In “Tutorial: Secure TLS Communication with MQTT using mbedTLS on top of lwip” I already used TLS for a secure communication, but I had not enabled server certificate verification. This article is about closing that gap.
IoT (Internet of Things) is all about connecting to the internet. And even more it is about security. Without security and without encrypted communication, everyone possibly can see what I send or receive. And this is especially bad if passwords or user names are sent in an unencrypted way. So encryption and secure communication is key. The solution to that is to use a connection which uses the TLS (Transport Layer Security) protocol.
I want to use TLS for my MQTT communication (see “MQTT with lwip and NXP FRDM-K64F Board“). I’m still learning MQTT, and I’m even more learning about the fundamentals of security and security protocols. So this article is about what I have learned recently, and what I can use to make my data communication secure: Network stack architecture, symmetric and asymmetric encryption and certificates.
The concept of Linux (Open Source, broad developer base and broad usage) is a success story. While there is a lot of diversity (and freedom) in the Linux world, Linux is Linux and again Linux :-). And the world has (mostly) standardized on Linux and its variants on the high embedded system side.
On the other side, the ‘middle and lower end’ Embedded world is fragmented and in many aspects proprietary. So it was no surprise to me when the Linux Foundation announced the ‘Zephyr’ project back in February 2016:
“The Linux Foundation Announces Project to Build Real-Time Operating System for Internet of Things Devices. Open source Zephyr™ Project aims to deliver an RTOS; opens call for developers to help advance project for the smallest footprint IoT devices.“
Ζεφυρος (Zephyros) is the Greek good of spring and the west wind. Obviously this inspired the logo for the Zephyr project:
More and more of my students are using Microsoft Windows 10 machines, and my computer has been upgraded to Windows 10 a couple of week ago too. From my work and experience, a new operating system causes always some challenges, and Windows 10 is no difference. And no, this is not about Microsoft vs. Apple vs. Linux, this post is about addressing a potential and painful problem which I have observed with Windows 10 machines, and to my understanding it could happen with any other operating system too. The problem is that somehow on several student machines the bootloader and OpenSDA application on their FRDM boards did not work any more.
Flying a quadrocopter without some sensor and microcontroller intelligence will be a challenge. Definitely I will need some intelligent sensor data to help me out :-). Luckily, there is a Freescale ‘Sensor Fusion Toolbox’ and Library which gives me a nice start and visibility into the sensors I plan to use:
To build an application for a modern microcontroller today is not a simple thing. Well, it depends what ‘simple’ means. But compared to the ‘old days of 8bit micro controllers’ (which are still in use!) developing for a complex 32bit device is definitely a different thing. Not only the complexity has changed, but as well the breath of tools and helpers. In my view, the only constant is ‘change’, and I have changed the way how to develop several times in my career. In this post I present several different techniques I’m using in my development.
These days machines do not have physical serial (COM) ports any more. I do not understand why the USB group had missed to define a clean serial communication standard :-(. And the same mistake gets repeated for BLE again 😦 :-(. So every vendor and provider has its own USB CDC driver and interface. And it is really a big pain of the virtual COM/USB CDC ports installed. I have seen countless cases where “the USB UART or CDC port does not work”. So if you have such a problem, I might have a tip for you: Show hidden devices in the Windows Device manager. But in a special way I had not thought about it!
The Freescale FRDM-K64F and FRDM-K22F have a different OpenSDA (v2) firmware on it: unlike the earlier (v1), that firmware is open and not protected which is a great thing. However, it has the disadvantage if you use the wrong SWD/JTAG header on your board, the bootloader on the K20 OpenSDA microcontroller is gone 😦
Typically I can create with my build the file I usually need (like an S19). See “S-Record Generation with gcc for ARM/Kinetis” how to do this in CodeWarrior, or “Binary Files for the mbed Bootloader with Eclipse and GNU ARM Eclipse Plugins” how this works in Kinetis Design Studio. The basis of all this is the GNU objcopy utility (see “S-Record Manipulation with GNU objcopy and Burner Utility”). So what if I just have an S19 (S-Record) file and need it in a different format, e.g. as .bin (binary) file for the mbed bootloader which only accepts .bin (raw binary) files?
Segger just has released their OpenSDAv2 firmware. The OpenSDAv2 firmware is different from the OpenSDAv1 as it is using a different memory map and bootloader. The OpenSDAv2 e.g. is present on the new FRDM-K64F board. The availability of the Segger firmware is definitely good news for any owner of the FRDM-K64F board: so far only the CMSIS-DAP firmware was available (on top of the mbed bootloader). With this, it was not possible to use the board with CodeWarrior, except with using an external P&E Multilink or Segger J-Link. With that new Segger J-Link OpenSDAv2 firmware, I can now use the FRDM-K64F with any IDE which supports the Segger J-Link :-).
The existing OpenSDAv1 (see “OpenSDA on the Freedom KL25Z Board“) bootloader is using the industry standard Motorola S-Record (S19) Files. However, new FRDM-K64F board (see “FTF: FRDM-K64F, Kinetis Design Studio and Kinetis SDK“) has OpenSDAv2 on it, which is an mbed bootloader. So how to create files with an IDE other than mbed for that bootloader which is present on the FRDM-K64F board by default? Well, creating binary files is one thing, but to have it working with the mbed bootloader is another challenge :-(.