Category Archives: Hardware

Why the IoT needs multi-layer security

When it comes to the Internet of Things, you’re only as a strong as your weakest link.

The notion of security being only as strong as its weakest link is especially true for the Internet of Things. When it comes to connected devices, security must be strong at all layers, closing any possible open doors and windows that an attacker can crawl through. Otherwise, if they can’t get in on ther first floor, they will try another.

Internet security has been built mainly upon Transport Layer Security, or TLS. TLS provides confidentiality, data integrity and authentication of the communication channel between an Internet user and a secure website. Once a secure communications channel is set up using a TLS method, for example, the other half of the true security equation is needed, namely applications layer security.

To understand this notion, think of logging into your bank account on the web. First, you go to the bank’s website, which will set up a secure channel using TLS. You know TLS is successful when you see the lock symbol and https (“S” for secure) in the browser. Then, you will be brought to a log-in page and prompted to enter your credentials, which is how the bank authenticates your identity, ensuring that you’re not some hacker trying to gain access into an unauthorized account. In this scenario, your password is literally a secret key and the bank has a stored copy of the password which it compares to what you entered. (You may recognize that this is literally symmetric authentication with a secret key, though the key length is very small.) Upon logging in, you are, in fact, operating at the application. This application, of course, being electronic banking.

So, as autonomous IoT nodes spread around the world like smart dust, how do those nodes ensure security? This can essentially be achieved using the same two steps:

Set up Transport Layer Security to secure the communications channel using TLS or another methodology to get confidentiality, data integrity and confidentiality in the channel. This channel can be either wired or wireless.

Set up Applications Layer Security to safeguard the information that will be sent through the communications channel by using cryptographic procedures. Among proven cryptographic procedures to do so are ECDSA for authentication, ECDH key agreement to create session keys, and encryption/decryption engines (such as AES that use the session keys) for encrypting and decrypting messages. These methods make sure that the data source in the node (e.g. a sensor) is authentic, the data is confidential and has not been tampered with in any degree (integrity).

The reason that multi-layer security, particularly application layer security, is required is that attackers can get into systems at the edge nodes despite a secure channel. Long story short, TLS is not enough.

IoT nodes collect data, typically through some kind of sensor or acting on data via an actuator. A microcontroller controls the operation of the node and a chosen technology like Wi-Fi, Bluetooth and Zigbee provides the communications channel. The reason that application layer security needs to be added to the TLS is that, if an attacker can hack into the communications channel via any range of attacks (Heartbleed, BEAST, CRIME, TIME, BREACH, Lucky 13, RC4 biases, etc.), they can then intercept, read, replace and/or corrupt the sensor/actuator or other node information.

Unfortunately in the real world, TLS gets breached, making it not sufficient. As a result, true security requires both Transport Layer and Applications Layer Security. Think of it as a secure pipeline with secure data flowing inside. The crypto element — which are an excellent way to establish the Applications Layer Security for the IoT — gets in between the sensor and the MCU to ensure that the data from the sensor has all three pillars of security applied to it: confidentiality, integrity, and authentication (also referred to as “CIA”). CIA at both the transport and application layers is what will make an IoT node entirely secure.

Fortunately, Atmel has an industry-leading portfolio of crypto, connectivity and controller devices that are architected to easily come together to form the foundation of a secure Internet of Things. The company’s wireless devices support a wide spectrum of standards including Wi-Fi, Bluetooth, Bluetooth Low Energy and Personal Area Networks (802.15.4), not to mention feature hardware accelerated Transport Layer Security (TLS) and the strongest link security software available (WPA2 Enterprise).

Crypto elements, including CryptoAuthentication and Trusted Platform Modules (TPM) with protected hardware-based key storage, make it easy to provide extremely robust security for IoT edge nodes, hubs, and other “things” without having to be a crypto expert. Built-in crypto engines perform ECDSA for asymmetric authentication and ECDH key agreement to provide session keys to MCUs, including ARM and AVR products that run encryption algorithms.

Why do drones love the Atmel SAM E70?

2 Replies

Eric Esteve explains why the latest Cortex-M7 MCU series will open up countless capabilities for drones other than just flying.

By nature, avionics is a mature market requiring the use of validated system solution: safety is an absolute requirement, while innovative systems require a stringent qualification phase. That’s why the very fast adoption of drones as an alternative solution for human piloted planes is impressive. It took 10 or so years for drones to become widely developed and employed for various applications, ranging from war to entertainment, with prices spanning a hundreds of dollars to several hundreds of thousands. But, even if we consider consumer-oriented, inexpensive drones, the required processing capabilities not only call for high performance but versatile MCU as well, capable of managing its built-in gyroscope, accelerator, geomagnetic sensor, GPS, rotational station, four to six-axis control, optical flow and so on.

When I was designing for avionics, namely the electronic CFM56 motor control (this reactor being jointly developed by GE in the U.S. and Snecma in France, equipping Boeing and Airbus planes), the CPU was a multi-hundred dollar Motorola 68020, leading to a $20 per MIPS cost! While I may not know the Atmel | SMART SAM E70 price precisely — I would guess that it cost a few dollars — what I do I know is that the MCU is offering an excess of 600 DMIPS. Aside from its high performance, this series boasts a rather large on-chip memory size of up to 384KB SRAM and 2MB Flash — just one of many pivotal reasons that this MCU has been selected to support the “drone with integrated navigation control to avoid obstacle and improve stability.”

In fact, the key design requirements for this application were: +600 DMIPS, camera sensor interface, dual ADC and PWM for motor control and dual CAN, all bundled up in a small package. Looking at the block diagram below helps link the MCU features with the various application capabilities: gyroscope (SPI), accelerator (SPI x2), geomagnetic sensor (I2C x2), GPS (UART), one or two-channel rotational station (UART x2), four or six-axis control communication (CAN x2), voltage/current (ADC), analog sensor (ADC), optical flow sensor (through image sensor Interface or ISI) and pulse width modulation (PWM x8) to support the rotational station and four or six-axis speed PWM control.

For those of you who may not know, the SAM E70 is based on the ARM-Cortex M7 — a principle and multi-verse handling MCU that combines superior performance with extensive peripheral sets supporting multi-threaded processes. It’s this multi-thread support that will surely open up countless capabilities for drones other than simply flying.

Today’s drones already possess the ability to soar through the air or stay stationary, snapping pictures or capturing HD footage. That’s already very impressive to see sub-kilogram devices offering such capabilities! However, the drone market is already looking ahead, preparing for the future, with the desire to get more application stacks into the UAVs so they can take in automation, routing, cloud connectivity (when available), 4G/5G, and other wireless functionalities to enhance data pulling and posting.

For instance, imagine a small town tallying a few thousand habitants, except a couple of days or weeks per year because of a special event or holiday, a hundred thousand people come storming into the area. These folks want to feed their smartphone with multimedia or share live experiences by sending movies or photos, most of them at the same time. The 4G/5G and cloud infrastructure is not tailored for such an amount of people, so the communication system may break. Yet, this problem could be fixed by simply calling in drone backup to reinforce the communication infrastructure for that period of time.

While this may be just one example of what could be achieved with the advanced usage of drones, each of the innovative applications will be characterized by a common set of requirements: high processing performance, large SRAM and flash memory capability, and extensive peripheral sets supporting multi-threaded processes. In this case, the Cortex M7 ARM-based SAM E70 MCU is an ideal choice with processing power in excess of 640 DMIPS, large on-chip SRAM (up to 384 KB) and Flash (up to 2MB) capabilities managing all sorts of sensors, navigation, automation, servos, motor, routing, adjustments, video/audio and more.

Intrigued? You’ll want to check out some of the products and design kits below:

This post has been republished with permission from SemiWiki.com, where Eric Esteve is a principle blogger as well as one of the four founding members of SemiWiki.com. This blog first appeared on SemiWiki on July 18, 2015.

This open source platform turns your physical world into a digital interface

2 Replies

The brainchild of MIT Media Lab’s Fluid Interfaces Group, Open Hybrid is an augmented reality platform for physical computing and the Internet of Things.

The Xerox Star was the first commercially available computer showing a Graphical User Interface (GUI). Since its debut in 1981, many of its introduced concepts have remained the same, especially with regards to how we interact with our digital world: a pointing device for input, some sort of keyboard for commands and a GUI for interaction. However, with many of today’s physical objects becoming increasingly connected to the Internet, Valentin Heun of MIT Media Lab’s Fluid Interfaces Group believes that GUI has hit its limit when it comes to extending its reach beyond the borders of the screen.

This problem is nothing new, though. Dating back the days of text-only command lines, interface designers have always been challenged by the imbalance between the countless commands that a computer can interpret, and the number of which one could store in their brain at one time.

As Heun points out, physical things have been crafted and shaped by designers over centuries to fit the human body. Because of their shape and appearance, we can access and control them intuitively. So wouldn’t an ideal solution be one in which both the digital and physical worlds come together in seamless fashion? That’s the idea behind what he and his MIT Media Lab collaborators call Open Hybrid. This project would enable users to directly map a digital interface right onto a physical item. By doing so, you would ever need to memorize a drop-down menu or app again.

Think about it, the use of these so-called smart objects isn’t all that easy. Take a smart light bulb, for instance, which might have millions of color options, thousands of brightness settings and various hue-changing patterns to select from. But in order to adjust the light, you need to first take your phone out of your pocket, enter a passcode to unlock it, open an app and search for the bulb within its main menu, all before finally accessing its functionality — a process that previously only required tapping a wall switch now requires multiple steps. Aside from that, the more objects that one has throughout their home or office, the more complex it becomes to find them in the app’s drop-down menu.

In an effort to solve this conundrum, Heun has developed the Reality Editor, which offers designers a simple solution for creating connected objects by using web standards and Arduino, in addition to a streamlined way to customize the objects’ behavior with an augmented-reality interface that eliminates complicated, and often unnecessary, steps.

“The amount of apps and drop-down menus in your phone will become so numerous that it will become impossible for you to memorize what app and what menu name is connected with each device. In this case, you might find yourself standing in the kitchen and all you want to do is switch on a light in front of you,” he writes.

These new tangible things are known as Hybrid Objects, as they share the best characteristics of virtual and physical UIs: a virtual interface for occasional modifying, connecting and learning about them, as well as physical interface for everyday operations. Meaning, this system transforms the actual physical world into a transparent window, while the smartphone in your pocket acts as a magnifying glass that can be used to edit reality when necessary.

How it works is pretty straightforward: Hold your phone up so the camera is pointed towards the object, while the app displays a virtual control panel hovering over the item — whether it’s a drone, a lamp, a kitchen appliance, a radio or even an entertainment system. This will prompt its settings and whatever other menu options to magically appear.

You’ll also see nodes corresponding to the physical controls the gadget offers, and can then create interactions between devices by drawing a line from the origin I/O to the designation I/O. And voilà!

“Traditionally, you would create some kind of standard that knows every possible representation of the relevant objects so that every interface can be defined. For example, say you have two objects, a toaster and a food processor, and now you would need to create a standard that knows how to connect these two objects.”

With Open Hybrid you have a visual representation of your object’s functionalities augmented onto the physical object. Where before an abstract standard needed to be devised, you can now just visually break down an object to all its components. Using the same example from above, the toaster now consists of a heating element, a setup button, a push slider and a timing rotation dial. All of these elements are represented with a number between 0.0 and 1.0. This same simple representation applies to the food processor. If you want to connect two things, you are really only pairing the numbers associated with each given item, never the objects themselves.

“This is the power of Open Hybrid. Now that the interface allows you break down every object to its components, you only need to deal with the smallest entity of a message: a number. As such, Open Hybrid is compatible with every Hybrid Object that has been created, and any object that will be built,” Heun adds.

What’s nice is that all of the data about the interfaces and connections are stored on the object itself, and each one communicates directly with handheld devices or with one another, so there’s never a need for any centralized hubs or cloud servers.

The Reality Editor is built on the same open standards that are fundamental to the Internet nowadays, such as HTML, Javascript and Open Frameworks. It runs on low-cost, low-power hardware — which in this case is the Arduino Yún (ATmega32U4) — and is easily compatible with other platforms. The system does require at least 400MhZ, 32MB of RAM, 100MB of memory, as well as TCP/IP and UDP networking capabilities.

“Wherever you can run node.js you can run the Hybrid Object platform. We have successfully experimented with MIPS, ARM, x86 and x64 systems on Windows, Linux and OSX,” Heun notes. “If you have the latest head-mounted, projected or holographic interfaces, feel free to compile the code for your platform and share your findings with the community.”

Safe to say, it’s always exciting to see new projects come out of MIT’s Fluid Interfaces Group. While we’ve seen several attempts in bridging the gap between the physical and digital worlds before, this one is certainly among the most unique. Intrigued? Head over to Open Hybrid’s detailed page here to learn more, or watch Heun’s recent Solid 2015 presentation below.

Report: Smart lighting has the potential to reduce energy costs by 90%

3 Replies

The global smart lighting market is projected to grow from 46 million installed systems in 2015 to 2.54 billion in 2020.

It would only take a quick browse of Kickstarter and Indiegogo, or a walk down an aisle at your nearest Home Depot to sense the bright future of smart lighting, driven by Internet of Things architectures. According to a new report from Gartner, the intelligent lighting installed base is expected to grow from 46 million units in 2015 to 2.54 billion units in 2020.

The research firm defines smart lighting as a “lighting system that is connected to a network and can be both monitored and controlled from a centralized system or via the cloud.” In 2014, anywhere from 300 to 500 million square feet of commercial space worldwide could be considered to have smart lighting. It would appear that quite a bit has changed over the last 12 months, as this space is expected to double by year’s end based on the rapid growth in the market.

“Smart solid-state lighting in office buildings and industrial installations has the potential to reduce energy costs by 90 percent; however, achieving these costs takes more than just installing light-emitting diode (LED) lighting,” explains Dean Freeman, Gartner research vice president. “To successfully achieve the lowest electricity cost, in addition to achieving safety and security and enhancing the office environment, lighting product managers at technology and service providers will need to implement five key strategic phases of smart lighting: (1) LED lighting, (2) sensors and controls, (3) connectivity, (4) analytics and (5) intelligence.”

Implementing all five phases will ensure the highest level of success in reducing lighting costs and accelerating the adoption of smart lighting solutions. With these solutions, smart lighting providers will be able to leverage the impact of sensor data and analytics on the IoT.

“Smart solid-state lighting (SSL) costs are now at a point at which it is compelling to implement just the lighting. Energy savings of up to 50 percent have been well-documented in many installations, and they are difficult to resist when replacing incandescent or high-intensity discharge systems in a warehouse. In a fluorescent installation, energy cost savings of up to 25 percent can be achieved, along with considerable savings in lighting maintenance,” Freeman adds.

However, most new lighting installations require some form of sensor controls, which drive some automation of the system. Connecting the controls and the lighting via a network enables the lighting to be operated through a centralized dashboard, which begins to give the building owner the ability to analyze lighting patterns and further improve lighting costs. Most installations are stopping at this stage. If the lighting provider permits the building owner to stop at Phase 3, the value of implementing analytics and learning is lost.

If the lighting provider is able to persuade the building owner to move to Phase 4 with the dashboard in the cloud, building managers can potentially operate multiple lighting operations from a central point, comparing energy use over time and between buildings. If analytics are added to the system, product managers can demonstrate lighting usage compared with occupancy and, consequently, can recommend to their clients lighting programs that can reduce costs based on building utilization, yet enhance the security and ambience for occupants.

In many cases, a smart lighting implementation will end at Phase 4, whereby either a human or a computer will look at the data being generated by the sensors and controls and identify anomalies in the energy pattern. The ultimate in smart lighting would be a result of the analytic system looking at the data and creating some predictive models that would enable the lighting system to learn and become even more intelligent. Additionally, setting up lighting as a service (LaaS) would enable the lighting provider to maintain the system and keep it up to date, while minimizing the cash outlay for the smart lighting system. Gartner expects that as smart lighting continues to emerge, LaaS providers will begin to emerge.

The study goes on to note that regional growth of smart lighting is varied, while implementation of a true smart lighting system is driven mostly by government regulations around energy savings and bulb recycling laws. In North America and Europe, new lighting installations are driving smart lighting with remote efficient management of the fixtures and the bulbs. While SSL alone might accommodate most of the government regulations, the requirements of daylight harvesting and occupancy sensing drive the need for considerable controls in most lighting systems. Once sensors and controls are involved, then networked systems are the next step and are becoming commonplace for most new installations.

Hacker builds an impressive ProxyHam alternative

2 Replies

ProxyGambit boasts twice the radio range of the ProxyHam, as well as unlimited reach with GSM.

While many of us have been scratching our heads as to what happened to the ProxyHam following its sudden disappearance, Samy Kamkar has surfaced with his own take on online anonymity. The hacker has created what he calls an “advanced resurrection of ProxyHam,” also known as ProxyGambit — a device that enables users to access an Internet connection from anywhere on Earth without ever revealing their IP address or location.

The news of ProxyHam demise came over Twitter when Rhino Security, the consultancy run by the project’s creator Ben Caudill, announced that the was being pulled from the DEFCON agenda. The tweet stated, “Effective immediately, we are halting further dev on #proxyham and will not be releasing any further details or source for the device.”

The $238 ProxyGambit has one-upped its predecessor, given that its direct line-of-sight point-to-point link boasts a range of up to six miles, more than double ProxyHam’s two-and-a-half miles. And impressively, it can work anywhere on Earth via 2G. It can use a reverse-tunneled GSM bridge that connects to the Internet and exits through a wireless network anywhere in the world.

“While a point to point link is possible, the reverse GSM bridge allows you to proxy from thousands of miles away with nothing other than a computer and Internet with no direct link back to your originating machine,” Kamkar explains.

Both methods proxy connection through local Wi-Fi networks near the gadget, shielding and making it more difficult to determine one’s true whereabouts, IP and identity. The ProxyGambit consists of two Adafruit FONA GSM breakout boards, any two ATmega328 Arduino boards and two Raspberry Pis. The FONA uses a SIM800 chip to link the Arduino to the GSM to produce a 2G Internet connection. Meanwhile, the Arduino serves as a serial connection over a reverse TCP tunnel and provides a software proxy layer between the Raspberry Raspberry Pi’s UART and the FONA. One of, if not, the most vital parts of the project is the Pi, which drives the Linux serial link and bridges the public Wi-Fi and radio connection.

Beyond all that, Kamkar employs a 2.5A USB hub, an SD card to host the operating system and data, a Wi-Fi card depending on how far a user would like the ProxyGambit to reach, and a LiPo battery to power the FONA.

When all is said and done, the hacker does emphasize that this is merely a proof of concept and recommends that any potential builders proceed with extreme caution.

“The fragmentation of data through alternate mediums is a useful and effective concept and those interested in privacy, anonymization, or deanonymization should explore this area further. Entropy is both gained and lost with these methods and many risks are involved when deploying any system of this nature,” he concludes.

Intrigued? Head over to Kamkar’s page, where he has made all of the ProxyGamit’s source code and instructions available.

The world’s highest-performing Cortex-M7 MCUs are now shipping

3 Replies

Atmel | SMART ARM Cortex-M7-based MCUs deliver 50% more performance than the closest competitor.

Back in January, we unveiled the brand new Atmel | SMART SAM S70 and E70 families. And if you’ve been waiting to get your hands on the new ARM Cortex-M7-based MCUs, you’re in luck. That’s because both are now shipping in mass production.

With 50% higher performance than the closest competitor, larger configurable SRAM, more embedded Flash and high-bandwidth peripherals, these devices offer the ideal mix of connectivity, memory and performance. The SAM S70 and E70 series allow users to scale-up performance and deliver SRAM and system functionality, all while keeping the Cortex-M processor family ease-of-use and maximizing software reuse.

“As a lead partner for the ARM Cortex-M7-based MCUs, we are excited to ship volume units of our SAM E70 and S70 MCUs to worldwide customers,” explains Jacko Wilbrink, Atmel Senior Marketing Director. “Our SAM E70 and SAM S70 series deliver a robust memory and connectivity feature set, along with extensive software and third party support, enabling next-generation industrial, consumer and IoT designers the ability to differentiate their applications in a demanding market. We are working with hundreds of customers worldwide on a variety of applications using the new ARM Cortex-M7-based MCUs and look forward to mass adoption of these devices.”

These boards pack more than four times the performance of current Atmel | SMART ARM Cortex-M based MCUs. Running at speeds up to 300 MHz and embedding larger configurable SRAM up to 384 KB and higher bandwidth peripherals, the new series offer designers the right connectivity, SRAM and peripheral mix for industrial and connectivity designs. Additionally, the SAM S70 and E70 boast advanced memory architectures with up to 384KB of multi-port SRAM memory out of which 256KB can be configured as tightly coupled memory delivering zero wait state access at 300MHz. All devices come with high-speed USB Host and Device with on-chip high-speed USB PHY and Flash memory densities of 512kB, 1MB and 2MB.

What’s more, the Atmel | SMART ARM Cortex-M7-based MCUs are supported by ARM ecosystem partners on development tools and real-time operating system (RTOS) board support packages (BSPs) accelerating time-to-market. Software development tools are available on Atmel Studio, the ARM Keil MDK-ARM and IAR Embedded Workbench. Operating system support include Express Logic ThreadX, FreeRTOS, Keil RTX, NuttX and Segger embOS. A comprehensive set of peripheral driver examples and open source middleware is also provided in Atmel’s Software Package.

“Atmel has developed a global network of ecosystem partners that deliver hardware and software solutions for the Atmel SMART Cortex-M7 MCU,” adds Steve Pancoast, Atmel Vice President of Software Applications, Tools and Development. “Atmel’s robust, easy-to-use development platform along with our partners’ advanced development platforms offer developers the opportunity to use the best tools and services to bring their designs quickly to market. Atmel continues to expand our partner program to bring the best tools and solutions to our customers.”

Interested? Production quantities of both the SAM E70 and S70 are now available. In order to help accelerate design and to support these devices, an Atmel Xplained development kit is shipping today as well. Pricing for the SAM S70 starts at $5.34 in 64-pin LQFP package and 512KB on-chip flash for 10k-piece quantities while the Atmel Xplained board will run you $136.25. Meanwhile, be sure to read up on the new MCU families here.

How Bluetooth beacons can put an end to QR codes

1 Reply

Bluetooth beacons can enhance experiences in a way that is truly indistinguishable from magic.

Arthur C. Clarke once stated, “Any sufficiently advanced technology is indistinguishable from magic,” something that holds true when it comes to our ever-connected world. Take a look around and you will surely notice that the Internet of Things phenomenon is growing quite rapidly. So much so that some adopters have become a part of the IoT without even knowing. Many times, these cloud-based data processing solutions appear to the user as only a familiar webpage or mobile application.

Part of making IoT ubiquitous and nearly magical is awareness of where you are. GPS and cellular location can certainly do a great job outdoors. Cell tower-based location can give a very rough prediction of location indoors or outdoors. Using GPS or tower location, it is likely that an application running on a mobile device would know that you just walked into a particular store or venue.

But what happens if you need to know a more precise location inside? Take for instance, retailers and venues, who want to deliver very specific content based on the exact location of a customer, like a promotion for a particular product on a nearby shelf.

Today, many museums and public venues, such as malls and arenas, have strategically employed QR code barcodes to allow for on-demand access to location-specific information. Patrons can scan the code and automatically launch cloud-based content into an app or browser that is related to particular exhibits and locations. As great as it may be, I have come to realize that it is a real pain because it requires scanning the QR code at every exhibit. For me, this involves entering my PIN to unlock my cellphone, then looking for my QR code scanner app. This takes my attention away from my family and the overall museum experience. Usually by the time I have accessed the information, my family has moved on to the next exhibit without me.

I recently visited the North Carolina Aquarium in Pine Knoll Shores. It is a nice aquarium with thousands of examples of aquatic life from North Carolina’s many inland freshwater bodies, as well as the sea in smaller exhibits cumulating in the large 300,000-gallon tank holding a replica of the German U-352 that was sunken off the coast of North Carolina during WWII. What’s more, there is a 50,000-gallon installation that re-creates the scene as divers discovered the wreck of the Queen Anne’s Revenge, a ship once commanded by the most infamous pirate of them all – Blackbeard. The ship was last seen sinking off the North Carolina coast in 1718. Case in point: as with most exhibits, there are stories to be told that are specific to each one. Getting easy access to those stories easily enhances the overall visitor experience.

I had noticed that several of the smaller exhibits at the North Carolina Aquarium featured interactive electronic experiences that weren’t working because they had fallen into disrepair. A prime example was the amphibian exhibit, which you can press an old-fashioned button and hear what a frog call sounds like.

I can imagine the electronics behind this antiquated pushbutton: probably a voice recorder circuit from the 1990s along with a power supply and speaker. The button most likely stopped working after a few thousand kids pressed it dozens of times each, or the contacts became oxidized and non-conducting because the current through the switch was insufficient to keep the oxidation burned off. Design of switch circuits is another topic and one that hopefully will need to be addressed much less going forward thanks to innovations like capacitive touch for buttons, sliders, wheels, and other user interface elements.

In this case, the old-school pushbutton that doesn’t work is far from advanced, let alone “indistinguishable from magic.” And for that matter, the QR codes strategically placed at exhibits are clunky as well.

Instead, what if there were little radio transmitters at each exhibit that your mobile device could detect and reliably determine location? As you are well aware, your mobile device comes equipped with Bluetooth and Wi-Fi radios, as well as GPS, cellular and NFC. Of these technologies, we can use Bluetooth to interact with the exhibits by letting the phone seamlessly know where in the building it is located. Introducing self-contained Bluetooth Smart Beacons or iBeacons as a solution to this problem should not be difficult.

These beacons consist of a power source, a Bluetooth Smart radio and an antenna, all housed inside an enclosure. Beacons work by sending out a packet of data at regular intervals, called the advertising interval. In a museum or aquarium where people walk around, the advertising interval could be one second or more. With an advertising interval of a second, a Bluetooth Smart beacon using Atmel’s BTLC1000 SoC can operate at an average current of under 7 µA and last up to four years on a low-cost CR2032 Lithium coin-cell or longer on a pair of AAA batteries. And the best part is that there are no moving parts — nothing to be loaded onto the beacon except a unique ID or serial number associated with the specific location in the museum or other venue. And the technology is real today. In fact, beacons from Apple (known as iBeacons) are already being deployed in select retail locations such as Disney stores and throughout their own Apple stores. Some iBeacons apps simply run on iPhones and iPads, while others use dedicated low-power and low-cost hardware.

Let’s consider the entire system and the lifecycle cost of a location-based system of beacons and a smartphone application versus individual content loaded at particular exhibit locations. In this scenario, the largest upfront cost of the solution will be that of developing the website and/or the app. The price of the beacons will be negligible by comparison.

Deployment of the beacons can be accomplished using a different app that can register each beacon to a location and associate it with specific content. Once deployed, the beacons need not be reprogrammed or upgraded. Their ID is simply linked to content located on a server, which can be updated whenever necessary.

Another nice feature of this system is that trained employees are accustomed to loading content onto web servers. There are very few people who are adept at re-recording audio files onto a 20-year-old talking box or repairing it’s worn out pushbutton. Deployment of the app would be done through the app stores for Google, Apple and other phone OS suppliers. Maybe you could even get started by scanning a single QR code when you enter the venue. But that would be the last of the dreaded QR codes you would need to scan.

Using Bluetooth beacons, an experience such as the North Carolina Aquarium could actually be enhanced by technology in a way that is truly indistinguishable from magic. Some other applications, many of them not new, that I think could benefit from this technology include:

Sports like skating, motorsports, and swimming/diving: to enhance safety and enjoyment.
Retail stores: to provide special discounts and on-the-spot information.
Car dealerships: to offer information to those driving by.
Amusement parks: to advise patrons about waiting times or to help staff manage crowd traffic.
Art galleries: to improve spectators’ experiences without taking anything visual away from the exhibits by cluttering the gallery with QR codes.
In the dining room: Based on being near a beacon, the entire family’s devices can go into a silent “family time” mode that would turn off ringers and even disable texting. Similarly, restaurants, churches, funeral homes, conference rooms and other settings could implement an automatic cellphone quiet zone for those who didn’t want to forget to turn off their ringers.
At home or in the car: to customize the operation of a phone or tablet in specific ways based on a person’s preferences.
Public buildings or on streets: to ease wayfinding for the visually-impaired.
Senior centers: to help the elderly or those with disabilities regain independence by pairing with a wearable device.

Coincidentally, I saw this on the way home the other day. While I still don’t know any details, the concept of using beacons got me thinking.

What are the chances that some will pull my car over, get out, and scan the QR code on this outdoor sign? If like me, probably slim to none. The same goes for those who are looking to buy real estate and are driving in their vehicles. What good is the QR code to you in this situation?

Unless I’m walking or want to go through the trouble of getting out of my vehicle to scan the sign, or worse yet try and scan the sign while driving, I probably won’t utilize the attached QR code. Using beacons will not only eliminate risks, but will expedite the process altogether. What if we enable the real estate apps with access to the mobile device’s Bluetooth? Now we can look for Bluetooth beacons placed strategically at properties that are for sale and collect information about properties without getting out of the vehicle, and even more importantly, without taking our eyes off the road.

There is enormous potential for the use of Bluetooth Smart beacons anywhere signs are posted and wherever further information is available online. The real estate market is just one of many example use cases, where the implementation of beacons could be a key differentiator for companies willing to become early adopters.

You do have to focus on the revenue generating applications, but there are countless other applications where QR codes located on larger signs could be replaced by beacons to make it easier to access information and reduce the total size and number of signs.

One example is this QR code-equipped sign to encourage people to walk instead of driving their cars…

Or this one that provides fitness information to those taking a stroll along the public greenway trail…

These are just a few the ways that Bluetooth beacons can help make the world a better place. A new thinking in terms of apps and getting people to install them is necessary for success. However, if the value of the information becomes high enough, it will happen. Hopefully you will think of more applications and ways to design Bluetooth Smart beacons to support them. And when you do, be sure to look at the lowest power and lowest total bill-of-material cost solutions from Atmel.

3 design hooks of Atmel MCUs for connected cars

2 Replies

The MPU and MCU worlds are constantly converging and colliding, and the difference between them is not a mere on-off switch — it’s more of a sliding bar.

In February 2015, BMW reported that it patched the security flaw which could allow hackers to remotely unlock the doors of more than 2 million BMW, Mini and Rolls-Royce vehicles. Earlier, researchers at ADAC, a German motorist association, had demonstrated how they could intercept communications with BMW’s ConnectedDrive telematics service and unlock the doors.

BMW uses SIM card installed in the car to connect to a smartphone app over the Internet. Here, the ADAC researchers created a fake mobile network and tricked nearby cars into taking commands by reverse engineering the BMW’s telematics software.

The BMW hacking episode was a rude awakening for the connected car movement. The fact that prominent features like advanced driver assistance systems (ADAS) are all about safety and security is also a testament is that secure connectivity will be a prime consideration for the Internet of Cars.

Built-in Security

Atmel is confident that it can establish secure connections for the vehicles by merging its security expertise with performance and low-power gains of ARM Cortex-M7 microcontrollers. The San Jose, California-based chip supplier claims to have launched the industry’s first auto-qualified M7-based MCUs with Ethernet AVB and media LB peripherals. In addition, this high-end MCU series for in-vehicle infotainment offers the CAN 2.0 and CAN flexible data rate controller for higher bandwidth requirements.

Nicolas Schieli, Automotive MCU Marketing Director at Atmel, acknowledges that security is something new in the automotive environment that needs to be tackled as cars become more connected. “Anything can connect to the controller area network (CAN) data links.”

Schieli notes that the Cotex-M7 has embedded enhanced security features within its architecture and scalability. On top of that, Atmel is using its years of expertise in Trusted Platform Modules and crypto memories to securely connect cars to the Internet, not to mention the on-chip SHA and AES crypto engines in SAM E70/V70/V71 microcontrollers for encryption of data streams. “These built-in security features accelerate authentication of both firmware and applications.”

He explained how the access to the Flash, SRAM, core registers and internal peripherals is blocked to enable security. It’s done either through the SW-DP/JTAG-DP interface or the Fast Flash Programming Interface. The automotive-qualified SAM V70 and V71 microcontrollers support Ethernet AVB and Media LB standards, and they are targeted for in-vehicle infotainment connectivity, audio amplifiers, telematics and head control units companion devices.

Software Support

The second major advantage that Atmel boasts in the connected car environment is software expertise and an ecosystem to support infotainment applications. For instance, a complete automotive Ethernet Audio Video Bridging (AVB) stack is being ported to the SAM V71 microcontrollers.

Software support is a key leverage in highly fragmented markets like automotive electronics. Atmel’s software package encompasses peripheral drivers, open-source middleware and real-time operating system (RTOS) features. The middleware features include USB class drivers, Ethernet stacks, storage file systems and JPEG encoder and decoder.

Next, the company offers support for several RTOS platforms like RTX, embOS, Thread-X, FreeRTOS and NuttX. Atmel also facilitates the software porting of any proprietary or commercial RTOS and middleware. Moreover, the MCU supplier from San Jose features support for specific automotive software such as AUTOSAR and Ethernet AVB stacks.

Atmel supports IDEs such as IAR or ARM MDK and Atmel Studio and it provides a full-featured board that covers all MCU series, including E70, V70 and V71 devices. And, a single board can cover all Atmel microcontrollers. Moreover, the MCU supplier provides Board Support Package for Xplained evaluation kit and easy porting to customer boards through board definition file (board.h).

Beyond that, Atmel is packing more functionality and software features into its M7 microcontrollers. Take SAM V71 devices, for example, which have three software-selectable low-power modes: sleep, wait and backup. In sleep mode, the processor is stopped while all other functions can be kept running. While in wait mode, all clocks and functions are stopped but some peripherals can be configured to wake up the system based on predefined conditions. In backup mode, RTT, RTC and wake-up logic are running. Furthermore, the microcontroller can meet the most stringent key-off requirements while retaining 1Kbyte of SRAM and wake-up on CAN.

Transition from MPU to MCU

Cortex-M7 is pushing the microcontroller performance in the realm of microprocessors. MPUs, which boast memory management unit and can run operating systems like Linux, eventually lead to higher memory costs. “Automakers and systems integrators are increasingly challenged in getting performance point breakthrough because they are running out of Flash capacity,” explained Schieli.

On the other hand, automotive OEMs are trying to squeeze costs in order to bring the connected car riches to non-luxury vehicles, and here M7 microcontrollers can help bring down costs and improve the simplification of car connectivity.

The M7 microcontrollers enable automotive embedded systems without the requirement of a Linux head and can target applications with high performance while running RTOS or bare metal implementation. In other words, M7 opens up avenues for automotive OEMs if they want to make a transition from MPU to MCU for cost benefits.

However, the MPU and MCU worlds are constantly converging and colliding, and the difference between them is not a mere on-off switch. It’s more of a sliding bar. Atmel, having worked on both sides of the fence, can help hardware developers to manage that sliding bar well. “Atmel is using M7 architecture to help bridge the gap between microprocessors and high-end MCUs,” Schieli concludes.

Majeed Ahmad is the author of books Smartphone: Mobile Revolution at the Crossroads of Communications, Computing and Consumer Electronics and The Next Web of 50 Billion Devices: Mobile Internet’s Past, Present and Future.

Why should you care about securing your IoT devices?

1 Reply

In this blog, Zymbit’s Scott Miller reviews some of the security features of Zymbit.Orange, how they work, and more importantly, why they matter.

Internet of Things (IoT) devices are, by nature, light on resources, diverse, widely proliferated and often at the ‘edge’ of the network beyond the control of any network administration; perfect ingredients for digital chaos and anarchy!

Cloud and big data applications depend on the quality of the data they ingest and key factors in quality are the authenticity, integrity and privacy of data they collect from the edge for the network. For the IoT to get real sustainable traction, the data coming from such edge devices must be “trusted” — from the core silicon all the way to the data services.

Fortunately, the Zymbit platform addresses many of the common security threats found in real world applications, whether using embedded ARM CPUs or Maker development boards. For Raspberry Pi and Arduino developers, Zymbit.Orange IoT motherboard makes it easy for developers to implement applications with secure access to communications interfaces as well as cryptographic services. What’s more, Zymbit.Orange can also be used standalone.

In this blog, Zymbit VP of Embedded Scott Miller reviews some of the key security features of Zymbit.Orange, how they work, and more importantly, why they matter.

Who Should Read This Blog?

Anyone building IoT devices who is not a security expert, and doesn’t have the time or budget to become one;
Anyone who has deployed a connected embedded design;
Any Maker using Raspberry Pi or Arduino at the edge of the network… and now needs to add security.

Security Considerations for IoT Edge Devices

Securing IoT devices requires a system architecture that addresses some fundamental needs. Let’s take a look at them:

Data Privacy

Generally speaking, data should be kept private if it is integral to a proprietary process or if it is personal in nature. In each case, the data must be protected from prying eyes using encryption techniques that extend from the publishing source — the IoT edge device — to the cloud and onwards to subscribers. Additionally, the administrator of the data should be able to select who or what is able to subscribe to the data stream.

Data Authentication

Most data transactions/interactions are based upon the assumption that you know that the data really came from the presumed edge device. But how can you be sure? And, how can you be sure that your subscribers are receiving that authentic data?

In order for data to be trusted, it must be proven that it originated from a given edge device at the time that it was reported to have been recorded. Data authentication can be accomplished in many ways, but a digital signature is generally regarded as one of the most secure. One application of a digital signature applied to a timestamped block of data involves computing a one-way hash (e.g. SHA-256) of the timestamped data block and then asymmetrically encrypting the hash using a private key. When the data is received at the cloud, the hash of the data is computed and is compared to the hash that accompanied the data block after it is decrypted using the public key. If the hashes are the same, the data is optionally stored on the Zymbit cloud server along with the signature and transferred to the subscribers in a manner similar to the way the edge device transferred it to the cloud.

IP Protection & Threats from Counterfeits

Counterfeit products have an adverse economic impact on businesses and they also introduce serious vulnerability into enterprise systems. In the industrial sectors there have been numerous examples of ‘black market’ spares and generic devices that have introduced back doors into large scale enterprise systems, so much so that the U.S. Government has its own hotline for reporting such breaches.

Zymbit.Orange employs a number of architectural strategies with the goal of protecting software IP:

Isolate embedded services in special purpose hardware (e.g. dedicated embedded CPUs) so that it becomes harder to “hack & crack” an application running on an app CPU:

Some of these embedded services include:
- Securely transacting data through otherwise unsecured channels:
  - Ethernet
  - Wi-Fi
  - Cellphone modem
  - Low-power radio
- Interacting with and controlling attached user interfaces
- Collecting physical data from sensors that are serviced by the embedded services hardware cluster
- Generic encryption/decryption and data authentication/validation
- Application image update and application health monitoring
These isolated embedded services require valid credentials in order to authenticate the users (e.g. applications running on Arduino or Raspberry Pi) of those services.
The special purpose CPUs must have their hard programming paths (e.g. JTAG or SWD) disabled so that the firmware that runs on them cannot be hijacked, replaced or corrupted.
Tamper event detection (e.g. attempts to open the case or manipulate the real time clock) — when a tamper event is detected various actions can be taken. Some of these actions might include:
- Recording the tamper event
- Deliberately “bricking” the system by erasing critical firmware
- Erasing critical data which would take the system offline
- The above actions can be configured by the system administrator

Application designers must have the means to encrypt and attach digital signatures for the application images they produce. Image decryption and signature validation are accomplished using the embedded services mentioned above.
Software updates can be exclusively disseminated via a secure cloud network utilizing encryption and image authentication.

Malicious Attack Defense

Although we aren’t hearing too much about it yet in the press, malicious attacks will soon be launched on IoT devices in a manner similar to PC viruses and cell phones today. Motivations will range from ‘hackers because they can’ to corporate espionage to cyber terrorism. And the the consequences of such attacks can be much more serious than data loss; many IoT devices interact with the physical world and that can cause bodily harm even loss of life. If you think this is sensationalist then wait until the first examples begin to surface.

The good news is that the serious innovators amongst us are thinking about this and looking for solid and practical solutions. Malicious attacks can be prevented or made very difficult to achieve using the same countermeasures we reviewed earlier in IP protection.

Securing Your Edge Devices – Raspberry Pi and Arduino, Too

We love the accessibility and affordability of open source devices and support the communities that are building amazing applications using Arduino and Raspberry Pi. Yet neither was designed with core security in mind and consequently, before applications can be scaled, their vulnerabilities need to be addressed. So let’s first explain their security shortcomings:

Security Vulnerabilities – Raspberry Pi:

No built in cryptographic engine
- While the Pi can perform encryption in software, overall performance suffers as a result.
Removable SD card – no physical security
- This means that an attacker with direct access to a Raspberry Pi based device can steal and clone the software and data on the card or deliberately corrupt the contents of the card.
No secure key store
- Because the SD card is removable and the SD card is the only means of storing anything on the Pi, shared static keys and private certificates are now completely viewable and modifiable. Even if one chooses to encrypt a data volume for key and certificate storage, the key for decrypting the data volume must be exposed at some point. This fact makes data authentication on the Pi infeasible.
Susceptibility to power cycling exploits
- Because there is frequently no intrusion detection or monitoring, simple repeated power cycling of the device may lead to failure and thus denial of service.
Lack of real-time clock
- Prevents the system from responding properly in case of communications outage.

Security Vulnerabilities – Arduino:

No built in cryptographic engine
- Crypto shields are available for purchase, but packaging Arduino shields tends to be very clumsy and difficult to deploy, not just due to the physical size issues associated with stacking shields but also because the Arduino shield framework suffers from resource bus (SPI/I2C) and GPIO pin allocation issues, so simply stacking a new shield on an Arduino may prove to be impossible when other shields are stacked.
No way to validate or secure the Arduino executable image if the debugging/programming interface is available. Even if an Arduino based “thing” had a crypto shield attached, an attacker with direct access could potentially:
- Corrupt or erase the executable image.
- Gain access to shared keys stored in RAM or flash.
- “Patch” in their own code which would allow them to take control of the system.
Many Arduinos have very limited amounts of RAM and flash, making it extremely difficult to implement robust, secure communications solutions.

Zymbit has solved these problems for Raspberry Pi and Arduino developers by implementing an isolated security framework on the Zymbit.Orange IoT motherboard.

Adding Security With the Zymbit.Orange IoT Motherboard

At the heart for the Zymbit.Orange architecture is a Secure Services Cluster that isolates edge facing application CPUs from each other and from the outbound network connection. Isolation is achieved using a combination of data security (authenticate and encrypt), power security (turn off the CPU) and physical security (tamper proof and enclosure intrusion detection).

We use Atmel silicon for all three aspects of security because their solutions are well thought out, affordable and have good performance characteristics.

Secure Silicon Review

The security services cluster within Zymbit.Orange is comprised of three blocks:

Secure Communications Hub

Atmel | SMART SAM E70 – high performance advanced connectivity CPU
Primary purpose:
- Provides secure access to communications and UI interfaces
- Performs tamper detection
- Provides secure software updates for applications processors via the Zymbit cloud
CPU features:
- 300MHz Cortex-M7
- AES encryption engine
- Low latency TRNG (True Random Number Generator)
- Integrity Check Monitor (ICM) for generating and comparing digests of certain memory areas

Supervisory MPU

Atmel | SMART SAML21J17A – ultra low-power microcontroller unit
Primary purpose:
- Power supervision and monitoring
- Real-time clock
- Secure programming and debugging interface for the on-board Arduino Zero application CPU
CPU features:
- 48MHz Cortex-M0+
- AES encryption engine
- Low latency True Random Number Generator (TRNG)

Secure Key Generation and Storage

Atmel ATECC508
Primary purpose:
- Asymmetric (public key) crypto
- Digital signature generation/validation
- Password validation
Features:
- Secure key storage
- Asymmetric encryption
- Ephemeral key generation

Using these components, Zymbit.Orange provides a secure interface to all essential services for user applications running on the on-board Arduino Zero and/or Raspberry Pi. The dedicated on-board hardware significantly increases the overall security of these platforms without interfering with user applications. It is just as easy to develop an Arduino or Linux project on Zymbit.Orange from scratch or to adapt an existing application to take advantage of the on-board services because they do not interfere with the application CPU programmability.

SecureAxcess is a secure and encrypted USB token

2 Replies

This cybersecurity solution will keep the bad guys away from your personal information.

With each week seemingly bringing news of another data breach, it’s no wonder a vast majority of people are gripped by anxiety. Fortunately, one Clearwater, Florida startup has developed a new way to put that uneasiness to rest, by ensuring that their most sensitive information is protected from malicious hacking, phishing, snooping, mining and any other form of cyber crimes. Vir-Sec’s solution? The aptly named SecureAxcess.

The company has created and patented what they are billing as “the world’s first, and only, method of secure communication.” Designed with speed and simplicity in mind, a user plugs the flash drive-like token into the USB port of any computer, enters their password and launches a “browser-less” platform called SecureCommunique — a closed messaging, file transfer and chat application that operates inside of SecureAxcess. This limited distribution tool enables users to send emails and documents, as well as engage in other forms of communication in a secure environment, without the threat of intruders. What’s more, the individual’s data and login page cannot be accessed by anyone other than them, and their token.

“It has the look and feel of a browser, but it’s not one! Browsers are bad for accessing secure data. Most major vulnerabilities and methods of attack come from browsers. Eliminating the browser eliminates that threat,” its creator Chris Murphy explains. “The IP address is constantly shifting and is unique to your token so hackers can’t find where to try and break in. It’s like your front door keeps moving around and you can only find it if you have the correct key.”

SecureAxcess also promises true two-factor authentication, requiring both something physical (their token) and something a user knows (their password) in order to access the confidential data.

“When you physically go to the bank, do you just give a name and password to withdraw cash? Of course not, but then why have we allowed it to be so online? Our token acts like you online, physically showing you are who you say while accessing important data,” Murphy adds.

Another nice feature is that the program runs entirely from RAM on the token itself, not the computer. Reason being, hackers can compromise browsers and other installed software quite easily. As for its hardware, the pocket-sized device is based on an Atmel | SMART SAMA5 Cortex-A5 MPU and boasts built-in cryptographic security (AES).

“The best way to secure data is to allow authentication to happen at a secure, off-site location, free from software and browsers. Also you can’t open the token and access the parts. The token is a solid fused piece of plastic that cannot be opened without destroying the data.”

Looking for a peace of mind when it comes to safeguarding your online information? Head over to SecureAxcess’ official Kickstarter page, where Vir-Sec is currently seeking $250,000.

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Share this:

Like this:

Built-in Security

Software Support

Transition from MPU to MCU

Share this:

Like this:

Who Should Read This Blog?

Security Considerations for IoT Edge Devices

Securing Your Edge Devices – Raspberry Pi and Arduino, Too

Adding Security With the Zymbit.Orange IoT Motherboard

Secure Silicon Review

Share this:

Like this:

Share this:

Like this: