Tag Archives: Bits & Pieces

RIOTing with the Internet of Things

RIOT is an open-source operating system (OS) designed to power the rapidly evolving Internet of Things (IoT).

Licensed as LGPL, RIOT was initially developed by FU Berlin, INRIA and the HAW Hamburg. 

Indeed, the origins of RIOT can actually be traced back to FeuerWare, an operating system for fire crews and their wireless sensor networks.

The operating system — which is based on a microkernel architecture — supports both C and C++, as well as full multi-threading and real-time capabilities. RIOT provides utilities like cryptographic libraries, data structures, or a shell, different network stacks, and support for various microcontrollers, radio drivers, sensors, and configurations for entire platforms.

RIOT_network_architecture_dark_updated

The RIOT runs on both 16-bit and 32-bit hardware, with a native port allowing RIOT to run as a Linux or MacOS process. This helps facilitate the use of standard development and debugging tools such as the GNU Compiler Collection (GCC), GNU Debugger, Valgrind and Wireshark. RIOT runs on several platforms including embedded devices as well as common PCs, and supports multiple drivers, which offers out-of-the-box usage. The hardware dependent code is reduced to a minimum and abstracted from the kernel itself.

Among the architectures RIOT supports are ARM Cortex-M0, -M3 and -M4, as well as the ARM7. Subsequently, the IoT operating system is compatible with a number of boards like the Arduino Due (SAM3X8E), the Atmel ATmega2560 and the Nordic nRF51822 (ATSAM3U2C). RIOT also provides multiple network stacks, including IPv6, 6LoWPAN and standard protocols such as RPL, UDP, TCP and CoAP.

ArduinoDue_Front

Simply put, RIOT is free software, meaning Makers and engineers can redistribute and modify the OS. Software developed by the RIOT community is available under the terms of the GNU Lesser General Public License as published by the Free Software Foundation, version 2 (LGPLv2).

Interested in learning more? As a community project, you can find RIOT’s source code on GitHub as well as download its latest release here.


Designing IoT devices with Thingsquare and SAM R21



As we’ve previously discussed on Bits & Pieces, a number of recent Thingsquare demos have been powered by Atmel’s versatile SAM R21 Xplained PRO evaluation board – illustrating the seamless integration of Thingsquare’s software stack with Atmel’s new SAM R21 ultra-low power wireless microcontroller (MCU).

According to Atmel Product Marketing Director Magnus Pedersen, the SAM R21 allows Atmel’s customers to easily develop connected lighting, smart metering and wireless sensor network systems based on true Internet-connectivity and open standards such as IPv6 and 6lowpan.

“Our customers are demanding complete, easy-to-use IoT solutions that can quickly bring a full system to market,” said Pedersen. “Our cooperation with Thingsquare is an example of that, with a web-based toolchain and open source firmware to offer our customers a fully integrated hardware and software solution for various IoT applications.”

Recently, a Thingsquare rep told Bits & Pieces that a number of engineers and Makers are choosing the SAM R21 and the Thingsquare system to build secure and future-proof Internet of Things (IoT) applications and connected devices.

“The Thingsquare system and the SAM R21 SoCs follow you throughout the entire process from idea to market,” the rep explained. 

”The system supports IPv6 / 6lowpan, wireless mesh networking, firmware updates and end-to-end encryption. You can also easily build smartphone applications to interact with your SAM R21-powered devices.”

Interested in learning more? To quickly set up a prototype, you can use the Thingsquare system with SAM R21 Xplained Pro boards, as described here. Of course, Thingsquare can also help with your entire software project as well.

For additional information, contact sales@thingsquare.com. For hardware-related questions, contact Atmel.

Arietta G25 SoM eyes open hardware baseboard

As we’ve previously discussed on Bits & Pieces, the Arietta G25 is an uber-mini system-on-module powered by Atmel’s versatile SAM9G25 ARM9 processor.

According to CNX-Software, Acme Systems, the company that manufactures the board, is now considering designing an open source hardware baseboard for the module.

If produced, the baseboard would likely feature:

  • Arietta G25 SoM connector (Vertical mount)
  • 1x USB Host port
  • I2C Sensors –  temperature, humidity sensor and light
  • Mosfet output for RGB led strip
  • 2x relay output
  • 1x filtered dry input
  • 2x servo RC motors output
  • Audio interface with embedded microphone and jack for PC speakers using Wolfson WM8731 codec
  • Expansion headers for external modules

Interested in learning more? The initial schematic is already available here, while feedback for the potential open hardware baseboard can be submitted here on the company forums.

The “Key” to Reality

If we wanted to reduce the definition of authentication to its most Zen-like simplicity, we could say authentication is “keeping things real.” To keep something real you need to have some sort of confirmation of its identity, as confirmation is the key (so to speak).

The equation could be as follows:

Identification + Confirmation = Authentication

Confirming or validating the identity of a document, item, data, etc. is what keeping things real is all about. Some of the “things” that can be authenticated with cryptographic methods are mobile, medical, and consumer accessories; embedded firmware; industrial network nodes; and sensors, among others. Soon IoT and vehicle-to-vehicle communication will join in.

Authentication is far more important than many people realize, especially in our growing hyper-connected world that now links billions of people (and things). In cyber-land, authentication is accomplished by deploying cryptographic keys and algorithms. Keys are fundamental to keeping things real—so that is what we mean by “the key to reality.”

Key real 1

There are two primary types of Authentication: Symmetric and Asymmetric. Atmel offers secure key storage devices for both types. These two important techniques take their names directly from whether the keys on each side (i.e. the host and client sides) are the same or different.

Symmetric Authentication

If the same secret key is used on the client and on the host, then the application is symmetric, just like the name suggests. Both of the symmetric keys must be protected because if either one gets out then the security will be lost. This is perhaps analogous to having two sets of car keys. Meaning, losing either one makes it easy for a thief to drive away with your car. So, the secret keys must stay secret.

Key sym

Symmetric Keys are the Same

The identical keys on the host and client are used in mathematical calculations to test the reality of client devices. A very common mathematical calculation that is used is a hash function based upon a cryptographic algorithm (such as SHA). A hash operation produces a hash value (also called “digest”), which is a number of a specified length that is usually smaller than the numbers used as the inputs. A hash is a one-way operation, which means that the inputs cannot be recreated from the hash value.

With symmetric authentication a typical process is to challenge the client device to be authenticated by sending it a random number. The client then puts the random number challenge and a secret key into the hash algorithm to create a hash value, which is known as the “response.” Each challenge will generate a unique response.

It should be noted that cryptographers call a hash of a random number with a secret key a “Message Authentication Code” or “MAC.” The diagram below illustrates this process. Because the host key is the same on the host and client sides, the exact same calculation can run on the host. Once that happens, the hash values (“MACs”) from each can be compared. If the hash values match, the client is considered to be real. You can see that symmetric authentication is really a simple process, but it is loaded with mathematical elegance. Now let’s look at asymmetric authentication.

Hash Value 1

Hashing a Random Number with a Secret Key

 

Asymmetric Authentication.

Asymmetric keys are presented in public-private pairs. More specifically, the public and private keys are related to each other via a mathematical algorithm. An example would be the Elliptic Curve Cryptography (or “ECC”) algorithm. Only the private key has to be securely stored. Because the keys are different, asymmetric authentication cannot use the same calculate-and-compare process as symmetric.

Asymmetric requires more complicated techniques such as making digital signatures that are verified for authenticity (this is called “Sign-Verify”). An example of asymmetric authentication using ECC algorithms is Elliptic Curve Digital Signature Algorithm (or “ECDSA”).  A major benefit of the Atmel ATECC108A device is that it can be used to easily implement ECDSA sign-verify. (The steps of ECDSA are very interesting, but they will be covered in a separate article). Note that an important trade-off between symmetric and asymmetric authentication is the speed of operation. For example, authentication time for the Atmel ATSHA204A is 12ms (typical) for symmetric versus more than a second for many microcontrollers to execute an asymmetric ECDSA operation.

Getting back to the keys:   The secret keys must stay secret. If keys are the keys to authentication (i.e. reality),  then secure storage of the secret keys is the key to SECURE authentication. And that is the real point here.

So the, how is secure storage implemented? The best way is to use hardware key storage devices that can withstand attacks that try to read the key(s). Atmel CryptoAuthentication products such as the ATSHA204AATECC108A  and ATAES132 implement hardware-based storage, which is much stronger than software based storage because of the defense mechanisms that only hardware can provide against attacks. Secure storage in hardware beats storage in software every time. Adding secure key storage is an inexpensive, easy, and ultra-secure way to protect firmware, software and hardware products from cloning, counterfeiting, hacking, as well as other malicious threats.

For more details on Atmel CryptoAuthentication products, please view the links above  or the introduction page CryptoAuthentication. Future Bits & Pieces articles will take in an in-depth look at how symmetric and asymmetric authentication is accomplished.         

Building a tinyAVR pocket sequencer

Earlier this week, Bits & Pieces took a closer look at an ATtiny85-powered ultrasonic ruler designed by a Maker named “bergerab.”

Today, we’re going to get up close and personal with an ATtiny pocket sequencer created by bergerab that uses the very same tinyAVR microcontroller (MCU). 

Built around the popular ATtiny85, the pocket-sized sequencer is fully programmable and usable in a studio setting.

“Besides making a pocket-sized sequencer, my goal of this project was to stretch the uses of the ATtiny chips to show how powerful they really are,” bergerab explained a recent Instructables post.

“This project is great for those interested in music and/or electronics, and by the end you will have one of the smallest, unique sequencers ever made.”

Aside from the ATtiny85 MCU, key project components include:

  • 

Perfboard (5 cm by 7 cm)
  • Two 10k potentiometers
  • Two tactile switch-buttons
  • Two two-way switches
  • A 7805 voltage regulator
  • Two 10uF caps
  • One 100uF cap
  • One 2k resistor
  • 8 LEDs
  • 74HC595 shift register
  • 1/4 inch audio female jack
  • Speaker/buzzer
  • 9v Battery (with connector)
  • (optional) 5cm by 7cm acrylic sheet

On the software side, bergerab uses a relatively simple sketch to regulate the device.

“In my design of this sequencer, I wanted the user to program the steps right when the device is turned on. To do this I used the ‘setup()’ function, [which] is executed when the ATtiny is initially given power, or if its reset pin is set to LOW,” he continued.

“I added a startup tone (which is a little arpeggio of a c major chord) to notify the user that they are in the frequency programming mode. In the main loop (‘loop()), the ATtiny is told to go through each step, and for each step, light the appropriate LED. Then play the note assigned to that step, at the specified note length. During this, the MCU is checking if the button (analogRead(pot)<30) is pressed. If it is, the program enters a function called ‘setSustain()’. In this function, the user can select the notes length, (via the button and potentiometer).”

Interested in learning more? You can check out the project’s official Instructables page here.

Super Awesome Sylvia is at the White House!

Sylvia Todd – aka Super Awesome Sylvia – has been creating and making things since she was five. Sylvia, who learned how to solder when she was 7, also hosts her very own MAKE YouTube show.

Today, Bits & Pieces had the opportunity to interview the young Maker about DIY culture and Making at the very first White House Maker Faire – which Atmel is proudly attending.

Atmel: Who, or what inspired you to become a Maker?

Sylvia: I was inspired to be a Maker/make things when I went to the very first San Mateo Maker Faire in 2006 when I was 5. That event and the ones after it showed me that making is fun, interesting, and [helps] you learn lots of new skills. After that weekend, I wanted to solder and build and take apart things even more!

Atmel: How do you feel about being chosen to attend the very first Maker Faire at the White House?

Sylvia: I am so happy and honored that I was invited to attend the White House Maker Faire. It is pretty amazing that after being inspired by the Maker Movement to create my show back in 2009, I eventually became one of the people that helped others get into Making!

sylviaawesome



Atmel: How do you think the Maker Movement democratizes the tools and skills necessary to design and create just about anything?

Sylvia: I think the Maker Movement helps give us the knowledge resources to create lots of stuff, through sharing! The internet allows us to find and share projects, sell projects, and even show others how to make things. Sharing how to’s and project details really can inspire people to get out there and make something, even if it’s not exactly what they’re trying to make, it helps them learn by doing.

Atmel: What projects of yours are powered by Atmel-powered Arduino boards or stand-alone MCUs?

Sylvia: 

I have a book coming out next moth that shows three super simple Arduino projects for beginners, all using the Arduino Uno as the base. I am also going to use the Arduino in many other projects and might soon design a custom circuit board around the ATmega328 MCU for a kit. One of my older projects was an Arduino and GPS powered RC car that could navigate around my house, and one of my latest ideas is a sensor that senses when the mail truck comes and tells me by switching on a servo to ring a bell.

Atmel: How do you think the Maker Movement and DIY culture make the world a better place?

Sylvia: I think the Maker Movement will change the world because when you have lots of people thinking of new ideas or inventions and sharing their work and results, we could solve really big issues faster! Also when kids grow up in an environment of making, they’ll be more willing to fix or reuse things instead of just throwing them away, and they’ll be making themselves smarter about the world at the same time. Making stuff rocks!

Hardware key storage stops the bleeding

The Heartbleed security bug is a really big deal, especially given today’s hyper-connected, information obsessed society. This nasty bug, which has been characterized as “catastrophic” by industry gurus, permits anyone on the Internet to access the memory of systems using various versions of OpenSSL software. This is ironic since that very software was specifically designed to protect data.

Nevertheless, Heartbleed exposes secret keys used for authentication and encryption, which are the two primary foundations of how security is generally ensured. By exposing keys Heartbleed thus exposes actual data, user names, and user passwords to anyone. This is virtually everything. Ouch!   Attackers (i.e. hackers, cybercriminals, spies, state-sponsored electronic armies, and others with malevolent intent) can observe and steal data without a trace, which is virtually the literal industry definition of the term “man-in-the-middle” attack.

The threat that Heartbleed represents has rightly gained widespread attention. Fortunately, such attention has stimulated a major market reaction and lead to whole scale changing of user passwords, proliferation of patches, and other fixes. It has also brought the need for more extensive code testing into the open. Heartbleed and other major security revelations are making people look at security much more seriously, which also extends to embedded systems.

Frankly, it is about time. Embedded system insecurity gained major notoriety recently with the revelation that commercial WiFi routers have old and buggy firmware that can be used as a back door into home and commercial networks. Such loopholes were in fact used by a criminal organization in Eastern Europe to steal cash. The risk was amplified by the revelation that mischievous “agencies” tasked with collecting and processing information without permission can exploit the vulnerabilities at will.

heartbleed 1

Embedded system firmware insecurity affects individuals, institutions, governments, and corporations—which is pretty much everyone. Highly respected market researchers have noted that bad behavior and bad actors are running rampant. For example, the number of active threat groups being tracked has risen to over 300, which is more than 400% higher than in 2011. Nation-states have become hyper-active in cyber-espionage and hacking. This is because it is now possible to literally upload damage to a target, which is kind of a science fiction scenario come true.

In the same vein, secret information is easily downloaded, especially with security vulnerabilities from Heartbleed, router back-doors, and others. More than 95% of networks have become compromised in some way, and directed attacks will only get worse as mobile platforms continue to expand worldwide. An unnerving figure is that vulnerable systems placed on the Internet are being compromised now in less than 15 minutes. That is not really a surprise given the wildly disproportionate cost / ”benefit” of cyber meddling, which is devilishly tempting to malicious operators.

The security situation is extremely complicated for embedded systems because embedded firmware is highly fragmented, difficult to update, hard to track, often obsolete, hard to access, and employs a wide range of processors and code languages. The router loopholes mentioned above are in fact a direct expression of the vulnerabilities endemic to embedded systems and the severe damage those vulnerabilities can cause downstream. It is now clear that embedded system vulnerabilities affect everyone. So, the question becomes, “What can be done to increase security in embedded systems?”

shield 1

As Heartbleed and cyber attacks have illustrated, encryption and authentication keys must be protected. There is no other option. Cryptography may be mathematically and systematically ultra-detailed and uber-complicated, but the most important and fundamental security concept is beyond simple: namely, “Keep the secret keys secret.”  The best way to do that is to lock the secret keys in protected hardware devices.

Hardware key storage beats software key storage every time, which is one of the “key” lessons of the recent vulnerability revelations. But how does an embedded system manufacturer ensure their products are secure and protected from attack? Fortunately, the solution is simple, available, and cost effective, and that is to use hardware key storage devices such as Atmel’s ATSHA204AATECC108A  and ATAES132.

These products are all designed to secure authentication by providing a hardware-based storage location with an impressive range of proven physical defense mechanisms, as well as secure cryptographic algorithms and processes. Go to the links above for more details or the introduction page CryptoAuthentication.

Future Bits & Pieces posts will describe the different types of authentication and the various steps that the devices and associated processors implement.