Skip to content

SUIT Hackathon Test Harness

Francisco edited this page Mar 21, 2019 · 12 revisions

Coap Server

Two options can be used as a coap server. You can use a aiocoap based server that exposes all files in a defined directory as a resource or use the OTA server application.

Aiocoap File-Server

aiocoap-fileserver is an example present in aiocoap github. Manifest and firmware will be copied to a specific folder from where aiocoap-fileserver will build and expose a resource tree for every file contained in the base folder.

Concerns:

  • Store Firmware's & Manifest's
  • Expose COAP resources for Firmware's & Manifest's

Assumptions:

  • Publisher takes care of how he associates images and manifests
  • Not all manifest publications will be notified
  • Server doesn't maintain a list of devices to whom to publish or any such logic.
  • User handles device notification of available updates, or the devices fetches on itself

Set UP

Installation

To use the aiocoap file server you need aiocoap > 0.4.

When this was implemented aiocoap > 0.4 must be built from source you can follow installation instructions here https://aiocoap.readthedocs.io/en/latest/installation.html. If you don't choose to clone the repo locally you still need to download "aiocoap-filesever" from https://github.com/chrysn/aiocoap/blob/master/contrib/aiocoap-fileserver.

To start the file server simply run

`<PATH>/aiocoap-fileserver ${RIOTBASE}/coaproot`

where ${RIOTBASE}/coaproot is the directory where you will need to copy your manifests and firmwares.

Workflow Example

Eg: copying slot0.bin and slot1.bin to ${RIOTBASE}/coaproot/blah/blah/ will expose the resources:

  • coap://{HOST_ADDR}/blah/blah/slot0.bin
  • coap://{HOST_ADDR}/blah/blah/slot1.bin

in this case HOST_ADDR would be localhost or another address depending where your server is hosted.

OTA server application

Manifests and firmware images can be uploaded to a python based sever that can receive images/manifests and expose them as COAP resources. Where and how to expose the resources is determined by the publisher.

The server can also notify's devices of the existence of a new manifest, delivering information about where (the URL) to find the manifest. This is done via a PUT to a specified address (including resource location).

Concerns:

  • Store Firmware's & Manifest's
  • Expose COAP resources for Firmware's & Manifest's
  • Send notification as a COAP PUT to a list of devices provided by publisher

Assumptions:

  • Publisher takes care of how he associates images and manifests
  • Publisher indicates resource location (URL)
  • Not all manifest publications will be notified
  • Server doesn't maintain a list of devices to whom to publish or any such logic, it is expressively told by publisher to whom to notify of a new manifest

Set UP

Set up and usage instructions can be found at ota-server.

End Device

COAP Application

The application will be running on one of two firmware slots.

  • slot0 contains a suit capable image as well than the bootloader
  • slot1 contains another suit capable firmware image

The COAP application exposes a resource indicating which slot is active/inactive on the node. This allows the right manifest URI for the active slot to be sent to the device. (to understand how the slots, riotboot system works in RIOT check HERE).

The COAP application exposes a trigger resource to witch it can receive POST/PUT notifications where the payload is an URI indicating where the device can fetch a new MANIFEST.

Concerns:

  • Expose a COAP trigger resource
  • Expose a COAP active/inactive slot resource
  • Fetch manifest
  • Parse the manifest
  • Fetch firmware images
  • Boot from new images

Assumptions:

  • Device is notified of latest manifest location (URI) via the trigger resource
  • Device is provided the right firmware image (right slot)

Set UP

Requirements:

  • RIOT

Installation instructions can be found here RIOT-SetUp

Usage

A usage example can be found at suit_update with a in detail explanation of how every concern is executed.

Network

Since the nodes have an ipv6 address they need an ipv6 capable coap server or a tunnel to it. When using suit_update everything is done locally so routing is not a problem. Otherwise you will need to be in a ipv6 capable network or use an ipv6 broker.

The nodes need an ipv6 interface to your computer or to the coap server. This can be done by:

Build System

The RIOT build system will take care of building the SUIT capable firmware, including the different slots needed for an update (to understand how the slots, riotboot system works in RIOT check HERE).

Right now the build system is also in charge of generating the manifest for every new firmware and signing it. This means the build system must know before hand the URI where the firmware and manifest will exposed as a COAP resource.

The build system is also currently in charge of pushing/publishing the new manifest and firmwares (slots) to the COAP server (if using aiocoap-fileserver, it just copies the files).

Threw the build system you can also notify a device that a new manifest is available and trigger it to fetch it.

Concerns:

  • build suit capable firmware
  • ** build manifest
  • ** "publish" manifest and firmware in COAP server
  • ** trigger device notification that new update is available

Assumptions:

  • to be able to notify the device the device address must be known before hand and passed threw the SUIT_CLIENT variable. *ndevice is exposing a suit/trigger COAP resource

Usage

A usage example can be found at suit_update with a in detail explanation of how every concern is executed.

Manifest Generator

moran-suit-manifest-v4

Currently no moran-suit-manifest-04 manifest generator is available.

moran-suit-manifest-v1

A manifest generator has been included in RIOT distribution at RIOT/dist/tools/suit_v1. It is pulled and used automatically by the build system when publishing new manifest and firmware. Details on usage and set-up can be found HERE

Alternatively you could use ARM manifest generator

Clone this wiki locally
You can’t perform that action at this time.