Saturday, May 23, 2015

Bluetooth v4.2 – bringing improved speed and security to wireless devices

After starting from humble beginnings, the Bluetooth standard keeps improving and now the Bluetooth Special Interest Group (SIG) has recently officially adopted the new Bluetooth Core Specification version 4.2.

This new specification promises improvements in the speed, security and privacy of Bluetooth networks as well as ease of IP network connectivity for Internet-of-Things applications. The new and improved features of Bluetooth 4.2 build upon the capabilities such as Bluetooth Low Energy in the Bluetooth Smart (Bluetooth 4.0) standard, aiming to further improve the position of Bluetooth Smart as a key enabling technology for the Internet of Things.

The SIG has emphasised "Connected Home" scenarios as being well placed to take advantage of the capability for direct Internet connectivity provided in Bluetooth 4.2, also emphasising the advantages offered by IPv6 support and higher data rates whilst also maintaining strong energy efficiency.

Bluetooth 4.2 introduces several major updates to the specification - Bluetooth Low Energy data packet length extensions, secure connections, privacy upgrades, and the IP Support Profile, which helps to enable IoT applications. Bluetooth 4.2 will extend the capabilities of Bluetooth 4.0 to allow low-power IP connectivity over Bluetooth, with the new IPSP (Internet Protocol Support Profile) Bluetooth profile which supports IPv6 and 6LoWPAN connectivity.

Bluetooth-networked edge-node devices will be able to use this to directly access the Internet via an Internet connection elsewhere in the network, without having first to be tethered to a specific smartphone or other Bluetooth-enabled device with IP connectivity.

Furthermore, Bluetooth 4.2 increases the speed and reliability of data transfers between Bluetooth Smart devices. Standard Bluetooth packets offer a maximum payload size of 1021 bytes, but in the Bluetooth 4.2 specification there are some additional header fields and a trailer added to the packet to allow for additional payload per packet, with the length of data packets transferred increased from 27 bytes to 251 bytes.

This increase in the data transfer rate corresponds to a speed increase of up to 2.6 times, compared to older Bluetooth standards. Bluetooth master and slave devices, however, will still have the ability to reduce or otherwise negotiate the maximum length of packets to transmit and receive.

These speed increases are very valuable for developers looking to create systems where the transfer of larger amounts of data over Bluetooth is required - for example regular firmware updates or the downloading of large amounts of sensor data in data logger or similar Internet-of-Things applications. Increased data transfer speeds and packet sizes in Bluetooth 4.2 also reduce the opportunity for transmission errors to occur, resulting in more efficient communication and a reduction in battery energy consumption.

Building on the speed improvements, Bluetooth 4.2 also introduces advances in security and privacy over older Bluetooth implementations, as well as lowering power consumption. For example, a department store may implement Bluetooth iBeacons to track the movements of consumers around the store, which could be considered an invasion of privacy.

Bluetooth 4.2 addresses this by allowing the MAC address of a device to be masked from other devices unless the iBeacon or other Bluetooth device being connected to is explicitly trusted, preventing this kind of tracking from occurring unless the user has enabled permission for the iBeacon to engage with their device.

Therefore devices compatible with Bluetooth 4.2 will only "wake up" when a device such as an iBeacon that is designated as trusted is within proximity. This has the added bonus of lowering power consumption on the smartphone or other Bluetooth device, since it won't wake up from a low-power state whenever it passes near such a device - it will stay asleep by default.

The previous Bluetooth 4.1 specification introduced AES encryption, and the Bluetooth 4.2 update now completes these security upgrades by adding full public key cryptography for authentication in Bluetooth Low Energy mode using FIPS (Federal Information Processing Standards) compliant algorithms, essentially updating security for Bluetooth Low Energy to the same standard as Bluetooth Classic - so you can have confidence in the cryptography used.

Dual-mode Bluetooth devices now only need to pair once and they will retain the same fully secure connection, regardless of which mode was used to authenticate.

IP connectivity is also improved with 4.2, as the new Internet Protocol Support Profile (IPSP) will allow Bluetooth Smart sensors to access the Internet directly via IPv6 / 6LoWPAN. IP connectivity makes it possible to use existing IP infrastructure to manage Bluetooth Smart "edge" devices, which is ideal for connected home and Internet-of-Things applications that need both local control - from local network devices such as smartphones, and wide-area control over the Internet.

IPSP is designed to enable IPv6 for Bluetooth, meaning that devices such as wireless IoT or wearable computing platforms can use Bluetooth Low Energy to talk to the Internet without the need to be paired to another device such as a smartphone or tablet to act as a bridge to the IP network.

Data can go directly to and from low-power Bluetooth devices and the Internet, as long as there is a router or access point in the home equipped with Bluetooth physical-layer hardware. This means that IPSP is arguably the biggest news about Bluetooth 4.2, particularly for IoT device development.

We’re excited about these latest developments in Bluetooth and if you’re considering a new Bluetooth-enabled product or upgrading an existing device – our team at LX can partner with you for mutual success. Getting started is easy – click here to contact us, or telephone 1800 810 124.

LX is an award-winning electronics design company based in Sydney, Australia. LX services include full turnkey design, electronics, hardware, software and firmware design. LX specialises in embedded systems and wireless technologies design.

Published by LX Pty Ltd for itself and the LX Group of companies, including LX Design House, LX Solutions and LX Consulting, LX Innovations.

Wednesday, May 13, 2015

IPv6 over Bluetooth with Nordic’s new nRF51 SDK

With the advent of IPv6 taking hold in the Internet of Things, it’s pleasing to see more entrants into the marketplace from existing and new players, and one example of this is Nordic Semiconductor's Bluetooth Low Energy nRF51 IoT SDK.

This is a new Software Development Kit for the development of Internet-of-Things applications using Internet Protocol version 6 (IPv6) over Bluetooth Low Energy (Bluetooth SMART), enabling end-to-end IP-based communication for Bluetooth IoT devices.

Nordic’s SDK is an IPv6-ready complete Internet Protocol suite for their nRF51-series of devices, bringing native IPv6 support to Bluetooth Low Energy applications, letting them talk directly to cloud services and other Bluetooth-connected Internet-of-Things devices over IP-based networks.

The SDK is suitable for networks of Nordic's nRF51x wireless connectivity systems-on-chip, offering an IPv6-capable Bluetooth Low Energy software stack that provides drivers, libraries, examples and APIs to allow you to easily get started with development - all freely ready for engineers to download now from Nordic.

Furthermore the SDK enables large-scale, distributed, cloud-connected, heterogeneous network deployments for smart home, industrial, and enterprise automation applications, logistics, access control, and cloud services - and enables wireless communication between Internet services and Bluetooth-enabled IoT "things".

With native IP networking down to the Bluetooth end-node devices, this means that Bluetooth Low Energy devices can communicate with each other via "headless" routers and out over the Internet. A Bluetooth Low Energy device can therefore communicate with other devices using other IPv6-enabled wired or wireless networking technologies, such as Wi-Fi, Ethernet, or 802.15.4/6LoWPAN, to form a heterogeneous network.

Unlike some other IoT solutions based on proxy servers, proprietary network bridges or gateways, Nordic's nRF51 IoT SDK is based entirely on open standards and extends IP addressing all the way to the end-node device.

As a reference design and demonstration platform for their Bluetooth Low Energy IoT SDK, Nordic provides their "IPv6 over Bluetooth Smart Coffee" demonstration - an example of a wireless, IPv6 Bluetooth-enabled Internet-of-Things coffee machine based on Nordic's IoT SDK.

The coffee machine, being IP enabled, has its own IPv6 address and is directly addressable from the Internet over IPv6. Native support for IPv6 allows the coffee machine and the cloud application to use the same protocol without any need for proxy servers or translations, allowing direct connectivity to MQTT, as the application protocol, based on top of TCP at the transport layer.

The SDK includes a 6LoWPAN IPv6-over-Bluetooth Low Energy adaptation layer and a complete Internet Protocol suite - a protocol stack that includes IPv6 and ICMP, with UDP and TCP protocols supported at the transport layer, along with CoAP and MQTT support at the application layer, giving you a powerful suite of different protocols which are useful for IoT applications.

A compact memory footprint means that the complete protocol stack can be run on a nRF51-series device in a single-chip configuration without extra memory, enabling developers to minimise power, size and cost of their Bluetooth-connected IoT hardware products.

Nordic's Bluetooth Low Energy IoT SDK also supports the Internet Protocol Support Profile (IPSP), a profile which is in the process of being adopted as a standard by the Bluetooth Special Interest Group.

The SDK includes an IPv6 stack, including UDP socket APIs, an ICMPv6 (ping) module, and support for multiple IPv6 addresses. The included 6LoWPAN and IPSP libraries support 6LoWPAN compression and decompression, 6LoWPAN node role support, packet flow control, IPv6 prefix management, and the ability to use a third-party IPv6 stack if you choose. A CoAP (Constrained Application Protocol) library is also provided with the SDK, providing support for all the basic CoAP message types.

Complementing the SDK, Nordic is also providing examples that configure the nRF51 device as a Bluetooth Low Energy 6LoWPAN node, as well as a reference software platform for setting up a headless router that supports IPv6 and Bluetooth Low Energy using a Raspberry Pi running Raspbian Linux combined with a Bluetooth LE USB dongle, as well as a range of other application examples.

Nordic provides a reference Raspbian Linux image for this example router application which you can download, ready to go. The combination of this headless router platform, the new nRF51 Development Kit and the nRF51 IoT SDK provide developers with a powerful and complete platform for developing Bluetooth Low Energy based Internet-of-Things applications based on Nordic nRF51 series devices.

The Bluetooth Low Energy IoT SDK is suitable for use with Nordic's nRF51 Development Kit (which supports Bluetooth Low Energy, ANT, or generic low-power 2.4 GHz wireless communications using the various different chipsets in the nRF51 family), or the nRF51 USB dongle.

The SDK is also suitable for use with the nRF51422 multi-protocol Bluetooth Low Energy / ANT system-on-chip and the nRF51822 multi-protocol Bluetooth Low Energy system-on-chip, the nRF51822 Evaluation Kit, or any other development tools or platforms from third parties, as long as they are based around the nRF51822 Bluetooth Low Energy SoC, the nRF51422, or any other devices in the nRF51 family.

Nordic provides support and community discussion for users of their platform online, through the Nordic Developer Zone forums and Web resources, nRFready demo applications for Bluetooth Low Energy-enabled phones or other mobile devices, and a range of other resources provided on their website.

Nordic’s new IPv6 system offers new and possibly existing IoT-based products the entrance into the next generation of device connectivity and as part of this the team at LX can partner with you for mutual success. Getting started is easy – click here to contact us, or telephone 1800 810 124.

LX is an award-winning electronics design company based in Sydney, Australia. LX services include full turnkey design, electronics, hardware, software and firmware design. LX specialises in embedded systems and wireless technologies design.

Published by LX Pty Ltd for itself and the LX Group of companies, including LX Design House, LX Solutions and LX Consulting, LX Innovations.

Monday, May 4, 2015

Atmel makes Wi-Fi easy with their new SmartConnect WINC1500

Atmel have announced their new SmartConnect WINC1500 SoC - a wireless network controller system-on-chip platform, specifically aimed at Wi-Fi connectivity in embedded systems and Internet-of-Things applications.

The WINC1500 is part of Atmel's SmartConnect portfolio aimed at IoT and wireless connectivity applications, and it complements Atmel's existing line-up of radio-plus-microcontroller RF system-on-chip solutions for wireless connectivity using 802.15.4/6LoWPAN, now offering 802.11b/g/n Wireless LAN connectivity for embedded and IoT applications such as smart-home appliances, home automation, wireless media streaming or industrial applications.

By using an innovative power architecture that delivers very low power consumption along with high performance, the WINC1500 can help optimise your bill of materials, minimising the number of external components required to support your design.

Furthermore the WINC1500 is a great add-on platform to extend the wireless connectivity of existing microcontroller-based solutions, bringing Wi-Fi networking capability to an existing system through a UART or SPI interface to the Wi-Fi device.

The WINC1500 connects to any Atmel AVR or Atmel SMART microcontroller with minimal requirements for memory or other resources in the host microcontroller, and it supports different 801.11 modes including single-stream 802.11n with throughput up to 72 Mbps.

The WINC1500 provides internal Flash memory as well as multiple interfaces for peripheral devices, including UART, SPI and I2C, and it also includes a fully integrated power amplifier, LNA, RF transmit/receive switch and power management on the RF side, meaning that integration of the WINC1500 into your design is easy, without requiring large amounts of RF design expertise or a high external bill-of-materials cost to support this device.

The ATWINC1500 device can receive wired firmware updates via its UART, or over-the-air firmware updates. The device features 4 MBit of internal Flash memory for storing its firmware, and a provisioning mode for setup, where the device sends beacons as a soft Wi-Fi access point and can transmit or receive data at any time, using a system called Wireless Simple Configuration to make initial setup of your devices simpler.

The device supports Wi-Fi Direct, station mode and Soft-AP support, with support for either WEP or WPA2 Enterprise security modes, and offers an RF transmit power of +19 dBm with a low current consumption of 172 mA - relatively impressive for an 802.11 WiFi device in transmit mode.

A TCP/IP stack is provided on board, without the need for the host microcontroller to support this, along with DHCP/DNS network protocols and TLS (Transport Layer Security) support for secure communications.

The WINC1500 is available in a compact QFN package and requires only one external clock source, from a single crystal or oscillator, with a wide variety of reference clock frequencies between 12-32 MHz supported.

As well as the WINC1500 IC itself, in a 40-pin QFN package for board-level integration into your bespoke designs, Atmel also offers the ATWINC1500-MR210PA module. This module includes an on-board crystal, voltage regulators and other core support components, an RF balun, antenna matching network and an on-board antenna, along with a shielding can.

This module makes it very easy to get started integrating the WINC1500 into your design, with minimal design effort or RF layout expertise required. The ATWINC1500-MR210PA module also offers module-level pre-certification of the RF system for regulatory agencies such as the FCC, making it easier to get your product approved and to market without much RF engineering expertise.

As with Atmel's other microcontroller products, you can easily get started evaluating and designing with the ATWINC1500 low-cost, low-power WiFi network controller by using Atmel's starter kit for this device, the ATWINC1500-XSTK Xplained Pro platform.

This kit provides the hardware and software platform you need to get started with easy access to the features of the ATWINC1500 and explains how to integrate the device in a custom design, with an on-board embedded debugger and support in the Atmel Studio integrated development platform, with standardised compatibility with the rest of Atmel's Xplained Pro ecosystem of development tools.

No extra tools are necessary to program or debug the host microcontroller, but the Xplained Pro development system does offer additional peripherals to extend the features of the board and ease the development of custom designs.

Included in the kit is a SAMD21 Xplained Pro board, as the host microcontroller, along with an ATWINC1500 Xplained Pro extension board, which includes an ATWINC1500-MR210PA, shielded and approved RF module and an Atmel I/01 Xplained Pro board which provides sensor inputs to the host microcontroller along with a micro-SD card.

There is an embedded debugger for programming the SAMD21 host microcontroller, Atmel's Data Gateway Interface (DGI) for connectivity between the host microcontroller and the WiFi platform over either TWI or SPI, a USB virtual-serial-port interface to the host microcontroller's UART for debugging, an Atmel CryptoAuthentication device connected to the host microcontroller, and a range of application examples supported through the Atmel Gallery.

Together, this development pack provides a powerful but easy-to-use combination of tools you can use to quickly get started prototyping or developing a WiFi-networked, Internet-connected sensor network device or Internet-of-Things appliance based on the WINC1500.

After the explosion of the Expressif ESP8266 into the marketplace last year, we consider this to be Atmel’s reply to the inexpensive SoC from China – and look forward to further announcements from other manufacturers with their responses. Which leads to more options in the marketplace to choose from = each with their own pros and cons to your specific application.

If your team is looking for help moving forward with your own Wi-Fi or IoT-based devices - we invite you to join us for an obligation-free and confidential discussion about your ideas and how we can help bring them to life. Getting started is easy – click here to contact us, or telephone 1800 810 124.

LX is an award-winning electronics design company based in Sydney, Australia. LX services include full turnkey design, electronics, hardware, software and firmware design. LX specialises in embedded systems and wireless technologies design.

Published by LX Pty Ltd for itself and the LX Group of companies, including LX Design House, LX Solutions and LX Consulting, LX Innovations.

Tuesday, April 28, 2015

Reduce M2M resource requirements with Lightweight M2M

The Lightweight Machine-to-Machine Enabler (LWM2M) is a new standard for the management of devices in machine-to-machine and Internet-of-Things applications. LWM2M is particularly aimed at resource-constrained end-node devices in applications such as Wireless Sensor Networks as well as Machine-to-Machine applications where bandwidth is constrained - for example where cellular connectivity is used to network remote devices.

Many devices in the growing industrial and commercial M2M and Internet-of-Things markets require some device management - devices need to be remotely switched on and off, woken up and put to sleep, sent remote requests for sensor data transmission, configured, provisioned, or remotely updated with new firmware.

In short, these devices call for protocols and services to effectively support them with device management, service enablement and application management. The design goal of LWM2M was to create a mechanism that is not only suitable for relatively powerful devices like smartphones or Wi-Fi routers, but also caters to the needs of more constrained devices - end-node IoT devices with low-cost hardware, with very limited memory or CPU capability, or devices that run off batteries with very low power budgets.

LWM2M is being developed by the Open Mobile Alliance - a collaboration of many companies working in the M2M service provider, software, hardware and system vendor space. For example ARM and Sensinode are just a couple of the companies involved in the Alliance.

As LWM2M is built on top of open standards defined by groups such as the Internet Engineering Task Force, it allows for interoperability between different devices and manufacturers, avoiding lock-in to proprietary standards.

For example, the LWM2M protocol stack is built on top of the Constrained Application Protocol (CoAP), which is an open IETF standard, as the underlying transfer protocol that is carried over UDP or SMS. CoAP is optimised for communications in resource-constrained or bandwidth-constrained network environments, which makes it well suited to Internet-of-Things applications, enabling the use of low-cost microcontrollers in prolific network-connected devices.

The decoupling of machine-to-machine products from their proprietary, vendor-specific management systems through the adoption of open interfaces and open standards can, theoretically at least, also accelerate innovation in the M2M/IoT markets both on the device side and on the server side.

In essence, LWM2M is a communications protocol running between LWM2M software clients running on all sorts of embedded end-node devices and LWM2M servers running on the M2M management platforms for these devices. The LWM2M protocol includes robust security of all communications between the client and the server using Datagram Transport Layer Security (DTLS), which provides a secure channel between the LWM2M client and the server for all messages interchanged.

The DTLS security modes supported by LWM2M include both pre-shared-key and public-key modes, providing support for robust security across both more capable embedded devices as well as very resource-constrained devices where public-key authentication is not practical.

LWM2M supports UDP binding with both CoAP and SMS, meaning that communication between the LWM2M server and the client can happen over SMS or CoAP, and low-cost basic cellular modems that can communicate over SMS without Internet connectivity can be used to build LWM2M networks.

This also means that LWM2M-equipped networks can be deployed almost anywhere in the field, without the need for modern Internet-capable telco mobile network infrastructure - the network only needs to be able to support SMS messaging.

LWM2M provides an extensible object model that enables application data exchanges in addition to the core device management features such as firmware updates and connectivity monitoring.

A RESTful style of architecture is applied to this, where the items to be managed on a remote device are considered "resources". Uniform Resource Identifiers, or URIs addresses these resources on the network, which are much like the familiar URLs used on the Web.

Built-in resource discovery is supported using the CoRE Link Format standard, making the discovery of new resources on the network relatively easy. Related resources are grouped together into Objects, and this helps to cut down on processing overhead as the M2M client and the server on the platform side have a common understanding of what a certain resource actually is, by understanding the properties of an object that it is a part of - for example the manufacturer's name, the type of network the device is currently connected to, the signal strengths of the cellular connection it uses, or other relevant properties.

Though the LWM2M specification comes with a set of predefined objects and resources, the set of objects is extensible. This means that other organisations and users can define new objects that are most suitable for their products and services in their particular corners of the M2M market.

The Open Mobile Alliance provides their LWM2M DevKit in the form of an add-on plugin for the Mozilla Firefox Web browser, which is an implementation of the Lightweight M2M protocol, which enables you to directly interact with a LWM2M server from the Web browser on your PC.

This allows developers and users to easily get started, to interactively explore and comprehend this new protocol for machine-to-machine communication.

However if you are interested in upgrading existing products or developing new M2M-capable devices that could benefit from this new lightweight M2M initiative, getting started is easy. We invite you to join us for an obligation-free and confidential discussion about your ideas and how we can help bring them to life – click here to contact us, or telephone 1800 810 124.

LX is an award-winning electronics design company based in Sydney, Australia. LX services include full turnkey design, electronics, hardware, software and firmware design. LX specialises in embedded systems and wireless technologies design.

Published by LX Pty Ltd for itself and the LX Group of companies, including LX Design House, LX Solutions and LX Consulting, LX Innovations.

Saturday, April 18, 2015

Security concerns with consumer IoT devices

With the increasing popularity of Internet-of-Things connected products, security of these devices and their networks is a growing concern.

Let's consider potential security vulnerabilities that can exist in Internet-of-Things appliances, and how these security threats may be mitigated. Security is a particular concern in the context of home automation devices and Internet-of-Things connected appliances in the home because hardware and/or software vulnerabilities in these devices have the potential to affect the security of homes, buildings and people.

Security vulnerabilities in these connected devices, such as home automation hubs, could potentially allow attackers to gain control of door locks or other actuators, access video cameras or otherwise compromise physical security.

Recent research from security firm Veracode has found that many of today's popular "smart home" devices have security vulnerabilities, which are open to exploitation. The researchers examined a selection of typical always-on IoT home automation appliances on the market in order to understand the real-world potential impact of security vulnerabilities in these kinds of products.

The products that were studied by the researchers included the MyQ Internet Gateway and the MyQ Garage, which provide Internet-based control of devices such as garage doors, power outlets and lighting, the SmartThings Hub, a central control device for home automation sensors, switches and devices such as door locks, the Wink Hub and Wink Relay networked home automation products, and the Ubi home automation gateway.

These devices are just a representative sample of today's popular "Internet-of-Things" appliances in the consumer market.

The Veracode researchers didn't look for vulnerabilities in the firmware of the devices they looked at, but instead analysed the implementation and security of the communication protocols they use.

The researchers looked at the front-end connections, between the users and the cloud services, as well as the back-end connections between the cloud services and the devices themselves. They wanted to know whether these services allowed communication to be protected through strong cryptography, whether encryption was a requirement at all, if strong passwords were enforced and whether server TLS certificates were properly validated.

Researchers found that of the six products examined, only one enforced the strength of user passwords at the front end, and one of the products did not enforce encryption for user connections.

This research also looked at the back-end cloud service connectivity in these products, whether the devices used strong authentication mechanisms to identify themselves to cloud services, whether encryption was employed and whether safeguards were in place to prevent man-in-the-middle attacks and if sensitive data was protected - for example by hashing clear text passwords and transmitting only the crucial data needed across the Internet service.

What they found was a general trend towards even weaker security, with two of the products tested not employing encryption for communications between the cloud service and the device.

It was also found that one of the devices did not properly secure sensitive data, and man-in-the-middle attack protection was lacking across all the devices tested, with the exception of the SmartThings Hub, either because TLS (Transport Layer Security) encryption was not used at all or because proper certificate validation was not used.

This research suggests that connected products, marketed as appliances for the household consumer, have been designed with the assumption that the local area networks that they'll be installed on are secure.

However, that seems to be a mistake since we know that if there's anything worse than the security and user configuration we see with these new connected products, it's the security of WiFi routers.

Researchers find serious vulnerabilities in consumer routers and their firmware routinely, and many of these have the potential to enable attackers to perform man-in-the-middle attacks on data going out to the Internet or to other devices on the LAN.

A quick search online and you can find default passwords for many IoT devices - often left unchanged or unable to be changed by users - and the security features in place are often very limited. User instruction and education can play a large part in minimising potential problems here - for example, choosing strong passwords, both for the Wi-Fi router as well as for devices connected to it, and regularly checking for and installing firmware or software updates provided by vendors.

This study is a good reminder to users to keep their networks secure by using strong passwords and security settings, across their PCs, phones or other devices, wireless access points and routers, as well as smart IoT devices. Furthermore, the research team also explored device debugging interfaces and services that run on these IoT devices which aren't intended to be accessed by end users.

The team only investigated interfaces that are accessible over a network, whether over the local area network or through the Web. For example, attacking a device through a hardware interface, plugging a JTAG probe into a smart light bulb, is not considered to be a significant security threat compared to network-connected services. 

This research explored whether access to these hidden services was restricted to users with physical access to the device, if open interfaces are protected against unauthorised access, and whether open interfaces are designed to prevent an attacker who gains access to these interfaces from running arbitrary code on the device.

The Veracode research found that the Wink Hub runs an unauthenticated HTTP service on port 80 that is used to configure the wireless network settings, the Wink Relay runs a network-accessible ADB (Android Debug Bridge) service, the Ubi runs both an ADB service and a VNC remote desktop service with no password, the SmartThings Hub runs a password-protected telnet server and the MyQ Garage runs an HTTPS service that exposes basic connectivity information.

It is simply assumed that all these things are secure because the wireless LAN they're on is secure, but this is commonly not true and these networks are secured poorly or not at all. For devices with exposed ADB interfaces, this can provide attackers with root access and can allow them to execute arbitrary code on the device.

At this point the casual observer may consider all these new consumer IoT-based devices to be a security risk, however if developed by the right team nothing could be further from the truth. With a great design team and user education security can become a non-issue for the end user.

The easiest part is to find the right designers for your IoT-based product - and here at the LX Group we have the team, experience and technology to bring your ideas to life.

Getting started is easy - join us for an obligation-free and confidential discussion about your ideas and how we can help bring them to life – click here to contact us, or telephone 1800 810 124.

LX is an award-winning electronics design company based in Sydney, Australia. LX services include full turnkey design, electronics, hardware, software and firmware design. LX specialises in embedded systems and wireless technologies design.

Published by LX Pty Ltd for itself and the LX Group of companies, including LX Design House, LX Solutions and LX Consulting, LX Innovations.

Thursday, April 9, 2015

Reduce IoT power consumption with Atmel SAM L21

One of the latest and most power-efficient 32-bit microcontroller options on the market today is Atmel's new SAM L21 MCU family, specifically aimed at power-efficient battery powered devices in wireless sensor networks and the accelerating Internet-of-Things market.

The Atmel SMART SAM L21 family, based on the ARM Cortex-M0+ core, boasts ultra-efficient current consumption as low as 35 micro amps per MHz with the chip in active mode and as low as 200 nano amps in the deepest sleep mode.

This best-in-class power efficiency is said to have the potential to "extend battery life from years to decades" in power-optimised sensor network and Internet-of-Things applications. These chips draw less than 1 micro amp with full SRAM retention, real-time clock and calendar running, making the SAM L21 family the lowest-power Cortex-M based microcontroller solution on the market.

With a 42 MHz Cortex-M0+ core, which is the smallest 32-bit ARM core, 256 kB of flash memory and up to 40 kB of SRAM, these chips obviously aren't intended to compete with high-end mobile processors in terms of performance. However, these small, power-efficient microcontrollers are still powerful enough to support touch interfaces, AES encryption, and wireless communications - for example running both the application and wireless stacks in a typical wireless end-node IoT application.

Also included is up to 8 kB of separate low-power SRAM that is kept powered at everything short of the deepest sleep mode - even off a low-power backup battery when the main battery is exhausted. The Cortex-M0+ is a fairly modest embedded ARM core in terms of its relative performance - it's an optimised version of the Cortex-M0, with one less pipeline stage to reduce power consumption and with a few features from the more capable Cortex-M3 and M4 families also added.

The SAM L21 is the lowest-power Cortex-M0+ based device family presently on the market, and it expands Atmel's product offering beyond the SAM D family, aimed at the next generation of ultra-low-power embedded devices.

Among the updated peripherals included on the L21 is a low-power capacitive touch-sensing controller, for touch-sensitive surfaces such as buttons, sliders or wheels. The capacitive touch peripheral can run in all low-power operating modes, and supports waking up the microcontroller from sleep when the sensors are touched.

Architectural innovations in the SAM L21 family enable low-power peripherals such as timers, serial communications and the touch controller to remain powered up and running as needed while the rest of the system is in a reduced-power sleep mode.

Nearly every peripheral system has been optimised for energy efficiency and for the ability to operate in a standalone mode without the entire chip being powered up and active. The energy-efficient L21 design goes much further than simply turning off clock distribution to the various peripheral devices on the chip when they are powered down - it completely shuts down the power to peripherals and segments of the die that are not currently in use.

The SAM L21 supports energy-efficient "sleepwalking", which allows peripheral devices to request a clock source when they need to wake up from sleep modes and perform tasks - without having to power up the CPU, the Flash and other relatively power-intensive CPU support systems.

As an example of a real-world energy-efficient Internet-of-Things application, suppose the chip's internal ADC is used to measure temperature in a room. You can put the CPU to sleep and wake up periodically on interrupts from the real-time clock, providing very efficient power consumption. The measured temperature can be checked against a predefined threshold to decide on further action, and if no action is required the CPU can be put back to sleep until the next interrupt is fired from the RTC at the interval desired.

During an analogue sensor read, the ADC clock will only be enabled and running when the ADC conversion is needed. When the ADC receives the trigger event from the real time clock it will request its generic clock from the generic clock controller, and this peripheral clock will stop as soon as the ADC conversion is completed.

The event system is configured to send this event from the real-time clock to the ADC, and the ADC is configured to start a conversion when it receives an event - but this is done without the need to power up the CPU at all, minimising the power budget. However, the ADC can be configured to look at its reading, check if a certain threshold is exceeded, and to generate an interrupt for a different task - waking up the CPU for example, if we decide that data logging, radio transmission or some other CPU action is needed in response to an extreme temperature value.

As with most of Atmel's microcontroller products, Atmel is offering an Xplained Pro evaluation board for the SAM L21 microcontroller family. This evaluation board features an on-board debugger, standardised extension connectors compatible with the other expansion boards and modules in the Atmel Xplained development board ecosystem, and auto-identification in Atmel Studio.

Along with the rest of Atmel's development tools and boards, this evaluation board is powerful and flexible yet easy to use, for both professional and hobbyist-level developers. Using the SAM L21 Xplained Pro board and Atmel Studio, designers can monitor power consumption in conjunction with the program counter in real time, and if a spike in power consumption appears you can loop back to see what's causing it in the software and code accordingly.

Thanks to Atmel your new or existing Internet of Things devices can increase their autonomy and allow you to reduce device size and weight thanks to the use of smaller battery capacities – and of course saving you money as well. If this is of interest to you – and why wouldn’t it be - here at the LX Group we have the team, experience and technology to bring your ideas to life.

Getting started is easy - join us for an obligation-free and confidential discussion about your ideas and how we can help bring them to life – click here to contact us, or telephone 1800 810 124.

LX is an award-winning electronics design company based in Sydney, Australia. LX services include full turnkey design, electronics, hardware, software and firmware design. LX specialises in embedded systems and wireless technologies design.

Published by LX Pty Ltd for itself and the LX Group of companies, including LX Design House, LX Solutions and LX Consulting, LX Innovations.

Monday, March 30, 2015

Predix – GE’s new Software Platform for the Industrial Internet

Industrial behemoth General Electric have now entered the Industrial Internet arena with their new “Predix” product - a new software platform and ecosystem aimed at a wide spectrum of machine-to-machine applications and "Industrial Internet" applications.

Predix is aimed at making it easy to connect machines to the Industrial Internet, to embed analytics into machines, making them somewhat intelligent and self-aware, and to retrofit and upgrade machine software without mechanical modifications though a platform which essentially provides the equivalent of cloud computing for the Industrial Internet.

One of the main goals of Predix is to offer connectivity to industrial assets of any vintage, from any vendor, to the cloud and to each other - meaning that your industrial applications can benefit from the asset performance management and operations optimisation that Predix makes possible, whether or not the other equipment and systems you use are GE products.

Predix enables industrial-scale analytics for asset and operations optimisation by providing a standard way to connect machines, data and people. Predix can be used as a platform to build apps for any industry or sector - by customers, OEMs, or developers, with the goal of efficiency improvement across a range of industries from automotive to building management to agriculture.

Furthermore Predix aims to connect people with intelligent machines and advanced analytics, giving you new levels of actionable insight, helping you optimise system operations and respond to situations as they arise. As part of this goal, the system helps you gain actionable insights from massive volumes of machine data flowing in rapidly, and to manage all assets from individual parts on the factory floor up to entire "smart factories".

Operators can orchestrate analytics processing in real time across distributed machines and data, and get industrial-grade control and insight with modern consumer-style sleek user experiences across different platforms including mobile devices.

Predix can operate as a cloud-agnostic platform that can run on local servers, in your data centres, or in public clouds - with support for a scalable big-data computing fabric including the Apache Hadoop open-source framework for reliable, scalable, distributed computing, as well as support for historians and graphs.

You can control data across machines, networks and clouds in a resilient and secure way, with high availability for mission-critical applications, and you can control access to assets while enhancing communications between machines, networks and systems.

GE believes that industrial customers want predictability about performance and better asset management, and this is what the Predix platform helps to deliver. Over the coming year, GE aims to include connected sensors and Big Data capabilities in almost all of the company's new products.

Development is still ongoing, as GE has also announced partnerships with AT&T, Intel and Cisco for the development of the Predix platform. Existing examples of products from GE that incorporate this technology include control of a jet engine aimed at maximising fuel efficiency while monitoring greenhouse gas emissions - which is predicted to save an airline $90 million over five years. A similar product, which optimises the efficiency of a gas turbine for power generation, is expected to save an energy utility $28 million per annum, while also reducing greenhouse gas emissions.

Applications can be built for any system or machine - from jet engines to MRI scanners - and be remotely managed while connected to the Internet. So far there are four components to the platform, for the sensors themselves, analytics, management of the connected devices, and a user interaction component called Predix Experience.

In 2016, GE plans to offer a developer program that lets third parties integrate Predix platform technologies into their own services. Under their part in the new Predix partnership, AT&T will develop device and sensor connectivity via cellular, PSTN and Wi-Fi connectivity. GE says its partnership with Intel will embed virtualisation and cloud-based, standardised interfaces within the Predix platform.

The Predix platform aims to eventually bring all of GE's industrial machines together into one contextually aware, cloud-connected system. By connecting machines to the network and the cloud, Predix aims to enable workers all around the world to track, monitor and help maintain industrial machinery remotely through highly secure machine-to-machine communications.

Bringing together all machines, from wind turbines to medical imagers to jet engines, into a single, unified but contextually aware platform for all their operation and maintenance aims to deliver significant efficiency gains and reductions in downtime for GE and their customers.

The Predix platform is scalable, supporting high-volume analytics, industrial data and operational management, across individual machines and entire networks, on-premise, in the cloud, or in a hybrid environment. The platform is adaptive, allowing applications to be customised and extended across industries and their assets, data sources and devices, both mobile and fixed.

The development environment also enables the creation of new apps that can leverage mobile use requirements in an OS- and hardware-neutral fashion. The promise of Predix goes beyond cohesiveness and convenience. The real vision is to link all these diverse machines to the cloud, quantifying their performance and benchmarking them against each other - all in the name of improving efficiency and reducing unscheduled downtime.

The idea for the platform goes far beyond giving engineers a touchscreen manual for repairs. It’s really about creating a resource that knows exactly what needs to be done to optimise any machine at any moment, with a contextual understanding of that device.

Eventually, Predix will make sure everything’s on the same page, from the machine in question to the enterprise software in the cloud down to the tablet or other device carried by the maintenance engineer in the field.

And this is the benefit of the Industrial Internet – to give operators knowledge and control over their devices to maximise operational efficiency, minimise downtime and costs – in order to maximise profit. And no matter whether you’re looking to optimise a few local sensors or monitor devices from around the globe - here at the LX Group we have the team, experience and technology to bring your ideas to life.

Getting started is easy - join us for an obligation-free and confidential discussion about your ideas and how we can help bring them to life – click here to contact us, or telephone 1800 810 124.

LX is an award-winning electronics design company based in Sydney, Australia. LX services include full turnkey design, electronics, hardware, software and firmware design. LX specialises in embedded systems and wireless technologies design.

Published by LX Pty Ltd for itself and the LX Group of companies, including LX Design House, LX Solutions and LX Consulting, LX Innovations.