Technical Overview · Data and Tamper • Unique device idenGficaon • CerGficate Management •...
15
11 October 2016 Technical Overview
Transcript of Technical Overview · Data and Tamper • Unique device idenGficaon • CerGficate Management •...
11October2016TechnicalOverview
ProblemandContext
Firstreleaseofasuccessfulconnectedproduct…
….nowmakethatrepeatableplease.
• Opensourcenetworkingstacks:BluetoothHostandController
• Pre-empGve,GcklessRTOSwithpowermanagement
• SecurebootloaderandImageUpgrade
• FlashFSandAccessMechanisms
• Build&PackageManagement
• ManagementInterfacesSecureBootloader&FFS
OS HAL
Stats&Logging
Console&Shell
Config&Upgrade
Networking
Drivers
AnOpenSourceOSforMCUs
Power
Security
IPProviders
MCUVendors
CloudProviders
End-Users
• Liberal,BSD-stylelicense• StrongLicensingandIPpolicies• Meritocracy• Freetocontribute,contributors
controlprojectdirecGon.• Historyofworkingwithlarge
organizaGons:IBM,Pivotal/EMC,MicrosoY.
• Manyyearsexperiencemanaginglarge,complexprojects(e.g.,Apache,Hadoop,Subversion)
WhyApacheSo<wareFounda?on?
ACommunityDrivenOS
Communitydrivenopensourcebestwaytomaintainhealthyecosystem
• TicklessoperaGon:lowpowerhooks
• DriverInterface
• Pre-empGve,mulGtaskingRTOS• Strictpriority-basedscheduling• Upto253differentprioritylevels
• Unifiedbuffermanagement• ResourceuGlizaGontrackingandwatchdog
• High-resoluGonGmers
• Built-intasks:• Idle
RTOS
• EventQueuesprovideamechanismfor“mostly-sleeping”asynchronoustasks
• Wake-upon:• MessagefromanotherTask• Timer• I/Ostatechange• Incomingpacket• Watchdog
• PerformoperaGons:• Sendanalert• Respondtoarequest• Scheduleawakeup
• Gobacktosleep
RTOS-EventDrivenModel
BLE4.2 Wi-Fi
ApacheMynewtConnecGvityLayer(RunGme’sView)
Bluetooth5 LPWA 3GPP
HCI IPv4 IPv6+Thread IPv6
TCP UDPL2CAP
TLSorDTLS
CoAP,MQTT,HTTP
GATT
OIC1.1
Management AppApp
1.0–FirstbetaendofOctober!
Standards-basedIoTcommunicaGon
Highlights:ApacheMynewtNetworking
• NordicnRF51andnRF52support• SimultaneousCentralandPeripheral
modes• Supportsupto32connecGons
• Combined(host+controller),host-onlyandcontroller-onlymode
• CompaGblewithBlueZ• 40%lesscodeversuslicensedbinaries
inperipheral-onlymode
Bluetooth4.2
Wi-Fi
• AbstractedinterfacetoWi-Fisupplicants,andsocketlayer
• LWIPintegratedtoprovidenaGve-IPsupport.
• SupportforWINC1500...moresoon!
Highlights:ChallengesManagingConnectedProducts
• Well-defineddriversandHALinterfaces• Buildandpackagemanagementsystem
opGmizedtounderstandBSPandlinkopGons
Cross-plamormSupport
SoYwareUpgrade
• Buildtoolcreatessignedimages• ImagedownloadoverSerial,BLEandWi-Fi• BootloaderverifiesSHA-256/RSA/ECC-DSA
signature
Debugging
PowerMgmt
• ConsistentloggingandstaGsGcsinfrastructure• Coredumps• Kernel-levelsupport:sanity,stackguards,
memorytracking
• Hardsleepandwakeupsupport(lowRAMstates)
• Tickless‘idle’anddriversuspend• Networkingstacksleepmanagement
Build,Package,andProjectManagement:newttool
• ComposableSystem• Open-sourceprojectcollaboraGon• Maintainingprivatecodetrees• Enforcedsourcecodelayout
• Build• ConfiguraGon• MulGpletargets• Sourcecodelayout
• 3rdpartySDKs
• PackageManagement
• Versioningandstability
• InstallandUpgrade• Unifiedmethodfor#includes
and#defines• DependenciesandAPIs
• GoSmallorGoBIG• VCSVersioning• VersioningScheme(major,
minor,rev)• Trackingbranches
• SystemconfiguraGon(alaDeviceTree)
• Toolchains• Targetmanagement• SDKcompilaGonrules
BuildandPackageManagement:newttool(conGnued)
• ArGfacts• Debuggermaintenance• GeneraGonofflashimages,
upgradableimages
• IntrospecGon• Size• Packages• Versions
• EnforcedHierarchy• HW:MCU,BSP• APP
• SystemDefiniGon• Splitimagesforupgrade• RAMlocaGons• Flash
• bin/directory,withobjectfiles• MulGpletargetsstoredsimultaneously• CompilerdefiniGons,mapfiles
• Displaydependencies• SearchforfuncGonality• Versionsinstalled–trackingbranches
• BSP+App=BUILD• BSP->MCUdefiniGon
• LinkersecGonsdefinedbysystem• Tie-inwithflashlayout
Highlight:ApacheMynewtSecurity
Provisioning
Upgrade
CommunicaGons
DataandTamper
• UniquedeviceidenGficaGon• CerGficateManagement• PreventcounterfeiGng
• Signedfirmwareimages(newttool)• Securebootloader
• LeverageeitherBLEorDTLSsecurity• RBACforcommandsbasedupon
idenGty
• Encryptedflashstorage• TPM/SmartCardaware• Supporthardwarekeyaccess
Designedforsecurityfromtheground-up
HardwarePlamormSupport
• Hostprocessor,popularforBLE+Wi-Fi• OffloadprocessorforDSPprocessing• Extensive,qualityperipheralsupport• L*seriesprovidesreducedpowerconsumpGon
STMicroSTM32F/L34
• Suitableforsingle-chip/hostBLEdesigns• Controller-onlyoperaGonwithhostprocessor• Cost-effecGvenRF51,powerfulnRF52
NordicSemiconductornRF51/52
• ExtensivelowpowermodesandoperaGon• Richsetofperipherals• Community-supported:ArduinoZeroseries
AtmelSAMD/L21
Crossplamormsupportprovidesflexibilityandpriceleverage
MoreComingSoon
!
• Moreboards(!)andprocessors(!)• PIC32MZ(MIPS-underway),NXPFRDM-K64,NXPKW41Z,STM32L4
• Wireless• Bluetooth5andBluetoothMesh• LPWA• ImprovedWi-Fi
• Wired:Ethernet• SensorAPIsandSensorManagement
• YouDecide!
What’sNext?
THANKYOU
• MoreinformaGon:hyp://mynewt.apache.org/
• Jointhedevelopment,subscribetodev@list.
• Contributorswelcome!
