ATmega328 powers paper-thin Printoo board

Printoo – powered by Atmel’s ATmega328 microcontroller (MCU) – is a lineup of paper-thin, low-power boards and modules that offer Makers and devs new levels of creative flexibility.

The open source platform, created by the Ynvisible crew, made its Kickstarter debut this week.

“Printoo is the first development board that is flexible and light enough to bring any of your 3D printed objects to life – no matter what shape it is. Add Internet and Bluetooth connectivity, input, output, motorization, light and motion sensing and power. Even solar, to almost any configuration or weird shape you print,” a Ynvisible rep explained.

“Plug the modules together, tinker with the Arduino sketches we are making available, and use the apps to connect and control Printoo – bringing your ideas to life. [Plus], we built the apps you need to connect Printoo to the Internet. You’ll be able to remotely control your Printoo creations or use them to trigger or perform action on the Web – from your smartphone, tablet or laptop, from anywhere in the world.”

As we’ve previously discussed on Bits & Pieces, the core Printoo module is powered by Atmel’s ATmega328 microcontroller (MCU).

Additional hardware modules include a display driver, battery connector, batteries (soft and ultra-thin), battery holder, sensor module, solar cell connector, conductive ink adapter, DC motor drivers, electrochromic display, organic photodetector slider, polymer solar cell and LED strip.

The Ynvisible crew has also created a number of Printoo-powered demos such as a Bluetooth fan, 3D printed watercraft, solar powered 3D printed hovercraft, “girlfriend communicator,” electronic voter and the Printoo Man.

Interested in learning more? You can check out the project’s official Kickstarter page here.

Day 2: Atmel @ Embedded World

Day 2 of Embedded World 2014 in Nuremberg, Germany has drawn to a successful close. Our jam-packed booth hosted numerous journalists, analysts and industry insiders throughout an exciting day.

Atmel’s booth was also the site of several technical sessions, including embedded Internet technologies, web services and cloud computing, intelligent lighting control networks and ultra-low power system design.

In addition, we showcased a plethora of demos, including a lighting system with secure communication and cryptographic information exchange, capacitive sensing with dual functionality per button, car access systems, embedded microprocessors based on the ARM Cortex core, a battery-powered drill and anti-cloning protection.

Stay tuned for more Atmel Embedded World 2014 updates!

We’ll be back tomorrow for Day 3 of Embedded World in Nuremberg, Germany.

The IoT connects a cast of billions

Based on current estimates, the number of “things” predicted to be connected to the Internet by the end of this decade range from a staggering 30bn to 50bn. However, as Clint Witchalls notes in a recent report sponsored by ARM, having connected “things” is the easy part. More difficult will be getting these things to communicate with each other—where human involvement is still necessary.

“With the traditional Internet it was easy to ‘go it alone.’ Voice over Internet protocol (VoIP) start-ups did not first sit down with telecommunications operators and work out how they would fit together in the ecosystem,” Witchalls explains. “[In] contrast, the IoT tends to follow Metcalfe’s Law, which says that the value of a network is proportional to the square of the number of its users. Thus, a more cooperative approach than that shown in the past by telecoms and Internet companies will be required. Many users are needed to achieve the ‘network effects.'”

Kevin Ashton, who originally coined the term the “Internet of Things” (IoT) in 1999 while working at Proctor & Gamble, draws another clear distinction between the Internet and the IoT. As Ashton points out, the rollout of the traditional Internet happened relatively quickly, with companies granted access to a system that could interoperate before they had invested too heavily in systems that could not.

Since then, companies have built up their own networks, with significant investment. The challenge? To convince corporations to see the benefits in a common network. A simple example of one of these “walled gardens,” says Ashton, is employee office passes or ID badges, many of which are fitted with radio-frequency identification (RFID) tags. While swiping an ID card will get an employee into his or her workplace, the employee still has to fill out a form or wear an identity sticker when visiting a different office building. A common network between landlords could eliminate this inefficiency, while creating a much richer data set on employee whereabouts.

“What we have right now is a lot of IoT-type technology that is heavy on things and light on Internet,” Ashton confirms. “That’s [really] the bit that needs to change.”

Unsurprisingly, much of the collaboration currently under way within industry verticals is around standards, such as information-exchange protocols. According to Elgar Fleisch, the deputy dean of ETH Zürich, there is an extensive standardization effort going on.

“The main impact of standardization is that every computer can talk to every other computer and everything can talk to every other thing,” he says. “That dramatically reduces the cost of making things smart. The IoT will not fly if we don’t have these standards.”

Clearly, the full potential of the IoT will only be unlocked when small networks of connected things, from cars to employee IDs, become one big network of connected things extending across industries and organizations. Since many of the business models to emerge from the IoT will involve the sale of data, an important element of this will be the free flow of information across the network.

Interested in learning more about the rapidly evolving IoT? Part one of this series can be read here, part two here and part four here.

Rapid IoT prototyping with SODAQ

The Atmel-powered SODAQ (ATmega328P) is a LEGO-like, plug-in, rapid prototyping board. Essentially, the multi-feature microprocessor board allows both Makers and engineers to easily connect a wide variety of sensors and devices to the Internet.

“It’s designed for connecting things efficiently, running off-grid with built-in, ready-to-go solar power. [That is why] we designed the SODAQ system (SOlar Data AcQuisition) to be able to communicate from anywhere, with a GPRS module and all the control code for it included from the start,” the SODAQ team wrote in a recent Kickstarter post.

“[There is] no breadboarding or soldering required. SODAQ [boasts] plenty of memory, sockets, solar panel, battery control and extra features – all on one board. [It is equipped with] built-in sockets for Grove modules; a real-time clock; extended flash memory; USB on-board and a Bee socket (WiFi/RF/XBee or compatible plugin).”

According to the SODAQ crew, early iterations of the board have already been deployed to various locations in Peru and Tanzania, where they are helping link weather stations, big commercial irrigation and school projects to the Internet. First-gen SODAQ boards have also been used to power an environmental monitoring system, tracking ecological factors for a WWF whale shark research project in the Indian Ocean.

“The (early version) SODAQ board with its built-in ability to handle all the power/solar/GPRS communications and easy plug in sockets for sensors made this project really simple. [It] saved thousands of dollars compared to commercial data loggers/large solar panels/industrial modem set-ups,” the SODAQ crew explained. “We’ve also already used it as the core to connect up weather, soil and river monitoring for small subsistence farmers in cooperatives in East Africa, for big irrigation management on large commercial farms and for a bunch of projects in the UK and Holland.”

Key SODAQ specs include:

• ATmega328P MCU running at 3.3V and 8MHz.
• Power Supply by LiPo Battery (3.7V) (supplied LiPo: 1,000mAh) or USB Cable.
• Programming by USB cable (and ICSP header also included).
• Solar Charge controller & JST connector for solar panel up to 2.5W (supplied panel: 0.5W).
• Battery monitor.
• DS3231 real time clock and temperature sensor.
• 16 MBit data flash module (AT45DB).
• Micro USB connector.
• 12 Grove connectors connecting Digital, Analog and I2C pins.
• On/off switch.
• Active solar charge circuit and powered RTC clock – even when switch is in “off” position.

Interested in learning more about the Atmel-powered SODAQ? You can check out the project’s official Kickstarter page here.

Random Challenge / Response Authentication in Plain English

By: Gunter Fuchs

Working deep down in the guts (bits and bytes) of a computer, it becomes hard to explain concepts, once the electronic world has taken them over. I wondered about a simple way to explain authentication without referring to the world of computers, so that someone who isn’t savvy with technology can readily understand it.  Well, there is an authentication scenario in one’s modern day-to-day affairs that does not involve any computer (except if you consider the human brain to be one). This scenario is plain and simple: putting a signature on a piece of paper.

How can we describe a signing process in system security terms for authentication? Specifically, what has putting one’s signature on a contract or bill to do with “challenge / response authentication”? The analogy is quite simple. The challenge is the request by – say – the cashier to sign the bill. The response is your signature. That way, you prove that you are the person who owns the credit card. The cashier authenticates your signature by comparing it with the one on your credit card. In computer security terms, that means that the host (cashier) compares a stored response (your signature on the credit card) with the actual response (your signature on the bill). If the host (cashier) comes to the conclusion that both signatures are equal, it accepts the generator of the response as being authentic.

This scenario is quite insecure because someone can easily forge a signature. The reason in cryptographic terms is because this system can generate only one challenge / response pair. An adversary knows what the challenge will be, and if she has seen / copied the response (signature) only once, she can, after some practice, reproduce it relatively fast and easily. A way to improve the security in such a system is to increase the number of possible challenge / response pairs. An example in the online world is a list of question / answer pairs. Sometimes when you log in, a question pops up asking the name of your favorite pet, teacher, or band. Only you and the online host know the correct answer. Such a list increases the security of a system, but since this list is usually short, finding out the few answers by eaves-dropping is not a huge obstacle for an adversary. The advantage of such a short list of challenge / response pairs is that a human brain can manage it. But in a system where only computers play with each other, we can introduce much bigger lists. They are nowadays pairs  as big as 2^32. In such a system, with a huge number of challenge / response pairs, the host chooses one randomly. An adversary would now have to replicate this huge table, and once it has done that, search through this table for the challenge to find the correct response. Well, you could argue, why not? And how can an authentic client find the correct response in a feasible time? This issue is solved by introducing a cryptographic algorithm and a key into the system. By using a key and an algorithm, tables of challenge / response pairs don’t have to be generated and stored, but a host only has to generate a random number to “choose” a challenge. When the client receives this random number as a challenge, it combines it with a key using a cryptographic algorithm and sends the result back to the host (response). (The cryptographic algorithm “hides” the key so that an adversary cannot extract it from the response.) The host now performs the same calculation using the same key and compares the received response with its calculated one. If the two match—voila!—the host finds the client to be authentic.

With a system that incorporates the process of random challenge / response authentication, an adversary would have to monitor many, many (depending on the biggest number – “number space” – used in this system) authentication sequences between host and client and store them in a table. And after that, it would have to find the challenge in this table to come up with the correct response if it wants to pretend to be the authentic client. Finding it would practically take eternities, “would be infeasible” in cryptographic terms. The quality of the randomness of the random number is important, because the better the quality of the random number generator the less an adversary can predict the next challenge. If an adversary could predict the next challenge, he could search his table in advance.

random challenge response, cryptographic algorithm

Free electricity!!! Really!! It all happened because a poorly secured network was hacked.

Like a plot straight out of a movie, the security system to an energy grid has been compromised, with the controls hijacked by a criminal network.  Unfortunately, there’s money to be made in security breaches! If the Puerto Rico utility company loses $400M from inaccurate meter readings, then some customers are gaining that amount. That’s a lot of motivation for unsavory types to create new attacks or execute attacks found on the Internet.  Check out this paper to learn how this particular attack unfolded and what could’ve been done to prevent it.    Lots of industries are tasked to confront and resolve this encroaching issue of hardware/network security.  Companies like NXP, Infineon, and Atmel are faced with the challenges as the fabric of the network becomes more ubiquitous yet more intersection points where security in hardware are more prevalent in the initial stages of design aspects.  See some salient technologies showing a promising road to resolving some of these challenges.