A MICROCHIP TECHNOLOGY INC. PUBLICATION

6 10 18Just in Time

Accelerate Your Touch Design

On the Cutting Edge of Learning

JAN/

FEB

2018

A MICROCHIP TECHNOLOGY INC. PUBLICATION

cont

ents

The Microchip name and logo, the Microchip logo, AnyRate, AVR, AVR logo, AVR Freaks, BeaconThings, BitCloud, CryptoMemory, CryptoRF, dsPIC, FlashFlex, flexPWR, Heldo, JukeBlox, KEELOQ, KEELOQ logo, Kleer, LANCheck, LINK MD, maXStylus, maXTouch, MediaLB, megaAVR, MOST, MOST logo, MPLAB, OptoLyzer, PIC, picoPower, PICSTART, PIC32 logo, Prochip Designer, QTouch, RightTouch, SAM-BA, SpyNIC, SST, SST Logo, SuperFlash, tinyAVR, UNI/O, and XMEGA are registered trademarks of Microchip Technology Incorporated in the U.S.A. and other countries. ClockWorks, The Embedded Control Solutions Company, EtherSynch, Hyper Speed Control, HyperLight Load, IntelliMOS, mTouch, Precision Edge, and Quiet-Wire are registered trademarks of Microchip Technology Incorporated in the U.S.A.Adjacent Key Suppression, AKS, Analog-for-the-Digital Age, Any Capacitor, AnyIn, AnyOut, BodyCom, chipKIT, chipKIT logo, CodeGuard, CryptoAuthentication, CryptoCompanion, CryptoController, dsPICDEM, dsPICDEM.net, Dynamic Average Matching, DAM, ECAN, EtherGREEN, In-Circuit Serial Programming, ICSP, Inter-Chip Connectivity, JitterBlocker, KleerNet, KleerNet logo, Mindi, MiWi, motorBench, MPASM, MPF, MPLAB Certified logo, MPLIB, MPLINK, MultiTRAK, NetDetach, Omniscient Code Generation, PICDEM, PICDEM.net, PICkit, PICtail, PureSilicon, QMatrix, RightTouch logo, REAL ICE, Ripple Blocker, SAM-ICE, Serial Quad I/O, SMART-I.S., SQI, SuperSwitcher, SuperSwitcher II, Total Endurance, TSHARC, USBCheck, VariSense, ViewSpan, WiperLock, Wireless DNA, and ZENA are trademarks of Microchip Technology Incorporated in the U.S.A. and other countries.SQTP is a service mark of Microchip Technology Incorporated in the U.S.A. Silicon Storage Technology is a registered trademark of Microchip Technology Inc. in other countries. GestIC and ULPP are registered trademarks of Microchip Technology Germany II GmbH & Co. & KG, a subsidiary of Microchip Technology Inc., in other countries. The LoRa name and associated logo are registered trademarks of Semtech Corporation or its subsidiaries. USB Type-C™ is a trademark of USB Implementers Forum. ARM and Cortex are registered trademarks of ARM Ltd. in the EU and other countries. All other trademarks mentioned herein are property of their respective companies. © 2017, Microchip Technology Incorporated, All Rights Reserved.M

2

JAN/

FEB

2018

COVER STORY 4 Heightened Security

Protect IP and Deploy Secure Connected Systems with New ATECC608A CryptoAuthentication™ Device

NEW PRODUCTS 6 Just In Time

New 8-bit PIC18 K83 Family Improves Response Time to Critical System Events on CAN Network

7 Simple ConnectionLatest Single-Wire Serial EEPROM Enables Remote Identification and Authentication

EVENTS 9 Get Ready for Las Vegas!

DESIGN CORNER 10 Accelerate Your Touch Design

12 Securing the Edge

15 Debugging on the IoT

18 On the Cutting Edge of Learning

MAKER SPACE 20 Get Launched Hits the Road

Microchip Technology Inc.2355 W. Chandler Blvd. | Chandler, AZ 85224 | www.microchip.com

Don’t Miss the Next Issue ofMicroSolutionsPublished six times a year, MicroSolutions is a valuable resource for product and technology news about Microchip’s innovative solutions. Subscribe today to receive email notifications when each new issue of MicroSolutions is ready. Use the link below:

Find Us on These Social Channels

CLICK TO SUBSCRIBE

EDITOR’S NOTE

3

A MICROCHIP TECHNOLOGY INC. PUBLICATION

6 10 18Just in Time

Ready for a Head Start?

On the Cutting Edge of Learning

JAN/

FEB

2018Reflections on 2017

s a new year unfolds, it is common to look back over the previous 12 months to identify significant milestones and major accomplishments. Here at Microchip, 2017 offered us many occasions to celebrate. We launched the year with a

successful integration of our business systems following the acquisition of Atmel. Our product portfolios expanded as we introduced a number of new devices throughout the year. We also launched the Microchip 2.0 initiative, which combines the company’s product, technology, system and employee strengths to allow us to provide multiple solutions for the circuit boards that drive our customers’ end applications.

Microchip was also honored by a number of award programs. The company was named a top place to work in the California Bay Area, New York and Austin, Texas, and was also listed as one of Arizona’s Most Admired Companies for 2017 by both AZ Big Media as well as BestCompaniesAZ. It was also included as a finalist in the GSA Most Respected Public Semiconductor Company Awards.

Some other highlights include the AWS-ECC508 security device and MPLAB® Xpress IDE being selected as finalists in the ECN Impact Awards. The AWS-ECC508 was also selected as an honoree in the 2017 CES Innovations awards and was named a finalist in the Design News Golden Mousetrap Awards and Embedded Computing Design’s 2017 Most Innovative Products awards program.

The most exciting news of all, however, was that Microchip achieved its first quarter of over one billion dollars in net sales as reported in the results for the quarter ending on September 30, 2017. We are energized by this achievement, thankful to all our customers who made it possible, and looking forward to many more opportunities to serve you in 2018. We wish you much success with your designs in the New Year!

As always, we would be happy to get your feedback on MicroSolutions. Feel free to email us at MSFeedback@microchip.com.

3

EDITOR’S NOTE

A

4

(continued on page 5)

COVER STORY

Protect IP and Deploy Secure Connected Systems with New ATECC608A CryptoAuthentication™ Device

Take Advantage of Microchip’s New Security Design Partner Program to Ease the Development of Secure Designs

From remote cyberattacks to the creation of counterfeit products, widespread security threats are affecting industries around the

globe. When carried out, these threats can lead to substantial losses in service revenue, escalating recovery costs and, perhaps most significantly, irreparable damage to brand equity. Now more than ever, it is critical to implement robust security into new and existing designs to protect Intellectual Property (IP) and enable trusted authentication of connected devices.

HEIGHTENED SECURITY

COVER STORY

5

The ATECC608A allows you to add hardware-based security to your designs.

To meet this growing challenge to today’s connected applications—especially for those spanning from hard-ware to the cloud—Microchip has created the ATECC608A CryptoAuthentication device, a secure element that allows you to add hardware-based security to your designs. We have also established a Security Design Partner Program to connect you with third-party partners that can enhance and expedite the development of secure designs.

The foundation of secured communication is the ability to create, protect and authenticate a device’s unique and trusted identity. By keeping a device’s private keys isolated from the system in a secured area, coupled with its industry-leading cryptography practices, the ATECC608A provides a high level of security that can be used in nearly any type of design. The primary features of the ATECC608A include:

Best-in-class key generation: The Federal Information Processing Standard (FIPS)-compliant Random Number Generator (RNG) generates unique keys that comply with the latest requirements from the National Institute of Standards and Technology (NIST), providing an easier path to a whole-system FIPS certification.

Boot validation capabilities for small systems: New commands facilitate the signature validation and digest computation of the host microcontroller (MCU) firmware for systems with small MCUs, such as an ARM® Cortex®-M0+ based device, as well as for more robust embedded systems.

Trusted authentication for LoRa® nodes: The AES-128 engine also makes security deployments for LoRa infrastructures possi-ble by enabling authentication of trusted nodes within a network.

Fast cryptography processing: The hardware-based integrated Elliptical Curve Cryptography (ECC) algorithms create smaller keys and establish a certificate-based root of trust more quickly and securely than other implementation approaches that rely on legacy methods.

Tamper-resistant protections: Anti-tampering techniques protect keys from physical attacks and attempted intrusions

after deployment. These techniques allow the system to preserve a secured and trusted identity.

Trusted in-manufacturing provisioning: Companies can use Microchip’s secured manufacturing facilities to safely provi-sion their keys and certificates, eliminating the risk of exposure during manufacturing.

Experienced and Capable Security Partners When you select one of our hardware security solutions, you also have access to our Security Partners within our Design Partner Program. These industry-leading companies, includ-ing Amazon Web Services (AWS) and Google Cloud Platform, provide complementary cloud-driven security models and infrastructure. Other partners are well versed in implementing Microchip’s security devices and libraries. Whether you are looking to secure an Internet of Things (IoT) application or add authentication capabilities for consumables, such as cartridges or accessories, the expertise of our Security Design Partners can reduce both your development cost and your time to market.

“The work done on the ATECC608A chip through our collaboration with Microchip enables Google IoT customers to get a new offering that provides high levels of security with a seamless onboarding experience,” said Antony Passemard, Product Management Lead for Google Cloud IoT.

Development ToolsTo assist you with the rapid prototyping of your secure solution, the new CryptoAuth Xplained Pro Evaluation and Devel-opment Kit (ATCryptoAuth-XPRO-B) is an add-on board that is compatible with any Microchip Xplained or Xplained Pro evaluation board.

If you are looking for a way to heighten the security in your next design, the ATECC608A can be ordered from microchipDIRECT or from Microchip’s worldwide distribution network.

Want More Information?Visit the website at:

www.microchip.com/CryptoAuthentication

NEW PRODUCTS

6

Just In TimeNew 8-bit PIC18 K83 Family Improves Response Time to Critical System Events on CAN Network

these MCUs with just a few clicks will save considerable time in developing CAN-based applications for the medical, industri-al and automotive markets, such as motorized surgical tables, asset tracking, ultrasound machines, automated conveyors and automotive accessories.

The PIC18 K83 devices contain 15 time-saving CIPs. These include Cyclic Redundancy Check (CRC) with memory scan for ensuring the integrity of nonvolatile memory; Direct Memory Access (DMA) for enabling data transfers between memory and peripherals without CPU involvement; Windowed Watchdog Timer (WWDT) for triggering system resets; 12-bit Analog-to-Digital Converter with Computation (ADC2) for auto-mating analog signal analysis for real-time system response; and Complementary Waveform Generator (CWG) for enabling high-efficiency synchronous switching for motor control.

Development SupportThe PIC18 K83 family of MCUs is supported by the Curiosity High Pin Count (HPC) Development Board (DM164136).

The PIC18F25K83 comes with 32 KB of Flash memory and the PIC18F26K83 offers 64 KB of Flash memory Both devices are available in 28-pin SPDIP, SOIC, SSOP, UQFN and QFN pack-ages. They can be ordered today from microchipDIRECT or from Microchip’s worldwide distribution network.

If you are developing an application that includes a Controller Area Network (CAN) system, you know that software devel-opment can slow you down. You can now change the way

you design with CAN using our new PIC18 K83 family of micro-controllers (MCUs). These two new devices combine a CAN bus with an extensive array of Core Independent Peripherals (CIPs). You can use these CIPs to increase your system’s capa-bilities and simplify the creation of your CAN-based applications while avoiding the complexity of added software.

A key advantage of using a PIC18 K83 MCU in your CAN-based system is that the CIPs provide deterministic response to real-time events, shorten design time and can be easily configured through MPLAB® Code Configurator (MCC), a free software plug-in for MPLAB X Integrated Development Environment (IDE) and the cloud-based MPLAB Xpress IDE. It is signifi-cantly easier to configure a hardware-based peripheral to accomplish a task instead of writing and validating an entire software routine. The ability to use MCC to configure one of

Core Independent Peripherals Make CAN-Based Designs Simpler and More Cost Effective

The PIC18 K83 devices contain 15 time-saving CIPs, including CRC, DMA, WWDT, ADC2 and CWG.

Want More Information?Visit the website at:

www.microchip.com/K83

7

The AT21CS11 connects to a system through a Single Input/Output wire that enables both communication and a supply of power to the device.

Simple ConnectionLatest Single-Wire Serial EEPROM Enables Remote Identification and Authentication

NEW PRODUCTS

space for electronic components is limited. With its operational voltage range of 2.7V to 4.5V, it is also well suited for use in lithium-ion battery-powered devices such as disposable medical devices and e-cigarettes.

Each AT21CS11 contains both a preprogrammed unique serial number and five EEPROM memory sections. Any or all of the memory sections can be permanently locked by the end-equipment manufacturer to allow tracking of products and identifying attachments to assist with counterfeit prevention. If you need to warranty your product or prevent counterfeits and ensure proper continued operation of your goods through autho-rized replacements, this serial EEPROM is an excellent option.

The AT21CS11 connects to a system through a Single Input/Output (SI/O) wire that enables both communication and a supply of power to the device. The need for only one wire and a ground allows makers of Fiber to the Home (FTTH) cable ends to add critical cable characteristic parameters to different cable types. The SI/O wire also allows you to use a simple two-point mechanical snap-in or twist-on connector for disposable devices

The AT21CS11 is well-suited for use in lithium-ion battery-

powered applications.

Because of their unique combination of capabilities, serial Electrically Erasable Programmable Read-Only Memory (EEPROM) devices are used to add critical memory storage

to a wide range of advanced electronic systems and applications. Their features include byte-write alterability, nonvolatile data storage, one million cycles of write endurance, very low power supply voltage operation, 100-year data retention, extremely low active and standby currents and low cost. Microchip’s AT21CS family of single-wire, two-pin serial EEPROMs are tiny—but mighty—devices that incorporate an innovative memory archi-tecture, best-in-class power consumption and value-added features for use in applications such as consumables, cables, batteries, wearables and Internet of Things applications.

As the second member of this family of single-wire serial EEPROMs, the AT21CS11 is ideal for identifying and authenti-cating remote items, such as printer cartridges or cables, where

AT21CS11 Offers Extended Voltage Range to Accommodate Lithium-Ion Battery Applications

(continued on page 8)

NEW PRODUCTS

8

where larger three-, five- or eight-wire solutions are impractical. This single-wire option allows you to add EEPROM intelligence to remote devices over the simplest connection possible.

When the EEPROM is located in a detachable cable or cartridge, manufacturers can create attachments that can be easily identi-fied or authenticated. The device has 1 Kbit of EEPROM memory (four sectors of 256 bits each), a unique, factory-programmed 64-bit serial number and 128 bits for extra user-programmable tracking memory. The extra memory allows you to add unique identification and operating parameters, such as consumption and usage information, in locations that can be remote from the main electronics.

The AT21CS11 is available in a variety of space-saving package options and can be ordered today from microchipDIRECT or

from Microchip’s worldwide distribution network. An easy-to-use and interactive kit, the AT21CS01/AT21CS11 Single-Wire Evaluation Kit (DM160232), will also be available soon to help you get started with using this new serial EEPROM in your next project.

Want More Information?Visit the website at:

www.microchip.com/AT21CS11

EVENTS

9

Get Ready for Las Vegas!Meet with Microchip Experts and Learn About Our Latest Innovations at CES® 2018

Microchip invites you to join us at CES 2018 to see our latest product and technology demonstrations and meet with our product experts to discuss your design challenges. You will find us in Booth MP26070 at the Las Vegas Convention Center South Hall 2, where we will feature the following technology zones:

Security Find out how we make “difficult” easy with our advanced solutions for implementing hardware-based security in cloud-connected embedded systems. See demonstrations of how our CryptoAuthentication™ devices combine with solutions from AWS IoT, Google IoT Core, Microsoft® Azure and Afero to protect and isolate private keys, support secure boot and protect IP.

Automotive SolutionsWe will be showcasing a broad spectrum of solutions for applications such as ADAS, cybersecurity, HMI, connected car, infotainment and networking. Products areas will include USB connectivity and charging, automotive touch (buttons, sliders, touch screens and gesturing), MOST® technology, Ethernet, security ICs and LED lighting.

Touch and Gesture We will show you how to simplify and speed up your development of attractive and intuitive user interfaces using touch and gesture control. Our solutions include water-tolerant touch and the latest technologies for implementing touch screens, 3D gestures and force sensing with haptic feedback in automotive applications.

Power and Connectivity Solutions Discover our latest innovations in the area of power and connectivity solutions, including USB Type-C™ and USB Power Delivery, robust Ethernet connectivity, and wireless charging including support for the 15 Qi standard and a proprietary 200W reference design. We will also demonstrate the technology needed to drive an induction cooktop, and our Energy Estimation Engine demonstrations will display the power/energy consumption of Windows® 10 software programs and Linux® operating systems.

Health and Fitness We can show you how to cost-effectively utilize our technologies so that you have the flexibility to design the health and fitness solutions necessary for the digital health revolution. Stop by to see demonstrations of connected solutions for wearable remote patient monitoring, drug delivery and fitness.

It’s easy to schedule an appointment for a product demonstration at our booth using our online CES reservation system. We also invite you to be our guest at CES by registering for a complimentary attendee pass. We look forward to seeing you in Las Vegas!

10

(continued on page 11)

Accelerate Your Touch Design

DESIGN CORNER

Microchip’s Code Configurators Speed the Development of Touch User Interfaces

From your customer’s perspective, the user interface is the product. In today’s competitive environment, providing modern, attractive and intuitive user interfaces is essen-

tial for product differentiation. A well-designed, touch-enabled user interface can be one of the keys to success when it comes to launching a new product into the market. Incorporating a capacitive touch interface in your design also eliminates the need to use mechanical buttons and springs, which simplifies your layout and reduces costs. In the race to get to market quickly and cost effectively, you need to get up to speed rapidly with the latest touch technologies.

Even though developing capacitive touch applications may sound challenging, it doesn’t have to be hard. When you choose our PIC®, AVR® or SAM microcontrollers (MCUs), we provide a complete set of tools and touch libraries that enable touch sensing in your design. Our “MCUs with touch” are devices that feature dedicated Core Independent Peripherals (CIPs) to implement touch applications with minimal intervention from the CPU. Look for MCUs that include these features:

• A Hardware Capacitive Voltage Divider (HCVD) module• An Analog-to Digital Converter with Computation (ADC2)

with HCVD module• A Peripheral Touch Controller (PTC)

These on-chip touch modules can be used to enable the highest sensitivity, the lowest power consumption, superior noise immunity and water tolerance in your design.

To help you get a head start with your development, Microchip offers two free, graphical programming environments that support almost every MCU in our extensive port-folios. If you select an 8-, 16- or 32-bit PIC MCU, MPLAB® Code Configurator (MCC) is integrated into the cloud-based MPLAB Xpress Integrated Development Environment (IDE) or it is also available as a free plug-in for MPLAB X IDE. If you are using an AVR or SAM MCU in your design, then you can use the easily accessible Atmel START.

After a recent upgrade in features, Atmel START now supports more MCU families including the following devices that feature a PTC, making them well suited for use in touch-enabled designs:

• All tinyAVR® and megaAVR® MCUs• SAM D10/D11 MCUs • SAM D20/D21 MCUs • SAM DA1 MCUs • SAM D51/E51/E53/E54

Both code configurators make it easy to select and configure peripherals and functions specific to your application and gen-erate production-ready code. You always have access to the latest libraries. MCC and Atmel START offer capabilities that go way beyond the basic setup of clocks and GPIO configuration.

DESIGN CORNER

11

In addition to their many features, they also support capacitive touch sensing, making them the best tools to successfully develop your touch-based projects with minimal effort and in the shortest amount of time.

It is simple to add buttons, sliders, wheels or proximity detection to any application. These code configurator tools generate lean code that is tailored to meet the requirements of your touch design and to use the MCU’s resources as efficiently as possi-ble. They also provide easy access to the Microchip mTouch® Library for PIC MCUs and the QTouch® Library for AVR and SAM MCUs, which are optimized for touch performance and code size. In addition to offering slider and wheel decoding right out of the box, these libraries make it easy to implement water-tolerant touch for designs that are exposed to rain or other sources of moisture. They will help you develop low-pow-er wake-on-touch applications that consume less than 5 µA. They also offer noise avoidance technologies like frequency

hopping to provide robust touch sensing that surpasses more than 10V conducted immunity.

Once you have completed your AVR or SAM MCU-based project configuration within Atmel START, you can continue finalizing your development using Atmel Studio 7 or IAR as your IDE of choice. To tune and complete your design, use the Data Visualizer, a powerful tool that allows you to process and visualize all relevant touch data. A step-by-step guide, com-plete user guide, sample projects and more are available from Microchip’s Developer Help website.

Ready to get started? Visit our Touch and Gesture Design Center to learn more about how we can help you drive your next user interface design into the winner’s circle.

12

(continued on page 13)

Securing the Edge

DESIGN CORNER

A Design Imperative for the Era of the Internet of ThingsContributed by Sequitur Labs

Many large enterprises are focusing their IT investments on developing, deploying and maintaining cloud services. Developers are now being trained in the

latest cloud-related technologies and services. As practices have matured, developers have created new ways of writing applications to make use of the cloud.

Over the past few years, microservices—functions that operate independently to complete a single task—have become popular among cloud developers. One of their key benefits is their ability to be changed and updated independently from other services that are running concurrently on the platform. This model fits in well with the continuous delivery practices adopted by many cloud developers. Another growing trend is the use of contain-ers, which enable the delivery of services along with the exact environment they require for deployment on servers or in virtual machines (VMs). Docker pioneered the use of containers and continues to set standards and lead the market in practices related to their use.

IoT Challenges for Cloud DevelopersThe Internet of Things, or IoT, has been in the news for both the dramatic transformation it promises and for the perils and implementation challenges associated with it. The IoT compris-es a network of connected devices that includes sensors, inter-mediate devices known as edge gateways (or simply gateways) and a slew of cloud services. The cloud ingests and analyzes

data generated by IoT devices, allowing new insights from, as well as control of, remotely deployed assets.

Cloud-connected devices however present a different challenge than traditional PC platforms have in the past. Developing code to run on embedded devices requires knowledge of both hard-ware and software. The resource limitations of many of these devices further compounds the difficulties. Embedded devices are often required to run with very limited power budgets, have CPU cores with limited compute capability and are typically optimized for specific workloads. This means that developers must develop and maintain separate code for resource-limited devices and for the cloud. Given the vast investment companies are making in cloud technologies, the ability to deploy contain-ers and microservices to these edge devices holds tremendous appeal and value.

Addressing the need to bring the power of cloud intelligence to mobile and IoT devices, Microsoft® has implemented an intel-ligent edge initiative called Azure IoT Edge. It enables Docker containers and microservices to be deployed on IoT edge gateways and other devices. This greatly simplifies the devel-oper’s task, as code can be created once for the cloud and then be easily pushed to remote edge gateways. It increases design agility while reducing the time to market and the costs associated with maintaining two different code bases. However, this capability also introduces the essential need for security at the edge.

DESIGN CORNER

13

Securing the EdgeHow should a device maker go about securing edge devices such as gateways? Gateways function as access points between sensors and cloud services. As such, they perform the vital function of connecting to and aggregating data from sensors and transmitting that data to cloud services for analysis and further operations. Gateways may also act as device man-agement nodes performing a variety of command and control functions over associated sensors. All these operations must be performed securely. Sensors associated with the gateway must be authenticated, data received from it must be encrypted and the gateway must authenticate itself to a cloud service prior to transmitting any data. Additionally, software applications on the gateway and the device’s firmware itself must be periodically updated. These functions, if not properly secured, are vulnerable to malware or denial of service and man-in-the-middle attacks.

The standard requirements for securing these devices are:

• Secure boot: The device must implement a secure boot process all the way up from the hardware to the OS.

• Isolation of critical processes: Security-critical processes, data and functions should be isolated and unreachable without proper credentials.

• Immutable ID: A unique device ID that cannot be corrupted is essential in many operations that take place during a device’s lifecycle.

• Secure storage: This is not limited to data coming out of sensors. It also includes sensitive material such as keys and certificates, which should be isolated and stored separately. Encrypting data is not just good practice. It is essential.

• Secure peripherals: Sometimes peripherals perform security- critical functions (e.g. biometric readers). These peripherals should only be configured to run, or be accessible to an application, in a secure state.

• Secure update: Certificates and keys should be used to execute firmware and application updates to assure trust-worthiness throughout the device’s lifecycle.

The right combination of hardware and software is required to implement these security measures. First, it is critical to choose the appropriate hardware platform. Device makers typically select a hardware platform that meets their design’s functional and power consumption requirements. However, security should be a primary criterion as well. The SAMA5D2 ARM® Cortex®-A5 based microprocessor (MPU) from Microchip provides several innovative security features including tamper resistance, secure RAM, secure fuses, True Random Number Generator (TRNG) and support for a variety of cryptographic algorithms.

To ensure that implementing security is as seamless as possible, it is important to make these features easy to use. This can be

achieved with a system that combines Azure IoT Edge, the IoT Security Suite by Sequitur Labs and the SAMA5D2 MPU. Click on the video screenshot below to see a demonstration of Docker containers and microservices running on a SAMA5D2 MPU-based gateway that is connected to a SAM E54 microcontroller- based leaf node. The system controls a simple door lock that opens and shuts upon receiving a command from the gateway.

This demonstration illustrates:

• Secure container provisioning to a SAMA5D2 MPU-based gateway

• Edge node attestation• Container integrity checking and remediation• Hardware crypto operations• Certificate and key management in secured key store

The IoT Security Suite is preconfigured to establish the secure enclave and make use of the SAMA5D2 MPU’s hardware- based security components. The secure domain implements Sequitur’s trusted execution environment, CoreTEE™, on the gateway. CoreTEE provides a programmable, isolated envi-ronment for executing security-critical functions and storing sensitive data such as keys and certificates. The solution also includes Sequitur’s CoreLockr™, a software middleware layer comprising easy-to-use APIs for developers to access services and peripherals isolated by CoreTEE.

The demonstration uses the SAMA5D2 MPU’s Integrity Check Monitor (ICM) to monitor the integrity of the OS hosting the Docker container by responding to and remediating a mali-cious code injection into the kernel. In this scenario, the mali-cious code injection invokes the ICM, causing an interrupt in the secure enclave that is detected by CoreTEE. CoreTEE solves the security breach by rolling the kernel back to a known and trusted image. A second scenario demonstrates how to use hardware security to authenticate the leaf node using an

(continued on page 14)

DESIGN CORNER

14

ARM TrustZone®-based secure enclave on the SAMA5D2 MPU and the hardware crypto engine on the SAM E54 microcontroller.

Given the magnitude of the risks and challenges, it is clear that the practice of layering on security used during the PC era will not be adequate to address the security requirements of the IoT era. The key to securing the IoT is a combination of a hardware device with advanced security technologies and trusted soft-ware that is designed make it easy for developers to implement

these technologies in their new designs. Microchip and Sequitur Labs are committed to advancing new security solutions for use in IoT and other embedded devices. For more information, visit www.microchip.com/SAMA5D2.

Cryptography Code Protection Physical Attacks Protection Secure Key Store

• Hardware acceleration for 3DES/AES

• Software library for RSA, Elliptic Curves (ACSL)

• High-quality True Random Number Generator (TRNG)

• Hashing up to SHA512• Protection against side

channels

• ARM® TrustZone® and MMU• On-the-fly DDR/QSPI

encryption – AES128• Scrambling of internal and

external memories• Integrity check monitor• Secure debug modes• Secure bootloader (public

and private key)

• Battery backed-up secure area• Tamper pins – dynamic and

static• Voltage, frequency and

temperature monitors• Die shield• JTAG monitoring• Secure packaging

• Battery backed-up secure SRAM with erasure upon security event

• Battery backed-up secure register for master key

• 544 fuses for customer use• ARM TrustZone protected

storage

Table 1: SAMA5D2 Hardware Security Capabilities

The Microchip name and logo and the Microchip logo are registered trademarks of Microchip Technology Incorporated in the U.S.A. and other countries.All other trademarks are the property of their registered owners. © 2017 Microchip Technology Inc. All rights reserved. 11/17DS00002362C

www.microchipDIRECT.com

Save Time in Your Purchasing Process Deal Directly with the Manufacturer for All of Your Low- and High-Volume Production Needs

How We Can Help You:

• Fast and easy access to all of your purchasing needs with our Business Dashboard• Schedule your orders and drop ship to multiple addresses worldwide• Add your custom code to a microcontroller or memory device• Dedicated customer support team, including live chat • Volume pricing available • And many more features...

15

(continued on page 16)

Debugging on the IoT

DESIGN CORNER

Capture, Visualize and Control Analog and Digital Signals with Portable, Connected and Open-Source OpenScope MZ Contributed by Digilent, Inc.

In the world of embedded systems, designers are constantly engineering around the unseen. Traditional laboratories provide the necessary tools to debug designs and charac-

terize signals, but these are often out of reach for use in the field: locked to a benchtop, stuck in a lab or just too heavy to carry around. To meet this need, there has been a surge in the availability of portable oscilloscopes, logic analyzers and other tools that can be powered by a laptop computer. However, even these options have their limitations. Applications like robotics and field-deployed Internet of Things (IoT) devices require a different type of solution. For them, bulky benchtop-based equipment and portable instrumentation tethered to a computer can’t be the only options.

To meet this challenge, Digilent released the OpenScope MZ, a portable Wi-Fi® connected instrumentation device featuring a powerful 32-bit PIC32MZ microcontroller (MCU).

An IoT-Ready Instrumentation SolutionThe OpenScope MZ was designed to be an oscilloscope, logic analyzer, power supply, waveform generator, Bode plot, FFT plot and a simple data logger. When combined with WaveForms Live (WFL), Digilent’s powerful and intuitive browser and mobile instrumentation software, the OpenScope MZ delivers its amazing instrumentation capabilities right to your phone, tablet or computer.

The OpenScope MZ was not only designed to be a wireless instrumentation solution, but it was also developed to be as open source as possible. This not only enables designers to modify the hardware and/or the user interface, it also allows users to “peek under the hood” as a teaching or learning oppor-tunity. Nearly every peripheral of the PIC32MZ is used, and you can examine the source code and driver to learn how to

DESIGN CORNER

16

maximize peripheral performance. Visit the Digilent wiki to find out more about the design of the OpenScope MZ.

While the multi-functionality of the OpenScope MZ is impressive, the firmware is really an engineering feat. The OpenScope MZ firmware takes advantage of almost all of the extensive resourc-es available on the PIC32MZ MCU. The MCU’s many peripher-als, serial communications ports and other features enable a number of functions that require virtually no intervention from the CPU. Some of these functions include:

• Oscilloscope implemented with two interleaved dedicated ADCs with DMA• Interleaving/time base controlled by timer peripherals• DMA controller creates a continuous sampling buffer

during acquisition• Dedicated sample and holds for four dedicated ADCs• ADC threshold detection hardware used to implement

analog trigger level• Arbitrary waveform generator implemented with DMA

controller and I/Os• R2R ladder used to implement high-speed DAC via

high-current digital I/Os • Timers trigger the DMA controller which moves the data

stored in a waveform table onto the GPIOs• Logic analyzer implemented with the DMA controller and I/Os

• Timers trigger the DMA controller to move the I/O state into buffer RAM

• Power supply output implemented with hardware PWMs and ADC channels for calibration

• Wi-Fi radio provides connectivity; MCU runs TCP/IP stack to access it via SPI

Why a PIC32MZ MCU? When asked why the PIC32MZ processor was the chosen for the OpenScope MZ, Digilent’s Lead Engineer, Keith Vogel, said, “The PIC32MZ has a rich peripheral set to offload ADC acquisition, logic analyzer acquisition, function generation and DC power sources into the hardware, freeing the CPU to service the USB and Wi-Fi network stack, SD™ card and Waveforms Live communications. With its six high-speed 12-bit ADCs,

eight DMAs, nine timers and nine PWMs, the PIC32MZ is ideal for the OpenScope MZ application.”

An in-depth design review of the OpenScope MZ was offered as one of the sessions at Microchip’s 2017 MASTERs Conference in Phoenix, Arizona. A video of this three-hour class is available for you to view on Digilent’s YouTube channel.

The PIC32MZ combines with the OpenScope’s peripherals, firmware and software to deliver an impressive list of features:

• Connectivity• Wi-Fi (802.11g) via Microchip’s MRF24WG0MA module• USB 2.0 (high speed required)

• Oscilloscope• Two channels• 12-bit resolution per channel• 6.25 MS/s sample rate• Flat bandwidth up to 1 MHz at ±0.5 dB• 2 MHz of bandwidth at -3 dB• 1 MΩ of input impedance• ±20V input voltage range• Maximum buffer size of 32640 samples per channel

• Arbitrary Waveform Generator• Sine, triangle, sawtooth, square and DC outputs• 10-bit resolution• 1 Hz to 1 MHz frequency• 3V pk2pk output with ±1.5 V offset• 10 mA output current• 25000 sample buffer size

• Logic Analyzer and GPIO• 10 channels multiplexed between the logic analyzer and

as GPIO• 3.3V CMOS logic for both the logic analyzer and GPIO• 7 mA source and 12 mA sink when used as GPIO• Logic analyzer has a sample rate of 10 MS/s• Maximum buffer size of 32640 samples per channel for

the logic analyzer• Power Supply

• Two channels• ±4V output voltage• 50 mA per channel

• Other Features• Two external triggers• micro USB connector for power and programming

over FTDI• microSD™ slot for external storage• Four user LEDs for programming and reset buttons

(continued on page 17)

DESIGN CORNER

17

Getting StartedThe OpenScope MZ costs just $89 and can be ordered from microchipDIRECT or directly from Digilent. While you are waiting for your OpenScope MZ to arrive, you can go to www.waveformslive.com and test out the user interface in demo mode.

Once your OpenScope MZ arrives, you can get it up and running with just a few simple steps:

• Download and install the Digilent Agent• Head over to www.waveformslive.com and connect your

OpenScope MZ• Start taking measurements

We recommend that you use our online Getting Started Guide or check out the Digilent GitHub for more information on the design of the OpenScope MZ.

The OpenScope MZ is an impressive piece of hardware, firmware and software that takes full advantage of the capable PIC32MZ processor. Whether you need portable instrumenta-tion for a project, want to use it in your own field-deployable IoT device, or just want to try out something new and innovative, we think you’ll find that the OpenScope MZ is a great addition to your workbench.

18

(continued on page 19)

On the Cutting Edge of Learning

DESIGN CORNER

LoRaWAN Academy Offering University-Level Curriculum is Launched by Leading IoT Solutions Providers

LoRaWAN™ is an open specification derived from Semtech’s LoRa® devices and wireless radio frequency technology (LoRa Technology) that has quickly become

the leading Low-Power Wide-Area Network (LPWAN) technol-ogy for use in wireless Internet of Things (IoT) networks around the globe. Companies are implementing LoRa Technology and the LoRaWAN protocol in their IoT applications to take advan-tage of a number of significant benefits that include long-range connectivity, low cost of implementation, global interoperability and low power consumption for battery-powered devices.

As the IoT continues to boom, a new generation of engineers will need to be trained on the technologies that will enable the development of smart solutions to solve some of the world’s toughest challenges. That’s why several leading IoT technology companies recently launched the LoRaWAN Academy, an all-encompassing, hands-on curriculum that enables university students to learn about the LoRaWAN specification and the ecosystem that is rapidly developing around it. The LoRaWAN Academy program provides an online course library, as well as LoRaWAN network packages and an IoT network infrastructure for hands-on training and design.

The mission of the LoRaWAN Academy is to:

• Equip universities with out-of-the-box, state-of-the-art LoRaWAN networks

• Educate the next generation of hardware and software engineers and computer scientists to imagine, develop and operate real-world IoT applications

• Advance LoRaWAN standard-based IoT research and involve top university scholars in real-world problem solving using cutting-edge technology

Universities can easily implement LoRaWAN Academy curriculum into existing engineering and computer science courses, giving students valuable lessons and training for the real world. Appropriate for beginner to intermediate-level engineer-ing students, the 10-week program is self-paced and offered on a rolling basis, with no formal program start dates. Each week’s curriculum includes 4-8 hours of video lectures, supplemental reading and materials, as well as problem sets, assignments and quizzes to benchmark learning. The program culminates with a hands-on applied research project for students to build real-world IoT applications.

The sponsoring organizations of the LoRaWAN Academy include Kerlink, LoRa Alliance™, Microchip Technology, myDevices, Semtech Corporation and The Things Network. These companies, with the support of the LoRa Alliance, have successfully deployed LoRaWAN solutions to enable

DESIGN CORNER

19

cutting-edge IoT applications and will collaboratively contribute to curriculum development, hardware and software, IoT network infrastructure, expert training and ongoing support for the LoRaWAN Academy.

The LoRaWAN Academy is currently supporting universities located in the USA, Europe and India, but has aggressive roll-out

plans for other regions. Engineering professors or department chairs who are interested in adding the LoRaWAN Academy to their existing engineering courses or wireless IoT programs should visit the Apply Now page on the website to review the criteria for admission and submit an online application.

Students who participate in the LoRaWAN Academy will have the opportunity to learn fundamental skills that they can carry with them into the workforce. They may well be on the forefront of developing innovative solutions for the IoT and other smart applications that have yet to be imagined. To learn more about this exciting program, visit www.LoRaWANacademy.com.

LoRa is a registered trademark or service mark, and LoRaWAN is a trademark or service mark, of Semtech Corporation or its affiliates.

20

Get Launched Hits the Road!

MAKER SPACE

Inspiring Innovation from Midtown Manhattan to the Shore of Lake Michigan

This fall, Microchip brought its exciting “Get Launched” events to New York City and Chicago. This new program for aspiring inventors and early-stage start-up companies

provides them with a number of helpful resources, valuable net-working opportunities and essential information they need to help bring their products from prototype to reality. A distinctive of the “Get Launched” program is that it leverages Microchip’s cross-industry partnerships to enable attendees to meet with local Microchip Design Partners and representatives from other companies. These companies offer a range of busi-ness resources like product review, design for manufacturing, low-volume contract manufacturing and even connections to potential investors.

Attendees of “Get Launched” events can also attend informative workshops on a variety of topics. In September, the New York City program featured a “Prototyping with Sensors” workshop that showed how easy it is to develop an embedded sensor node prototype using the cloud-based MPLAB® Xpress IDE. A “Hands-on with PlatformIO” class focused on using the popular

Arduino® platform for development and debugging. The hardware that was used in the hands-on workshops was offered to attendees at a steep discount, or in some instances it was even provided

free of charge. Attendees could then take this hardware—and the knowledge they had gained—home with them to begin developing their own projects.

In October, “Get Launched” was held at mHUB Chicago, a world-class incubator space that offers a state-of-the-art hardware prototyping floor. This event fea-tured several partner companies, including Sigfox and Arrow, who were able to meet with makers and entrepreneurs from the greater Chicago area. It also included a hands-on workshop titled, “Build a Smarter Security IoT System Complete with User Portal in Two Hours,” where attendees were able to work with our IoT Ethernet Monitoring Kit powered by Medium One.

In 2017, our highly successful “Get Launched” series of events started out in sunny Santa Barbara and ended in metropolitan Chicago. We currently have events in Silicon Valley, Boston, Berlin and Marseille on our roadmap for 2018. We hope to meet many of you during our upcoming travels. Visit our Get Launched website or email us at GetLaunched@microchip.com for the latest information on future events that may be coming to your area.

COlORING PAGE

The Microchip name and logo and the Microchip logo are registered trademarks of Microchip Technology Incorporated in the U.S.A. and other countries. All other trademarks are the property of their registered owners. © 2017 Microchip Technology Inc. All rights reserved. 11/17DS00002581A

www.microchip.com/AWSECC508

Boost Your IoT SecurityZero Touch Provisioning for AWS IoT

Securing data comes with challenges, but the main challenge is providing a secure authentication and securely handling private keys in a production environment. This has led cloud providers to push towards hardware-based security, obtain strong device identity to avoid spoofing and protect against unauthorized firmware updates and proliferation.

Microchip’s pre-configured ATECC508MAHAW meets these challenges by leveraging AWS IoT Just-In-Time Registration (JITR). JITR combined with the mutual authentication handshake enables bulk certificate uploading once a system is deployed.

Key Features• Eliminate private keys manipulation from software, users and manufacturers • Provide secure mutual authentication and unique trusted identity • Leverage AWS IoT and JITR for bulk certificate uploading

Zero Touch Secure Provisioning Kit(AT88CKECC-AWS-XSTK-B)