Secure ota firmware update with cc1310 – hackster. io


Demonstrate a secure and robust over-the-air firmware update from a GitHub repository over WiFi with the CC1310 Cortex-M3 MCU LaunchPad and the CC3100 WiFi BoosterPack. Gender definition This demonstration deploys the OTA update technology previously developed for the MSP432 to the CC26XX and CC13XX family of devices. Gold price 2016 forecast Introduction

The purpose of this demonstration is to show how a firmware update image can be securely hosted and retrieved from a publicly accessible cloud server and installed into the internal flash of a high-availability IoT MCU device.

Stock connection The device’s internal flash is partitioned into 4 sections:

• A completely separate provisioning application containing features and functions intended only to be used during manufacturing of the device in the MTA section.

• The MAN image (short for manufacturing) is the combination of bootloader, MTA and APP binaries and is programmed onto the device’s internal flash before it is sent to the field.

• The APP image is the main application implementing the device’s main functions. Usa today high school football rankings The APP contains the OTA update logic, network stacks and/or interfaces and OS, and thus all components critical to the execution of the device are updated together. Zloty usd The APP is encrypted with AES-CBC. Usps shipping The APP can be placed into either the APP1 or APP2 sections at the discretion of the OTA update logic.

When the device is first provisioned with the MAN firmware image, the application image resides in the APP1 section, and APP2 is empty. Gender quiz boy or girl The bootloader checks for a valid application in either section and boots the most recent (highest version).

The demo application polls a fixed URL for the presence of newer firmware images. Stock market futures cnn When a new application image is found, it is downloaded through a TLS-secured link. Futures tradingcharts market quotes The application image itself is decrypted on-the-fly with the MCU’s embedded AES hardware and stored into the APP2 section. Decimal to binary The update logic in this demo automatically and immediately reboots the device when the stored image has been verified. Binary calculator online The bootloader then determines that the new image is valid and jumps to it, completing the update process.

If the update is interrupted at any time, for example mid-way during the download or during a flash write, or if the image could not otherwise be correctly written in its entirety to the APP2 section, the bootloader will not accept the content of APP2 and continue to boot the existing application. Usd price This is an extremely robust update process designed for IoT devices operating in real-world conditions and requires no external components. Usd to aed conversion However, it comes at a cost – the amount of internal flash available to applications is reduced by half. Euro to indian rupee exchange rate today What will happen?

• Assemble the hardware. Futures market history Assemble the CC1310 LaunchPad and CC3100 BoosterPack as shown in the image below and connect to your PC with a USB cable. Cnn money markets futures The CC3100 BoosterPack can be mounted either on top or below, however mounting it below affords better access to the LaunchPad header markings and jumpers. Cad to usd history Take note of the re-routing of the XDS110’s UART to pins DIO29 and DIO30. Binary file The default routing of the UART connects the XDS110 directly to the CC3100’s UART and must be avoided. Python commands The demo application routes TXD to DIO29 and RXD to DIO30. Euro to dollar conversion rate today Remove the TXD and RXD jumpers on the LaunchPad and connect the XDS110 side to DIO29 and DIO30. Exchange rate usd to aed Connect a jumper from 3.3V to DIO26 to select the provisioning application (the MTA) for initial boot.

• Start the terminal. Usd to euro graph Start a terminal emulator session/connection on the LaunchPad’s “Application/User UART” at 115200 baud. Usd to inr exchange rate today On some PCs in Tera Term this appears as “COM4: XDS110 Class Application/User UART (COM4)”. Exchange rate cny to usd Choose the COM port that is assigned by your PC.

• Provision the device’s WiFi settings. Inr to usd conversion rate today To do this we must boot into the device’s MTA (manufacturing test application) by pulling DIO26 high and resetting the board. Convert usd to euro calculator Connect a short jumper wire as shown between the BoosterPack connector pins J3-4 and J1-1 and press the reset button.

The serial terminal will show a simple menu requesting that you fill in 3 fields, your WiFi network’s SSID, security type, and passkey. Premarket stock futures cnn Enter each in turn as shown.

When complete, commit the settings to flash with menu option 4) Save WiFi settings . Gold manufacturing Remove the jumper wire from the 3.3V pin but leave the other end attached – you’ll need to use it again later.

• Perform the update. 1 usd to sbd Reset the board (ensure the jumper is disconnected) to boot back into the main application. Non binary gender quiz This time it should connect to your local WiFi network and proceed to download and install the firmware update sourced from OTA-CC1310-CC3100_1_1_21_APP_0x75E33845.fmu.

This update is identical in function to the previous version, except that the version ‘minor’ digit has been incremented from 0 to 1, and there is an extra message in the banner indicating that the updated app is running. Gender spectrum When the update is complete, the board automatically reboots and you should see the updated application now running out of the internal flash’s APP2 section. Joy news ************************************************************************

• Rollback the update. Gold price today Re-connect the jumper wire between DIO26 and 3.3V and reset the board to access the MTA. What is a futures market The menu will have a new option 5) rollback a firmware update

• Interrupt the update. Math puzzles printable Remove the jumper wire again from the 3.3V pin and reset the board to boot the main APP. Investing futures market Now this time around, you want to have your finger hovering over the reset button as the demo progresses. Binary solver When the updating………

text begins to appear in the terminal window, press the reset button to interrupt the download mid-update. Dollar euro forecast At this stage, a portion of the image has been written to the APP2 section in internal flash, and a flash write operation may have been ongoing. Us canadian dollar exchange rate When the application boots up again, it remains untouched and is the same as before. What is futures and options in stock market with examples The update is detected and re-attempted. Futures markets today You can also remove power to the LaunchPad during this update period. Convert malawi kwacha to usd If you miss the update window and it completes, just perform a rollback again. Exchange rate uk to us dollar See the example terminal window output below.

The bootloader, manufacturing test application and main application are independently developed, compiled and linked with complete vector tables. Dollar to euro chart They are assembled into the combined MAN image in a post-build (“release”) step. Binary joke At the same time, the application images are embedded into a firmware update container format ( .fmu ) and then encrypted. Usd graduate programs You can confirm that the .fmu file is encrypted by noting that there is no evidence of a vector table anywhere in the file including the SP and PC initialization values typical at word offsets 0 and 1.

The bootloader is located at the beginning of the MAN image and after programming, it is placed at the location where the Cortex-M processor expects an application to reside on startup. Convert usd to hkd The bootloader performs self-tests, checks the status of the MTA selection pin (DIO26) and verifies the integrity of all application images to decide where to set the processor’s VTOR (vector table offset register). Stock meaning in tagalog Once the VTOR is set, the PC (program counter) is moved to point to the target application’s reset vector (specified at word offset 1 in the target application’s vector table). How to read binary code The bootloader’s job ends there and the application’s startup procedures take over and reconfigures the device as required for the application.

The encryption key is stored with the application and is therefore vulnerable to inspection in the MAN image. Commodity futures intraday market However the MAN image is not distributed and intended to be used only in a “trusted” product manufacturing environment (such as your workbench or lab). Marriott travel agent rates Once the MAN image is programmed onto the device, and the JTAG/CC1310-bootloader access ports have been disabled by writing appropriately to the CCFG section, the encryption key and indeed the firmware content itself is no longer easily accessible to anyone that can gain access to your firmware update file or device. Mortgage meaning in hindi What’s next

You’ve just experienced the result of significant behind-the-scenes effort to coordinate the production and consumption of multiple firmware entities for an MCU-based IoT device. Usd to canadian This IoT firmware update demo is just the tip of the iceberg when it comes to the complex world of IoT device management. Exchange rate inr to usd Other, more functional, IoT application demos will be built on top of this technology.

• Updating the firmware on the external CC3100 network processor using the same transfer mechanism. Math jokes for teachers Instead of “APP” files the network processor updates could be “NWP” files and the OTA server running on the CC1310 would route those update file contents to the CC3100’s SFLASH as appropriate.

• Adding a Certificate Authority certificate to verify the content server (in this case GitHub). Exchange rate us dollar to pound sterling As it stands, the device could be tricked into redirecting to an unauthorized content server to download the firmware update file. Usd to rmb exchange rate history However, due to the update file encryption and OTA design, it would be very difficult to create an unauthorized update file that the device would accept.

• Add the CC1310 as an OTA update “target”, much like the CC3100, when hosted by an MSP432 in a gateway-style setup (CC3100 + MSP432 + CC1310 bridges end nodes over LPLAN networks to WiFi and the Internet).

• Utilize the LAUNCHXL-CC1310’s on-board SPI flash to store larger update files that include the TI-RTOS + BLE or 802.15.4 stacks. Exchange rate british pound to us dollar The current demonstration uses custom-designed drivers and operating context with SimpleLink and can fit within one-half of the CC1310’s internal 128K SRAM to support a completely internal OTA update strategy as shown with this demo. Xauusd forecast However, the addition of the BLE or 802.15.4 stacks will push the application towards the 128K limit requiring the OTA update system to leverage off-board storage.

• Demo application sometimes hangs during connection to network processor (CC3100). Usps shipping calculator This is a possible “sync lockup” issue. Binary table Workaround: Pressing the launchpad’s reset button usually makes the connection on the next attempt. Binary code chart Updating the CC3100’s firmware may also resolve the issue.