Skip to content
master
Go to file
Code

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
Doc
Feb 4, 2020

README.md

secure_lorawan_with_tti

“Wireless Made Fun!" - Secure Authentication with SAMR34 & ATECC608A and The Things Industries’s Join Server

HaveFun        

Welcome to the Microchip Workshop we did at The Things Conference 2020 in Amsterdam. From here you have the choice to either follow the Lab manual instructions described below or to follow the Microchip_workshop_slide.pdf document which expose you on a real situation with use cases

Watch the video of the workshop delivered at the Things Virtual Conference the April 16th, 2020 Secure Authentication with SAM R34 & ATECC608A and The Things Industries's Join Server

  1. Abstract
  2. Prerequisites
  3. Resources
  4. Gateway Setup
  5. Hardware Setup
  6. Lab 1
  7. Lab 2

Abstract

With hands-on approach, you will be guided through the process of getting started with developing a secure LoRa® end device product using Microchip Technology’s SAM R34/R35 Low Power LoRa® Sub-GHz MCU
and pre-provisioned ATECC608A secure element along with TTI Join server.

The SAM R34/R35 is a highly-integrated LoRa® family which includes an ultra-low power, high-performance 32-bit microcontroller (MCU), LoRa transceiver and software stack. With certified reference designs, and proven interoperability with major LoRaWAN™ gateway and network providers, the SAM R34/35 MCUs significantly reduce time to market for Internet of Things (IoT) designs. More details on the product page

Among "Wireless Made Fun!" solutions, checkout our
"Wireless Made Easy!" technology brick with SAMR34, ECC608A and TTI Join Server.

Prerequisites

Note: ASFv3 is an MCU software library providing a large collection of embedded software for AVR® and SAM flash MCUs and Wireless devices. ASFv3 is configured by the ASF Wizard in Atmel Studio 7.0 (installed as an extension to Studio). ASFv3 is also available as a standalone (.zip) with the same content as Studio extension (https://www.microchip.com/mplab/avr-support/advanced-software-framework).

Important: Until the next Atmel Studio IDE release, you have to manually install the Device Part Pack for developing with SAMR34/R35 on Atmel Studio 7.0 IDE. (all products released in between IDE releases of Atmel Studio should be manually added by user to develop applications).

  • Go to Tools -> Device Pack Manager
  • Check for Updates
  • Search for SAMR34 and click install
  • Repeat the same for SAMR35
  • Restart Atmel Studio 7.0 IDE

Resources

Several accounts have been created specifically for this workshop in the microchip tenant.
An appendix sheet with the credentials has been provided during the workshop.
Outside this workshop, you need to have your own TTI account with your own tenant.

Useful links:

TTI and Microchip developed a security solution for LoRaWAN that enables secure key provisioning and secure cryptographic operations using secure elements.

Gateway Setup

Follow this guide to add gateway in the console and configure the gateway selected.

Here let's connect The Things Kickstarter Gateway to TTI v3 Server.

Follow the instructions here

From the console:

  1. Create a gateway within the console. Choose a Gateway ID (use short name without special characters. e.g. thethingseu03). An EUI is not necessary.
    For Europe, select Frequency Plan = Europe 863-870 MHz.
    Here the Gateway server address is: microchip.eu1.cloud.thethings.industries
  2. When gateway created, add an API Key to the new created gateway. Note carrefully the key.

Firmware of the gateway:

  1. Make sure you gateway is loaded with 1.0.8 Firmware
  2. Check your firmware revision by connecting a USB-to-UART cable to UART pins of the PIC32 MCU inside the gateway.
    Follow the procedure here: https://www.thethingsnetwork.org/docs/gateways/gateway/faq.html
    On reset, if you get:
Firmware name: AmazingAckermann, type: 0, version: 1.0.7, commit: e9d35a30, timestamp: 1560942019
Bootloader revision: 1, commit: 7167873a, timestamp: 1496411298
Build time: Jun 19 2019 11:01:21
Reboot reason: 0x03

You need to update the firmware from 1.0.7 to 1.0.8.

  1. Download the "beta firmware" (1.0.8) from https://github.com/TheThingsProducts/gateway/tree/develop/firmware
    If you are using a Microchip Programming Tool (ICDx, PICkit), make sure to pick the "beta firmware" with bootloader.
  2. For programming the firmware, follow the steps here: https://www.thethingsnetwork.org/docs/gateways/gateway/programhexfile.html

Configure the gateway:

  1. Open the front panel of the gateway casing.
  2. While the gateway is powered on, hold the pink reset button for 5 seconds (until each of the 5 LEDs illuminate). This erases the existing configuration on the gateway.
    The gateway will now expose a WiFi Access Point whose SSID is of the form TheThings-Gateway-xxxxx, to which you should now connect using password thethings.
  3. In a web browser, open the gateway’s configuration page by navigating to http://192.168.84.1/
  4. Enter the following fields:
    Gateway-ID: type the gateway ID that you chose earlier. Here we are connected to a Microchip Cloud Hosted tenant, so the tenant ID must be added to the Gateway ID field.
    (e.g.: thethingseu3@microchip)
    Choose the WiFi network from the drop down and enter a password if necessary.
    Click the Show Advanced Options button and enter the following fields:
    - Account Server: The URL of the Things Enterprise Stack (e.g.: https://microchip.eu1.cloud.thethings.industries/)
    - Gateway Key: The API Key that you created earlier. (e.g.: NNSXS.QPUWK3...................................................)
  5. Click Save when done.
  6. Please wait while your gateway communicates with the Things Network backend.
  7. This will apply the setting and reboot the gateway. If all the steps have been followed correctly, your gateway will now connect to The Things Enterprise Stack .


Check here to understand the LED status of the gateway.

Hardware setup

Configure the DIP switch of the CryptoAuthenticationUDFN Socket kit for I2C communication with the host microcontroller. 1, 3 and 6 must be placed to ON position

Open the socket board

Make sure the ATECC608A device is ready to be inserted in the right direction. Make sure the pin 1 of the component (represented by a point) is located at the bottom left.

Place the Secure Element in the UDFN socket

Make sure the Secure Element is properly seated and the pin 1 is located at the bottom left.

Close the clam shell lid.

Attach the CryptoAuthenticationUDFN Socket kit to the SAM R34 Xplained Pro board on the EXT3 header.
Plug the antenna. Attach a USB cable to SAM R34 Xplained Pro board's EDBG micro-B port on the right.
The USB ports powers the board and enables the user to communicate with the kits.

  • Wait for USB driver installation and COM ports mounting.
  • Launch Tera Term program and configure the serial ports mounted with: 115200 bps, 8/N/1

Lab 1

  1. Open the TTI Network Server Console
  2. Login by using the TTI Credentials from the appendix sheet

  3. Select “Go to applications”

  4. Select “thethingsconference” application
  5. Go to “Devices” in the left menu and click on “+ Add Device” to reach the end device registration page.
    a) Fill the device ID (use the appendix sheet)
    b) Fill the MAC Version with: MAC V1.0.2
    c) Fill the PHY Version with: PHY V1.0.2 REV B
    d) Fill the Frequency Plan: Europe 863-870 MHz
    e) Scroll to the lower part of the device registration page and make sure that “Over the Air Activation (OTAA)” is selected
    f) Fill the JoinEUI (AppEUI in LoRaWAN versions before 1.1) (use the appendix sheet)
    g) Fill the DevEUI (use the appendix sheet)
    h) Uncheck External Join Server
    i) Fill the AppKey (use the appendix sheet)
    j) Click “Create Device”

    Exemples:


  6. You will now reach the device overview page of your device. The end device should now be able to join the private network

  7. Plug the antenna and always make sure you have the antenna plugged to your SAMR34 Xpro board before powering it up
  8. Connect your SAMR34 Xpro board to the computer through the micro-USB cable. USB cable must be connected to the EDBG USB connector of the kit
  9. Wait for USB driver installation and COM port mounting. The USB port powers the board and enables the user to communicate with the kit

  10. Open Serial Console program (e.g. TeraTerm)
  11. Configure Terminal setup

  12. Configure Serial port setup, COMxx 115200 bps / 8 / N / 1

  13. Restart the application by pressing Reset button on SAMR34 Xpro board
  14. From the console, press ‘1’ to Select Lab1

  15. Manually provision your device by entering:
  • DevEUI
  • JoinEUI
  • AppKey
    Use the appendix sheet to find your OTAA credentials.
  1. Press ‘1’ to confirm the provisioning

  2. Enter your first name (10char max.) and press enter

  3. Your device should successfully join the network

  4. Press SAMR34 Xpro SW0 button to transmit an uplink message

  5. Observe the result on the dashboard and confirm you can see your data

Lab 2

  1. Perform the following hardware setup:
    a) Connect ECC608A Socket board to SAMR34 Xpro EXT3
    b) Plug the antenna and always make sure you have the antenna plugged to your SAMR34 Xpro board before powering it up.
    c) Connect your SAMR34 Xpro board to the computer through the micro-USB cable. USB cable must be connected to the EDBG USB connector of the kit.
    d) Wait for USB driver installation and COM port mounting. The USB port powers the board and enables the user to communicate with the kit.

  2. Open and configure Serial Console program (e.g. TeraTerm): COMxx 115200 bps / 8 / N /1
  3. Restart the application by pressing Reset button on SAMR34 Xpro board
  4. From the console, press ‘2’ to Select Lab2

  5. Observe the following identifiers coming from the ATEC6608A Secure Element

  6. Record your own DevEUI and Serial Number
  7. Ask the instructor for the manifest file which match your set of identifiers
  8. Open the TTI Join Server Console
  9. Login by using the TTI Credentials from the appendix sheet

  10. Make sure you are connected to the Join Server

  11. Select “Go to applications”

  12. Select “thethingsconference” application

  13. Go to “Devices” in the left menu and click on “+ Import Device” in order to claim the device
    a) Select format: “Microchip ATEC6608A-TNGLORA Manifest File”
    b) Select your manifest file
    c) Enable set claim authentication code
    d) Create devices

  14. Click Proceed

    Your secure element is now claimed in your application. The secure element cannot be claimed by anyone else until you delete the device.
  15. Observe your new device in the list

  16. Claiming the secure element only create device on the Join Server: it is not registered on a Network Server or Application Server yet.
    This step requires the usage of the Command Line Interface (CLI). Refer to this guide"
    For the purpose of this workshop, the instructor will activate your device.

  17. Open the TTI Network Server Console
  18. Login by using the TTI Credentials from the appendix sheet
  19. Select “Go to applications”
  20. Select “thethingsconference” application
  21. Go to “Devices” in the left menu
  22. Your new device appears now in the TTI Network Server Application / device list

  23. Come back to the Serial Console in order to interact with Lab 2 Application
  24. Enter your first name (10char max.) and press enter
  25. Your device should successfully join the network

  26. Press SAMR34 Xpro SW0 button to transmit an uplink message

  27. Observe the result on the dashboard and confirm you can visualize your data

Congratulations, you have finished the lab.

About

"Wireless Made Fun!" - Secure Authentication with SAMR34 & ATECC608A and The Things Industries’s Join Server

Resources

Releases

No releases published

Packages

No packages published
You can’t perform that action at this time.