IoT) technology–-from devices to gateway networks to cloud architectures. This newsletter tackles news and trends about the products and technologies needed to build IoT implementations and devices.

Flexible Embedded/IoT OS Targets 8-/16-/32-bit MCUs

Segger has introduced emPack, a complete operating system for IoT devices and embedded systems. It is delivered in source code for all 8-/16-/32-bit microcontrollers and microprocessors. emPack is optimized for high performance, and small memory footprint and easily fits onto typical MCUs without requiring expensive external memory, keeping the cost of the embedded computing system to a minimum.
emPack components are written in plain C and can be compiled by standard ANSI/ISO C compilers. The software package includes embOS, emWin, emFile, embOS/IP, emUSB- Device, emUSB-Host, emModbus, emCompress, emCrypt, emSecure, emSSL, emSSH, and SEGGER’s IoT Toolkit.

All emPack components work seamlessly together and are continuously tested on a variety of microcontrollers from different vendors. According to the company, it is very easy to get started with emPack. And it significantly reduces the time it requires to deliver a product using robust and well tested components that simply work.

Another benefit of using emPack as a platform is portability: Switching to a different microcontroller even with a different core requires minimal changes. Standardizing on emPack enables you to enhance your products when newer, more powerful processors are introduced, or can target a wider customer base with cost-optimized products using less expensive MCUs.

Because all components work together through well-defined interfaces, existing projects that already have a mandated RTOS can use emPack’s components by simply customizing a small number of OS adaptation functions. emPack has been fully tested with Amazon FreeRTOS and example configurations are available upon request.

Segger |

PMICs Enable Optimized Power for Automotive ADAS

Maxim Integrated Products has announced a series of power-management ICs (PMICs)  that enable designers to optimize power for automotive advanced driver-assistance systems (ADAS) functions to achieve high performance, small size, efficiency and electrical protection.

ADAS functions, many of which are now mandatory or will be soon, increase vehicle safety and enhance the driving experience. These features include smart braking for collision avoidance, GPS/navigation, adaptive cruise control, lane centering, lane-departure warning, and back-up/surround video. Although these functions receive considerable design attention, managing DC power in electrically harsh vehicle environments is a less-publicized yet critical challenge which involves significant issues of functions, features, performance, efficiency and footprint.
Maxim’s array of application-optimized ICs, which manage DC power, solve the top-level designer pain points for various ADAS functions involving a combination of package size, operating efficiency, quiescent current, electrical protection, and EMI generation.

The series of PMICs which Maxim has released include:

MAX20019 Dual Synchronous Step-Down Converter—Provides the industry’s smallest 3.2MHz dual step-down power supply in a 2mm × 3mm package size (compared to the closest competing solutions that offer single channel parts in either a 2mm x 2mm or 3mm x 3mm package size)

MAX20087 Quad Camera Power Protector—ASIL-grade camera module protector IC includes an I2C interface to report on over/undervoltage/fault conditions; monitors up to four 600 mA coax channels and isolates faults from individual camera modules

MAX20075 and MAX20076 Synchronous Step-Down Converters—Offer the industry’s lowest quiescent current with peak and valley mode options; provide a high peak efficiency of 91% for always-on applications compared to competing solutions, while featuring a 40 V load-dump tolerance

MAX20014 Triple-Output Converter—Features one synchronous boost and two synchronous step-down converters for smaller, simpler, and lower cost designs (competing approaches require two ICs plus discrete components); features 2.2 MHz switching frequency and spread-spectrum capability for reduced EMI and comes in a small 4 mm x 4 mm package size

Maxim Integrated |

IoT Platform Release Provides Improved Wireless Capabilities

Ayla Networks has announced new capabilities to its IoT platform that will further simplify the ability to gain business value from IoT. This new Ayla IoT platform release overcomes restrictions on choosing wireless modules to connect to the Ayla IoT cloud and streamlines the creation of enterprise applications that use IoT device data.

A new Ayla portable software agent significantly cuts the time needed to get to market with IoT initiatives, by allowing manufacturers to select essentially any cellular or Wi-Fi module and have it connect easily to the Ayla IoT cloud. For makers of IoT solutions and service providers, the Ayla IoT platform has added new application enablement capabilities that make it faster and easier to build both mobile and web-based enterprise applications that take advantage of IoT data.
To connect to an IoT cloud, devices use an embedded cellular or Wi-Fi module, comprising both a hardware chip and a software agent, that provides wireless cloud connectivity. Until now, IoT software agents had to be built and certified to work with a specific chip and module type, an expensive process that could take a year or more and involve significant certification overhead.

The new Ayla portable agent circumvents this problem by enabling connectivity to the Ayla IoT cloud from any cellular or Wi-Fi module—without the lengthy process of certifying a different software agent for each chip or module variation, and without having to generate source code to port the agent to a chosen module. As a result, IoT solution providers that want to connect to the Ayla IoT cloud are no longer restricted to a list of certified cellular or Wi-Fi modules; instead, they can take a bring-your-own (BYO) approach to IoT modules.

The Ayla portable agent includes source code, reference implementation, a porting guide, and a test suite for both cellular and Wi-Fi solutions. In addition, Ayla Networks can recommend development partners able to perform porting work for enterprises that lack in-house IoT firmware development expertise.

The Ayla Web Software Development Kit (SDK) reduces development cycles for applications that leverage IoT device data in conjunction with an enterprise’s other cloud or data integrations. A new product, the Ayla Web SDK makes it easy for developers to create business applications on top of the Ayla IoT platform. It provides pre-packaged functionality for user management, device monitoring, session management and rule-based access control (RBAC) management.

Ayla Networks |

Zigbee Certification Transfer Effort Looks to Boost IoT Growth

The Zigbee Alliance has announced a new Certification Program that creates new business opportunities for members, and makes it easy for new entrants to join the growing ecosystem of Certified Products that work with major consumer and commercial IoT platforms. The new program is now open, and permits members — and for the first time, non-members — to quickly adopt, sell, and market Certified Products under their own brand while maintaining those products’ Certified status.

For new entrants to the IoT, or companies looking to fill a gap in their portfolio, this program offers an easy, fast, and affordable avenue to implement Certified Products from Alliance Participant and Promoter member companies, and then market those products under their own brand. Approved products can then carry the Zigbee Certified logo, leveraging the brand recognition and interoperability mark of Zigbee and allowing companies to create products that work with the leading consumer and commercial IoT and smart home platforms, or even create their own from the diverse portfolio of Zigbee Certified Products.

For Zigbee Alliance Participant and Promoter members, this program opens new markets and sales channels by enabling them to offer Certified Products to customers for re-branding and non-functional modification while maintaining those products’ Certified status. Adopter-level members of the Zigbee Alliance are also eligible to receive unlimited Certification Transfers on products from Participant or Promoter companies, and market those products using their own brand.

Industry analysts project Zigbee technology will ship in 3.8 billion (85%) of the 4.5 billion 802.15.4 units predicted to hit the market in 2023. As consumers embrace the smart home, and leading ecosystem providers – such as Amazon, Comcast, Huawei, IKEA, Legrand, Schneider Electric, Signify (formerly Philips Lighting), Somfy, and Samsung SmartThings – continue to create products based on the Zigbee Alliance’s wireless standards, IoT product developers are eager to participate in and build on the network of thousands of Zigbee Alliance Certified products already making meaningful connections between humans and the objects in their environment.

How the Program Works

Participant or Promoter members are now populating the online Certification Transfer Tool with products available for a Certification Transfer. To receive a Certification Transfer, you must be either a Zigbee Alliance Member (in good standing), or be a new company who has never been an Alliance member.

To participate in the program, products for certification transfer must:

  • Be previously Certified by the Zigbee Alliance (Zigbee 3.0, Zigbee Smart Energy, and Green Power devices)
  • Be Certified as an “end product”
  • Be enrolled by a Participant or Promoter Company for certification transfer in the member certification web tool

The new Certification Transfer Program is open now. To share more about the program, the Zigbee Alliance will be holding a public webinar on August 22, 2018 at 7 am to go over the details of the process and the benefits to those who take part in the program. Register here.

The Zigbee Alliance |

September (issue #338) Circuit Cellar Article Materials

Click here for the Circuit Cellar article code archive

p.6: LIDAR 3D Imaging on a Budget: PIC32-Based Design, By Chris Graef


[1] Cornell University ECE 4760 Development Board page, PIC32 Development board schematic   

[2] Lidar Lite V3 Operations Manual and Technical Guide, “Specifications, Interface” section.

[3] Lidar Lite V3 Operations Manual and Technical Guide, “Specifications, Performance” section

Garmin: Lidar Lite V3

Microchip Technology: PIC32 Microcontroller

Adafruit: S1213 Analog Feedback Servos

Adafruit |
Garmin |
Microchip Technology |

p.12: Wireless Weather Station Uses Arduino: And Two ASK Radios, By Raul Alvarez Torrico

IEEE Computer Society (2011). IEEE Standard for Local and metropolitan area networks—Part 15.4: Low-Rate Wireless Personal Area Networks (LR-WPANs), IEEE

ZigBee Alliance (2012). ZigBee Specification Document 053474r20, ZigBee Standards Organization

Digi International Inc. (2013). XBee®/XBee-PRO ZB RF Modules – 90000976_P, Digi International Inc.

       Arduino Pro Mini

ASK Transmitter and Receiver Kit

DHT22 Temperature and Humidity Sensor

Do-It-Yourself Anemometer:

Online Linear Regression Calculator

Do-It-Yourself Wind Vane

DHT22 Arduino Library

0.96” OLED Display

u8g2 OLED Display Library

Dew Point Calculation

Additional Resources by the Author:

Adafruit |
Arduino |
ITEAD Intelligent Systems |
Microchip Technology |
Sparkfun |

p. 20: Murphy’s Laws in the DSP World (Part 3): Future Imperfect, By Michael Smith, Mai Tanaka

ML-DSP Project Files
Cut and paste listings from the article .pdf in Ocatve and MATLAB .m scripts or download from the Circuit Cellar article code archive.

Installing Octave: See Circuit Cellar 335 for details or go here.
URL to download

Installing MATLAB: See Circuit Cellar 335 for details or go here.

Mathworks |
GNU Octave |

p. 36: Virtual Emulation for Drones: Suited for Streaming, By Richard Pugh

To learn more about the challenges of the multimedia market, and how an emulation-based verification methodology offers design teams a significant advantage—please download the whitepaper Drones, Augmented Reality, UHD TV – High-End Video SoCs Need Emulation

Mentor, A Siemens Business |

p.40: Motion Control AdvancesTarget Robotics: Integrated, Precision Solutions, By Jeff Child

Advanced Motion Controls |
Analog Devices |
Elmo Motion Control |
Infineon Technologies |
Microchip Technology |
Renesas Electronics |
STMicroelectronics |
Texas Instruments |

p. 46: Power Supplies Lean Toward an Application Focus: Medical and More, By Jeff Child

Minmax Technology |
Murata Power Solutions |
TDK-Lambda |
XP Power |

p. 50: IoT Gateways: Real-Time Intelligence, By Jeff Child

Aaeon |
ADLINK Technology |
Advantech |
American Portwell Technology |
Axiomtek |
Congatec |
Eurotech |
Kontron |
Moxa |

p. 54: EMBEDDED SYSTEM ESSENTIALS: Recreating Code Protection Bypass: An LPC MCU Attack, By Colin O’Flynn

Microchip Technology |
NXP Semiconductors |
Olimex |

p. 60: ABOVE THE GROUND PLANE: Frequency Modulated DDS: Conjuring a Channel Element, By Ed Nisley

Background columns:

Background blog posts:



Analog Devices |
ON Semiconductor |
PJRC Store |

p. 66: THE CONSUMMATE ENGINEER: Velocity and Speed Sensors: Measuring Motion, By George Novacek

[1]. Displacement & Position Sensors Parts 1 and 2, in Circuit Cellar 315, October 2016 and Circuit Circuit 316, November 2016

Speed conversion calculator

Charles P. Pinney, et. al.. “Velocity Measurement.”

p. 70: FROM THE BENCH: Electronic Speed Control (Part 3): Taking Flight, By Jeff Bachiochi

Turnigy |

p. 79: The Future of SBCs: Do SFFs Mean the End of Board-Based Systems?, By Doug Patterson

Aitech Defense Systems |