Tag Archives: Cloud IoT

Why connect to the cloud with the Atmel | SMART SAM W25?

The “thing” of IoT does not have to necessarily be tiny. 

The Atmel | SMART SAM W25 is, in fact, a module — a “SmartConnect Module.” As far as I am concerned, I like SmartConnect designation and I think it could be used to describe any IoT edge device. The device is “smart” as it includes a processing unit, which in this case is an ARM Cortex-M0-based SAMD21G, and “connect” reminds the Internet part of the IoT definition. Meanwhile, the ATWINC1500 SoC supports Wi-Fi 802.11 b/g/n allowing seamless connection to the cloud.

What should we expect from an IoT edge device? It should be characterized by both low cost and power! This IoT system is probably implemented multiple times, either in a factory (industrial) or in a house (home automation), and the cost should be as low as possible to enable large dissemination. I don’t know the SAMD21G ASP, but I notice that it’s based on the smallest MCU core of the ARM Cortex-M family, so the cost should be minimal (my guess). Atmel claims the W25 module to be “fully-integrated single-source MCU + IEEE 802.11 b/g/n Wi-Fi solution providing battery powered endpoints lasting years”… sounds like ultra low-power, doesn’t it?

Atmel claims the W25 module to be “Fully-integrated single-source MCU + IEEE 802.11 b/g/n Wi-Fi solution providing battery powered endpoints lasting years”…sounds like being ultra low-power, isn’t it

The “thing” of IoT does not necessarily have to be tiny. We can see in the above example that interconnected things within the industrial world can be as large as these wind turbines (courtesy of GE). To maximize efficiency in power generation and distribution, the company has connected these edge devices to the cloud where the software analytics allow wind farm operators to optimize the performance of the turbines, based on environmental conditions. According with GE, “Raising the turbines’ efficiency can increase the wind farm’s annual energy output by up to 5%, which translates in a 20% increase in profitability.” Wind turbines are good for the planet as they allow avoiding burning fossil energy. IoT devices implementation allows wind farm operators to increase their profitability and to build sustainable business. In the end, thanks to Industrial Internet of Thing (IIoT), we all benefit from less air pollution and more affordable power!

ATSAMW25 Block-DiagramThe ATWINC1500 is a low-power Systems-on-Chip (SoC) that brings Wi-Fi connectivity to any embedded design. In the example above, this SoC is part of a certified module, the ATSAMW25, for embedded designers seeking to integrate Wi-Fi into their system. If we look at the key features list:

  • IEEE 802.11 b/g/n (1×1) for up to 72 Mbps
  • Integrated PA and T/R switch
  • Superior sensitivity and range via advanced PHY signal processing
  • Wi-Fi Direct, station mode and Soft-AP support
  • Supports IEEE 802.11 WEP, WPA
  • On-chip memory management engine to reduce host load
  • 4MB internal Flash memory with OTA firmware upgrade
  • SPI, UART and I2C as host interfaces
  • TCP/IP protocol stack (client/server) sockets applications
  • Network protocols (DHCP/DNS), including secure TLS stack
  • WSC (wireless simple configuration WPS)
  • Can operate completely host-less in most applications

We can notice that host interfaces allow direct connection to device I/Os and sensors through SPI, UART, I2C and ADC interfaces and can also operate completely host-less. A costly device is then removed from the BOM which can enable economic feasibility for an IoT, or IIoT edge device.

The low-power Wi-Fi certified module is currently employed in industrial systems supporting applications, such as transportation, aviation, healthcare, energy or lighting, as well as in IoT areas like home appliances and consumer electronics. For all these use cases, certification is a must-have feature, but low-cost and ultra-low power are the economic and technical enablers.

This post has been republished with permission from SemiWiki.com, where Eric Esteve is a principle blogger and one of the four founding members of the site. This blog first appeared on SemiWiki on November 15, 2015.

Security coprocessor marks a new approach to provisioning for IoT edge devices

It’s worth noting that security breaches rarely involve breaking the encryption code; hackers mostly use techniques like spoofing to steal the ID.

The advent of security coprocessor that offloads the provisioning task from the main MCU or MPU is bringing new possibilities for the Internet of Things product developers to secure the edge device at lower cost and power points regardless of the scale.

Hardware engineers often like to say that there is now such thing as software security, and quote Apple that has all the money in the world and an army of software developers. The maker of the iPhone chose a secure element (SE)-based hardware solution while cobbling the Apple Pay mobile commerce service. Apparently, with a hardware solution, engineers have the ecosystem fully in control.


Security is the basic building block of the IoT bandwagon, and there is a lot of talk about securing the access points. So far, the security stack has largely been integrated into the MCUs and MPUs serving the IoT products. However, tasks like encryption and authentication take a lot of battery power — a precious commodity in the IoT world.

Atmel’s solution: a coprocessor that offloads security tasks from main MCU or MPU. The ATECC508A uses elliptic curve cryptography (ECC) capabilities to create secure hardware-based key storage for IoT markets such as home automation, industrial networking and medical. This CryptoAuthentication chip comes at a manageable cost — 50 cents for low volumes — and consumers very low power. Plus, it makes provisioning — the process of generating a security key — a viable option for small and mid-sized IoT product developers.

A New Approach to Provisioning

It’s worth noting that security breaches rarely involve breaking the encryption code; hackers mostly use techniques like spoofing to steal the ID. So, the focus of the ATECC508A crypto engine is the tasks such as key generation and authentication. The chip employs ECC math to ensure sign-verify authentication and subsequently the verification of the key agreement.

The IoT security — which includes the exchange of certificates and other trusted objects — is implemented at the edge node in two steps: provisioning and commissioning. Provisioning is the process of loading a unique private key and other certificates to provide identity to a device while commissioning allows the pre-provisioned device to join a network. Moreover, provisioning is carried out during the manufacturing or testing of a device and commissioning is performed later by the network service provider and end-user.

Atmel ATECC508A crypto-engine

Presently, snooping threats are mostly countered through hardware security module (HSM), a mechanism to store, protect and manage keys, which requires a centralized database approach and entails significant upfront costs in infrastructure and logistics. On the other hand, the ATECC508A security coprocessor simplifies the deployment of secure IoT nodes through pre-provisioning with internally generated unique keys, associated certificates and certification-ready authentication.

It’s a new approach toward provisioning that not only prevents over-building, as done by the HSM-centric techniques, but also prevents cloning for the gray market. The key is controlled by a separate chip, like the ATECC508A coprocessor. Meaning, if there are 1,000 IoT systems to be built, there will be exactly 1,000 security coprocessors for them.

Certified-ID Security Platform

Back at ARM TechCon 2015, Atmel went one step ahead when it announced the availability of Certified-ID security platform for the IoT entry points like edge devices to acquire certified and trusted identities. This platform leverages internal key generation capabilities of the ATECC508A security coprocessor to deliver distributed key provisioning for any device joining the IoT network. That way it enables a decentralized secure key generation and eliminates the upfront cost of building the provisioning infrastructure for IoT setups being deployed at smaller scales.


Atmel, a pioneer in Trusted Platform Module (TPM)-based secure microcontrollers, is now working with cloud service providers like Proximetry and Exosite to turn its ATECC508A coprocessor-based Certified-ID platform into an IoT edge node-to-cloud turnkey security solution. TPM chips, which have roots in the computer industry, aren’t well-positioned to meet the cost demands of low-price IoT edge devices.

Additionally, the company has announced the availability of two provisioning toolkits for low volume IoT systems. The AT88CKECCROOT toolkit is a ‘master template’ that creates and manages certificate root of trust in any IoT ecosystem. On the other hand, AT88CKECCSIGNER is a production kit that allows designers and manufacturers to generate tamper-resistant keys and security certifications in their IoT applications.