Tuturial: mbedTLS SSL Certificate Verification with Mosquitto, lwip and MQTT

In “Tutorial: Secure TLS Communication with MQTT using mbedTLS on top of lwip” I already used TLS for a secure communication, but I had not enabled server certificate verification. This article is about closing that gap.

MQTT running on NXP FRDM-K64F

Secure MQTT running on NXP FRDM-K64F with lwip and mbed TLS

Continue reading

Advertisements

Introduction to Security and TLS (Transport Layer Security)

IoT (Internet of Things) is all about connecting to the internet. And even more it is about security. Without security and without encrypted communication, everyone possibly can see what I send or receive. And this is especially bad if passwords or user names are sent in an unencrypted way. So encryption and secure communication is key. The solution to that is to use a connection which uses the TLS (Transport Layer Security) protocol.

I want to use TLS for my MQTT communication (see “MQTT with lwip and NXP FRDM-K64F Board“). I’m still learning MQTT, and I’m even more learning about the fundamentals of security and security protocols. So this article is about what I have learned recently, and what I can use to make my data communication secure: Network stack architecture, symmetric and asymmetric encryption and certificates.

Certificate Based Key Exchange

Certificate Based Key Exchange

Continue reading

Zephyr: Thoughts and First Steps on the ARM Cortex-M4F with gcc, gdb and Eclipse

The concept of Linux (Open Source, broad developer base and broad usage) is a success story. While there is a lot of diversity (and freedom) in the Linux world, Linux is Linux and again Linux :-). And the world has (mostly) standardized on Linux and its variants on the high embedded system side.

On the other side, the ‘middle and lower end’ Embedded world is fragmented and in many aspects proprietary. So it was no surprise to me when the Linux Foundation announced the ‘Zephyr’ project back in February 2016:

“The Linux Foundation Announces Project to Build Real-Time Operating System for Internet of Things Devices. Open source Zephyr™ Project aims to deliver an RTOS; opens call for developers to help advance project for the smallest footprint IoT devices.

Ζεφυρος (Zephyros) is the Greek good of spring and the west wind. Obviously this inspired the logo for the Zephyr project:

Zephyr logo

Zephyr logo (Source: https://www.zephyrproject.org/)

Continue reading

How to Recover the OpenSDA V2.x Bootloader

More and more of my students are using Microsoft Windows 10 machines, and my computer has been upgraded to Windows 10 a couple of week ago too. From my work and experience, a new operating system causes always some challenges, and Windows 10 is no difference. And no, this is not about Microsoft vs. Apple vs. Linux, this post is about addressing a potential and painful problem which I have observed with Windows 10 machines, and to my understanding it could happen with any other operating system too. The problem is that somehow on several student machines the bootloader and OpenSDA application on their FRDM boards did not work any more.

FRDM-K64F (top) programming the OpenSDA Bootloader (bottom)

FRDM-K64F (top) programming the OpenSDA Bootloader (bottom)

Continue reading

Kinetis Drone: Sensor Fusion Toolbox

Flying a quadrocopter without some sensor and microcontroller intelligence will be a challenge. Definitely I will need some intelligent sensor data to help me out :-). Luckily, there is a Freescale ‘Sensor Fusion Toolbox’ and Library which gives me a nice start and visibility into the sensors I plan to use:

Sensor Fusion Data

Sensor Fusion Data

Continue reading

Overview: From Snippets to Code Generation

To build an application for a modern microcontroller today is not a simple thing. Well, it depends what ‘simple’ means. But compared to the ‘old days of 8bit micro controllers’ (which are still in use!) developing for a complex 32bit device is definitely a different thing. Not only the complexity has changed, but as well the breath of tools and helpers. In my view, the only constant is ‘change’, and I have changed the way how to develop several times in my career. In this post I present several different techniques I’m using in my development.

Processor Expert CPU View

Processor Expert CPU View

Continue reading

Removing Hidden COM & LPT Ports and Devices on Windows

These days machines do not have physical serial (COM) ports any more. I do not understand why the USB group had missed to define a clean serial communication standard :-(. And the same mistake gets repeated for BLE again 😦 :-(. So every vendor and provider has its own USB CDC driver and interface. And it is really a big pain of the virtual COM/USB CDC ports installed. I have seen countless cases where “the USB UART or CDC port does not work”. So if you have such a problem, I might have a tip for you: Show hidden devices in the Windows Device manager. But in a special way I had not thought about it!

Where are the hidden devices

Where are the hidden devices?

Continue reading

Recovering the FRDM-K64F Bootloader, or: Cloning the Program of a Microcontroller

The Freescale FRDM-K64F and FRDM-K22F have a different OpenSDA (v2) firmware on it: unlike the earlier (v1), that firmware is open and not protected which is a great thing. However, it has the disadvantage if you use the wrong SWD/JTAG header on your board, the bootloader on the K20 OpenSDA microcontroller is gone 😦

Two SWD Headers on FRDM-K64F Board

Two SWD Headers on FRDM-K64F Board

Continue reading

Converting S19 Files into Binary Files with GNU objcopy

Typically I can create with my build the file I usually need (like an S19). See “S-Record Generation with gcc for ARM/Kinetis” how to do this in CodeWarrior, or “Binary Files for the mbed Bootloader with Eclipse and GNU ARM Eclipse Plugins” how this works in Kinetis Design Studio. The basis of all this is the GNU objcopy utility (see “S-Record Manipulation with GNU objcopy and Burner Utility”). So what if I just have an S19 (S-Record) file and need it in a different format, e.g. as .bin (binary) file for the mbed bootloader which only accepts .bin (raw binary) files?

Converting S19 to BIN

Converting S19 to BIN

Continue reading

Segger J-Link Firmware for OpenSDAv2

Segger just has released their OpenSDAv2 firmware. The OpenSDAv2 firmware is different from the OpenSDAv1 as it is using a different memory map and bootloader. The OpenSDAv2 e.g. is present on the new FRDM-K64F board. The availability of the Segger firmware is definitely good news for any owner of the FRDM-K64F board: so far only the CMSIS-DAP firmware was available (on top of the mbed bootloader). With this, it was not possible to use the board with CodeWarrior, except with using an external P&E Multilink or Segger J-Link. With that new Segger J-Link OpenSDAv2 firmware, I can now use the FRDM-K64F with any IDE which supports the Segger J-Link :-).

FRDM-K64F with Segger OpenSDAv2 Firmware

FRDM-K64F with Segger OpenSDAv2 Firmware

Continue reading

Binary (and S19) Files for the mbed Bootloader with Eclipse and GNU ARM Eclipse Plugins

The existing OpenSDAv1 (see “OpenSDA on the Freedom KL25Z Board“) bootloader is using the industry standard Motorola S-Record (S19) Files. However, new FRDM-K64F board (see “FTF: FRDM-K64F, Kinetis Design Studio and Kinetis SDK“) has OpenSDAv2 on it, which is an mbed bootloader. So how to create files with an IDE other than mbed for that bootloader which is present on the FRDM-K64F board by default? Well, creating binary files is one thing, but to have it working with the mbed bootloader is another challenge :-(.

FRDM-K64F with mbed MSD bootloader

FRDM-K64F with mbed MSD bootloader

Continue reading