ETNdigi 1/2019

Page 1

7 tips for better power integrity measurements

1/2019 Embedded World broke the records

LTE NB-1 and M-1

ECF: TinyML puts AI on microcontrollers

IoT is ready for cellular

Build or buy Modular vs Integrated Cyber security is getting tighter Get secured at the chip level Server performance for harsh environments

IOT TO THE CLOUD Just plug-and-play GO MULTICORE STM32 meets Linux








Cyber-security legislation is tightening

Are you ready?

Secure IoT from Chip to Cloud

Page 2

ETNdigi - 1/2019

ETN started providing high tech news and technical articles in Finnish in 2013. From the start we realised that you cannot limit yourself on terms like electronics, telecommunications or programming. Or embedded for that matter. There are no clear limits between hardware and software or devices and networks. In a way it´s all embedded. For the designer of embedded devices this poses huge challenges. Users need to be connected 24/7, have their data available in realtime and always secured. The IoT challenge is not about connecting devices to the network. There are plenty of available technologies for this and companies just need to pick the one that fits their needs and applications. The next opportunity comes with artificial intelligence and machine learning. It is already clear that in not so distant future even the smaller devices based on tiny microcontrollers will be making decisions based on learning. This will make a huge impact on our lives.

ETNdigi editor-in-chief Veijo Ojanperä +358-407072530 Advertising sales Anne-Charlotte Sparrvik +46-734171099 Advertising prices: ETNdigi is a digital magazine concentrting on IoT and embedded technology. It is published 2-3 times a year.

ETN started organising the Embedded Conference Finland in 2017. In May 2019 we organised the show for the 3rd time. It has secured its place as the professional, independent conference for embedded technology in Finland. See you in ECF20! Cheers, Veijo Ojanperä editor-in-chief, ETN

ETNdigi - 1/2019

ETN is a high tech news site with coverage on electronics, telecommunications, nano technology and new applications. On you can also find our indepth technical articles that are supplied by our cooperation companies in electronics. ETN organises the only professional, independent embedded trade show in Finland every year. You can find more info about the event on thr web at The easiest way to be involved is to subscribe to our daily news letter at osoitteessa

Page 3

Embedded Conference Finland will be organised for the 4th time in May 2020. In May 2019 we had more than 250 attendees enjoying a very strong technical program. You can find the ECF19 presentations on the event website at The keynotes and a selection of presentations can also be seen as video on the ETNtv Youtube channel. We will open the ECF20 site after the summer. We plan for a date in May. Again attending the conference will be free and the registration will open in November-December. Hope to see you all at ECF20!

For more information see To book a table top or ask for sponsor packages please contact ETN editor-in-chief Veijo Ojanperä +358-407072530 or Sales Manager Anne-Charlotte Sparrvik +46-734171099

Page 4

ETNdigi - 1/2019


6-11 NEWS Embedded World broke the records More tools for RISC-V ECF19: TinyML will make a huge impact OPINION 12 What is it that design engineers need from a distributor?

FINALLY SOME RULES 18 IoT security regulation is getting tighter

14 SERVER CLASS EMBEDDED PERFORMANCE AMD EPYC 3000 powers the conga-B7E3 module

20 BUILD OR BUY Modular vs integrated design which way to go?

SEVEN TIPS FOR BETTER POWER INTEGRITY MEASUREMENT 24 How to test the power rails of modern ICs?

28 NB-1 AND M-1 Cellular technologies for IoT MORE EFFECTIVE SECURITY 32 at the microcontroller level

34 PLUG AND PLAY FOR INDUSTRY 4.0 How to extract, analyze, filter and aggregate data the easy way

A DIFFERENT LEVEL OF CLOUD 36 The 3rd wave of cloud is serverless 40 IOT TO THE CLOUD with STMicroelectronics´ STM32 MEETS LINUX 41 Fast processing and real-time tasks on a single 32-bit chip

ETNdigi - 1/2019

Page 5


Embedded World - what a Embedded World is today without any doubt the main event in embedded technology. More than 30 thousand people gathered in Nuremberg to see the hottest and latest in embedded. Everything is connected. Data gets moved around in realtime, secured endto-end. In this race you need to run full speed just to stay in the game. Veijo Ojanperä

In its 17th year, embedded world once again impressed the global embedded community and excelled across the board. The results for visitor and exhibitor numbers and display area were outstanding: around 31,000 trade visitors (photo 1), the second best visitor total since the trade fair began, and 1,117 companies from all over the world flocked to the 8% larger display area at Exhibition Centre Nuremberg. Equally successful were the embedded world and electronic displays conferences, where some 2,000 delegates and speakers from 46 countries enjoyed a top-class programme. Embedded World pinpointed many of the current trends in embedded design. MESH networking and artificial intelligence have moved from a stage of hype to reality. For example congatec, Basler and NXP Semiconductors showed a working Retail Deep Learning Application at their respective booths. The platform is a proofof-concept utilizing Artificial Intelligence (AI) to fully automate the retail checkout process. It was created by Basler supported by the close partnership with congatec and NXP. In the demo visitors were able to select what to put in their baskets, and the trained neural network then detects the products on the basis of a video stream – similar to how face recognition works – and finally the system displayed the total pricing. Systems like this open new perspective for retail applications: It makes it easy to add new

Page 6

products to the sales portfolio as products can easily be added to a trained neural network. Retail stores benefit from less labor costs as well as significantly improved customer experience through instant checkouts, minimized queues and 100% checkout capacity at all times, even when the shop is opened 24/7. Another clear trend is the use of low cost maker boards in professional designs. As an example Farnell showed the Avnet SmartEdge Industrial IoT Gateway powered by Raspberry Pi. The Avnet SmartEdge Industrial IoT Gateway enables seamless

and secure connectivity to the cloud through Avnet’s IoT Connect platform running on Microsoft Azure, and is ideal for developing industrial automation applications such as, remote monitoring, predictive maintenance, process control and automation. Farnell also showed the new Arduino Pro Gateway kit connects seamlessly with Arduino’s MKR WAN 1300 development board, allowing existing Arduino users to design and prototype long-range, lowpower IoT devices in a familiar Arduino environment without changing platforms.

ETNdigi - 1/2019

MESH Almost perfect, except.. Nuremberg is in many ways a great city for hosting Embedded World. It is big enough, so you can find decent accommodation, and it has a good selection of restaurants for networking in the evening. It is also small enough - getting to the fair grounds is conveniant and the U-bahn functions as a German system should. So why should anyone complain? Well, the exhibition halls are a bit confusing. A bit like Fira in Barcelona. Getting from point A to B might easily take too long. You end up running between meetings which means that you cannot stop for anything interesting on your way. I also wish Messe Nßrnberg would set up a better wifi that actually connects all over the halls. And some tables or desks for those who wish to sit down and write about the new MESH technology they just heard about. FIx these things and you´re perfect.

Pics: Nuremberg Messe

ETNdigi - 1/2019

Page 7


CENTRALIZED MANAGEMENT FOR IOT DEVICES Digi International has instroduced the Digi Remote Manager (DRM), a secure platform to monitor and control distributed IoT devices. DRM provides network operators, engineers and administrators all the capabilities necessary to monitor, upgrade and control connected hardware for IoT solutions running on LTE cellular networks, while also providing the freedom and flexibility to integrate with additional network management and productivity tools. Read more about DRM at Digi website.

IAR takes RISC-V to the next level RISC-V is gaining attraction quickly. IAR Embedded Workbench support for the architecture is a clear sign of this.

CYPRESS ADDS INTEGRATED SECURITY Cypress Semiconductor has announced a new line of its PSoC 6 microcontrollers (MCUs) designed to give Internet of Things (IoT) designers confidence in the security of their applications. PSoC 64 Secure MCUs are one of the first Arm Cortex-M processors to be certified as Level 1 compliant within the Arm Platform Security Architecture (PSA) certification scheme, PSA Certified, utilizing a secure Trusted Firmware-M implementation integrated into the Arm Mbed OS opensource embedded operating system. Read more from Cypress.

EMBEDDED LINUX FROM SIEMENS Siemens PLM Software today announced a new enterprise Mentor Embedded Linux (MEL) solution that provides electronics manufacturers secure, scalable and configurable distributions for industrial, medical, aerospace and defense applications. The solution is based on Debian, a broadly utilized, enterprise-class Linux OS. Read more at

THE SMALLEST SUB-GHZ RADIO Microchip Technology has announced the industry’s smallest IEEE 802.15.4-compliant module that combines an ultra-low-power microcontroller (MCU) with a sub-GHz radio. At half the size of the next smallest module on the market, the SAM R30 module meets the needs of space-conscious designs such as home automation sensors and controls. Read more at

Page 8

IAR Systems takes RISC-V to the next level with launch of professional development tools with leading performance and ensured code quality. The Swedish embedded tool company announced the immediate availability of the leading C/C++ compiler and debugger toolchain IAR Embedded Workbench with support for RISC-V cores. Through excellent optimization technology, IAR Embedded Workbench helps developers ensure the application fits the required needs and optimize the utilization of on-board memory. This also enables companies to aggregate value by adding functionality to an existing platform. Internal tests show that the first version of the IAR C/C++ Compiler for RISC-V already delivers major improvements in code density, generating code that is considerably smaller compared to code generated by other available tools. To ensure code quality, the toolchain includes C-STAT for integrated static code analysis. CSTAT can help prove compliance with specific standards like MISRA C:2004, MISRA C++:2008 and MISRA C:2012, as well as detect defects, bugs, and security vulnerabilities as defined by the Common Weakness Enumeration (CWE) and a subset of C/C++.

The C-SPY Debugger included with IAR Embedded Workbench gives full control of the application in real time, and its simulator provides full debugging capabilities even without access to the hardware. For incircuit debugging, IAR Systems provides the probe I-jet, delivering a high-speed debugging platform with full code control. - RISC-V is turning into an important and broad architecture and many companies are adopting the architecture in their designs, says Stefan Skarin, CEO, IAR Systems. - These companies have a lot to gain by having access to professional development tools with professional technical support. As a commercial tools vendor, we have a unique position in the RISC-V ecosystem by being able to provide global technical support, as well as invest in stable technology, and we are now taking RISC-V development to the next level, Skarin continues. The first version of IAR Embedded Workbench for RISC-V provides support for RV32 32-bit RISC-V cores and extensions. Future releases will include 64-bit support and support for the smaller RV32E base instruction set, as well as functional safety certification and security solutions. Learn more at

ETNdigi - 1/2019

Jetson Nano takes AI to the edge Nvidia is known for high performing graphics processors, but during the last few years the company has begun to transform into a AI company. The goal is to take machine learning to all kind of devices. Even to the edge of the network with the latest Jetson Nano board.

The Nvidia AI strategy is based in software. – Everything depends on software. We have our open CUDA based platform, where neuro networks can be fitted to any device.

The embedded products group in Europa is led by Eddie Seymour who was one of the keynote speakers in Arrow Electronics´ IoT Summit at the end of May in Helsinki. He says that in the next few years the market will be flooded with IoT devices equipped with artificial intelligence. Or AIoT, as Nvidia calls them. - The graphics processor is still our bread and butter but we´re transforming into an AI company. GPU fits well in this as it is easily accessible and programmable to perform any processing, Seymour told ETN.

The latest Jetson Nano board is a fine example of this. It is meant for 5-10 watts devices, which require a half teraFLOPs performance for running

neuro nets. So we´re not talking microcontrollers. At least not yet. Nvidia launched its first Jetson card – the TX1 – in 2016. At the same time the company also presented the 1st version of JetPack SDK. This Linux based tool set has been upgraded regularly and the latest addition was TensorRT. With it you can process TensorFlow models on Jetson hardware. With the Nsight tools Nvidia giver the same tools for AI developers on PC and the smaller, embedded devices. The designer can choose to work closer to the hardware with CUDA or C, pick the TensorRT tool or use Deepstream on higher level. With Deepstream the designer doesn´t have to be an expert on machine learning models. More info on Jetson can be found at the Nvidia website.

IoT node without a battery? Sure thing! ON Semiconductor continues to enable battery-less and maintenance-free IoT with the introduction of its RSL10 MultiSensor Platform powered solely with a solar cell. This complete solution supports the development of IoT sensors using continuous solar energy harvesting to gather and communicate data through Bluetooth Low Energy, without the need for batteries or other forms of nonrenewable energy. The powerful combination of ultra-lowpower wireless communications, small form-factor solar cell and low duty cycle sensing applications makes it possible to develop and deploy totally maintenancefree IoT sensor nodes. The RSL10 Solar Cell Multi-Sensor Platform is enabled by the RSL10 SIP, a complete System-inPackage (SiP) solution featuring the RSL10 radio, integrated antenna and all passive components.

ETNdigi - 1/2019

The platform combines the RSL10 SIP with a solar cell and a host of low power sensors from Bosch Sensortec, including the BME280 all-in-one environmental sensor (pressure, temperature, humidity) and the BMA400 ultra-low-power 3-axis accelerometer. Together, they will allow developers and manufacturers to create

complete IoT nodes that are entirely powered through renewable energy or energy harvested from the sensor’s surroundings. There are a growing number of IoT sensor applications where the duty cycle is low enough to support intermittent

communications, allowing the energy needed to support operation to be harvested using renewable sources. The energy efficiency of the RSL10 is augmented by the highly efficient power management system and the ultra-lowpower sensors implemented in the platform. Applications are expected to include smart home and building automation such as HVAC control, window/door sensors and air quality monitoring. Asset tracking including package open/close detection, shock monitoring, and temperature and humidity data logging are also possible applications. For easy development, the platform is supplied with all design files (Gerber, schematic and BoM) and customizable source code as part of a CMSIS software package.

Page 9



TinyML will change it all

The licencable IP market grew to 3.6 billion dollars last year, says IPnest. The Softbank owned Arm is still clearly the market leader with a 44.7% market share. The value of Arm IP sales was 1.61 billion dollars. EDA power house Synopsys was the 2nd largest IP vendor with sales of 629.3 million dollars. The 3rd biggest company was another EDA company as Cadence Design Systems recorded IP revenue of 188.8 million dollars in 2018. Read more at

GECKO 2 BRINGS BETTER RF PERFORMANCE Silicon Labs has introduced the next generation of its Wireless Gecko platform, Series 2, designed to make Internet of Things (IoT) products more powerful, efficient and reliable. Building on the leading RF and multiprotocol capabilities of the Wireless Gecko portfolio, Series 2 delivers the industry's most versatile and scalable IoT connectivity platform. The initial Series 2 products include small-form-factor systemon-a-chip (SoC) devices with a dedicated security core and an on-chip radio delivering 2.5X the wireless range of competing solutions. Read more at

MICROSOFT GETS THREADX BY ACQUIRING EXPRESS LOGIC The 23 years old RTOS company Express Logic, best known for the popular ThreadX RTOS, has been acquired by Microsoft. Express Logic’s ThreadX RTOS has over 6.2 billion deployments, making it one of the most deployed RTOS in the world. Even highly constrained devices (battery powered and having less than 64KB of flash memory) can use Express Logic solutions. Read more at

MEET TOSIBOX LOCK 150 Tosibox from Oulu, Finland has introduced the Lock 150, which will replace the former Lock 100 at the end of June. Lock 150 serves as a secure endpoint for remote connections. IoT devices connected to the Lock can be securely accessed over the Internet and most LAN and WAN networks through an encrypted VPN connection. Read more at Tosibox website

Page 10

- When we integrate machine learning on microcontrollers it will change our world. It will change everything just as network connections and security changed the embedded technology in early 2000. This was the message of Zach Shelby, the VP of developers at Arm to the 3rd Embedded Conference Finland attendees in May 17 in Helsinki. Usually machine learning, or ML for short is linked with GPU processors. And typically not as one GPU but rather a farm of GPUs running on servers. Accoding to Shelby the reason for this is that most ML customers operate in a cloud environment. – How to identify something in a picture, how to interprate natural language… You need huge data sets to be able to identify a large number of people. But ML doesn´t need to be like this. – We can do many great things with sensor data that fits nicely on microcontrollers. I call this TinyML. We can indentify sounds or speech on a microcontroller, since voice comes out as a image through the spectrogram and ML algorithms are very good at identifying image patterns, Shelby described. Shelby says, that speech recognition only requires 70 kilobytes of memory and with this the controller can process 10 interferences in one second. – If you want to know the answer to a

question of yes or no, the microcontroller is perfectly adequate. This is what Siri from Apple and Alexa from Amaxon are based on, he pointed out. There is however a more important reason for the emergence of ML into tiny embedded devices: the ratio of power consumption and the amount of data to be processed. – The Moore´s law has made microcontrollers more powerful for 60 years. This has lead us to the point where processing more data does not really use more energy. When the controller wakes up it has enough performance to process our sensor data. At the same time the radio does not follow Moore´s law. Sending bits throught the air uses more and more power. – At some point it will become more power efficient to process the data locally. And this will drive ML into everything in embedded technology. One driver are the limitations of LPWAN radio technologies. - At some 100-150 kilobits per second we hit a limit. Bluetooth, WiFi and cellurar technologies consume too much power. I believe that machine learning will be generally used in embedded devices in 5 years time, Shelby said. Zach Shelbys ECF19 keynote: TinyML - The 3rd Wave of Embedded Compute. The keynote video can be seen on the ECF Youtube channel.

ETNdigi - 1/2019

Arduino SIM sends your IoT data to the cloud The new Arduino SIM offers the simplest path to cellular IoT device development in an environment familiar to millions. The cellular service, provided by Arm Pelion Connectivity Management, has a global roaming profile; meaning a single Arduino SIM can be used in over 100 countries worldwide with one simple data plan. At launch, the Arduino SIM will allow users to send data into the Arduino IoT Cloud, while later in the year they will also be able to use the Arduino SIM to connect to the Internet via a combination of webhooks and APIs.

Arduino SIM is initially rolling out with support for the Arduino MKR GSM 1400 (3G with 2G fallback) – a 32-bit Arduino board supporting TLS and X.509 certificate-based authentication through an onboard secure element and crypto-accelerator. Arduino IoT Cloud makes it possible for anyone to connect to these boards securely without any coding required, but they are still programmable using open-source libraries and the traditional Arduino IDE. More info on Arduino SIM, including data plan pricing can be found at the Arduino webstore.

Industry leading AI chip starts sampling The Israeli AI chipmaker Hailo has released the Hailo-8, which the company claims is the world’s top performing deep learning processor. Hailo is now sampling its breakthrough chip with select partners across multiple industries, with a focus on automotive. The chip is built with an innovative architecture that enables edge devices to run sophisticated deep learning applications that could previously run only on the cloud. Key disadvantages exist in the current architecture of the embedded processing infrastructure, designed based on a 70-year-old underlying structure. Hailo addresses these issues with its holistic solution, which completely rethinks the existing pillars of computer architecture – memory, control, and compute – and incorporates a key, comprehensive Software

ETNdigi - 1/2019

Development Kit (SDK) codeveloped with the hardware. Hailo-8 processes up to 26 tera operations per second (TOPS) and significantly outperforms all other edge processors by a considerable order of magnitude – all at a size smaller than a penny, including the required memory. By designing an architecture that relies on the core properties of neural networks, edge devices can now run deep learning applications at full scale more efficiently, effectively, and sustainably than traditional solutions, while significantly lowering costs. See more at

OPEN SOURCE IOT NODE FROM FINLAND Ruuvi Innovations has introduced a highly robust, maintenance-free, 100 per cent opensource node solution that combines a Nordic Semiconductor nRF9160 System-in-Package (SiP) cellular IoT module and an ultra-low power Nordic nRF52840 multi-protocol Bluetooth System-on-Chip. Ruuvi says the Ruuvi Node is maintenance-free and will include an embedded solar panel to support energy harvesting. Read more at

TOSHIBA BRINGS UFS STORAGE TO AUTOMOTIVE Toshiba has begun sampling a new Automotive JEDEC UFS Version 2.1 embedded memory solutions utilizing 3D flash memory. The new products are embedded flash memory devices that integrate the company’s BiCS FLASH™ 3D flash memory and a controller in a single package. The sequential read and write performance are improved by approximately 6 percent and 33 percent, respectively, over existing devices. Read more at

EMBEDDED LINUX WINS OVER FREERTOS Embedded Linux is the most popular embedded OS, according to Embedded Markets study. FreeRTOS was number 2 in a market that is still very fragmented. 22% of developers working on embedded designs named Embedded Linux as their OS platform of choice. Read more at

LINUX FOUNDATION ADDS OPEN SOURCE HARDWARE The Linux Foundation has announced its intent to form the CHIPS Alliance project to host and curate high-quality open source code relevant to the design of silicon devices. Early CHIPS Alliance backers include Esperanto Technologies, Google, SiFive and Western Digital, all committed to both open source hardware and continued momentum behind the free and open RISC-V architecture. The project will create an independent entity so companies and individuals can collaborate and contribute resources to make open source CPU chip and SoC design more accessible to the market. Read more at :

Page 11


What is it that designer engineers need of a distributor ? Rapid pace of IoT uptake highlights new challenges for distributors, writes Graham Maggs, VP of Marketing EMEA, Mouser Electronics. DESIGN ENGINEERS TODAY need more than just the parts themselves. But before we move on explain this comment further, we should reiterate that design engineers obviously do need very quick access to the latest semiconductors which they can use to differentiate their latest product. This may not be as simple as it seems. Supporting the development phase means that a distributor must hold massive stocks of a very wide number of different parts, many of which will have no ‘order history’, since they are new. Such a distributor must evaluate new parts as soon as they are released – if not earlier – with the manufacturer and put in an inventory profile for which it has no advance orders. Many volume distributors are not prepared to take this chance; most of their inventory is already held against scheduled orders, so the designer, who only needs a few pieces, will either find that the newest, most innovative parts are not on the website, or if they are, they will be on the manufacturer’s lead time. But we started with the comment that design engineers need more than just the part. In fact, they need the whole design ecosystem – devices, design tools, eval boards - and are looking to distributors to provide the knowledge base to help inspire them and to understand new trends and technologies. This has never been truer than right now, as we see the IoT influencing just about every sector – autonomous vehicles, smart cities, homes, factories and offices, metering, remote diagnostics, retail, entertainment. In many case, the ideas for IoT implementation will have sprung from people with only a limited knowledge of electronics systems. Even if the people charged with creating such new systems are well-versed in electronics theory, time-to-market pressures on new, possibly apps-based IoT products is

Page 12

severe, so development tools are essential. GOING BACK 10-15 YEARS, design engineers were supported by Applications Engineers, either employed by the device manufacturers or by distributors. However, the number of FAEs now employed by distributors is very much reduced, as costs have increased and margins shrunk. Perhaps if you are a very large customer you may still have access to an FAE, but engineers at smaller and medium sized companies will be very lucky indeed to be serviced this way. At Mouser, we have never employed design engineers. However, we do have a very strong technical marketing team who’s responsibility it is to create a wealth of design resources – articles, block diagram descriptions of generic designs and other material, all linked to a huge variety of parts – nearly one million different components – that are in stock and available for shipment on a two day turn around to the UK and most places in Europe. Let’s take an example. If you look down the Mouser website, you will see the Applications and Technologies section. This contains a wide number of technology and market sub-sections crammed full of resources. Click on the IoT section and the fist tab you´ll find is Technology which contains sections on Connectivity, Data Collection, Processors, Power and Storage, with suggestions for component choice, sensor nodes, types of processor etc, designed to facilitate and encourage creativity. TODAYS’S SEMICONDUCTORS semiconductors often come with simple eval (evaluation) boards and devkits, all the way to highly complex design tool suites. These are a vital part of the design ecosystem and must be readily available, or else the designer will not be able to complete the task in a timely way…and with shrinking profit windows

we all know how important being first to market is. Design tools are not an obvious item for distributors who focus on fulfilling large production orders to stock. Mouser – by contrast, with its focus on supporting the design engineer – is very committed to holding a very large stock of development tools… indeed by one independent reckoning, Mouser holds the widest range of devkits, available to ship on two day delivery, in the industry. In this respect, Mouser can be seen as a specialist distributor. While we offer a huge variety of components and development tools from well over 600 manufacturers, we are one of a very small number (unique?) of companies that solely focuses on the needs of the design engineer, tailoring our services and products to suit. Specifically regarding IoT, we have added a whole range of new franchises in the IoT/ embedded space – just a few highlights including the Google AIY Vision Kit a project to build an intelligent camera that can recognize objects and detect faces and emotions; Medium One which provides a framework for getting sensor data to the cloud and Crowd Supply that supports creators with the critical services they need to successfully deliver their products into the hands of their customers. It’s a new world and we’re excited to be part of it.

Graham Maggs VP Marketing EMEA, Mouser Electronics

ETNdigi - 1/2019

COM EXPRESS TYPE 7 THE SERVER-ON-MODULE conga-B7E3 - AMD EPYCâ„¢ Embedded 3000 Series - Up to 16 Cores, 32 MB Cache - 4x 10 Gigabit Ethernet KR Interface - Up to 32 PCI Express Gen. 3 Lanes - Industrial Grade Versions - Onboard NVMe SSD up to 1TB

ETNdigi - 1/2019

Page 13


Performance for harsh environments

Zeljko Loncaric, congatec

Server processors are getting more and more energy efficient. Embedded application developers use them to boost performance, which also opens up completely new application fields for them. congatec supports such OEM designs with application-ready COM Express Type 7 modules and platforms. The conga-B7E3 Server-onModule with AMD EPYC 3000 Embedded processor currently tops the embedded server class.

Fig 1: The conga-B7E3 COM Express Type 7 modules with AMD EPYC Embedded 3000 processors from congatec pack embedded server-class performance on a form factor of only 125 x 95 mm. If required, they can be provided as application-ready components with customer-specific carrier board and matching heat sink.

Page 14

The embedded computing market is demanding more computing power across many application areas: Industry 4.0 applications require synchronization of multiple machines and systems; machine vision in collaborative and cooperative robotics requires processing of image and other environmental data. The same applies to autonomous robotic and logistics vehicles. Many of the edge computing tasks that arise around the development of 5G networks require server class performance by default. Not to mention the growing need to install virtualized onpremise equipment (vOPE) in harsh environments to perform functions such as industrial routing, firewall security, and VPN technologies through software alone on mostly generic embedded hardware.

ETNdigi - 1/2019


Added benefit: More convenient remote management

expected from server processors in the 30-100W class.

It isn’t only in this context that the ability to manage embedded systems remotely – both on the fly and out-of-band – is growing in importance. New fields of application such as interference systems for artificial intelligence (AI) also demand a lot of computing performance. System consolidation through virtualization with hypervisor technologies increases the demand for more embedded system performance still further.

Extremely energy-efficient 30W servers

All of these application fields call for a new performance class at the embedded server level, which classic embedded computer technology was traditionally unable to deliver as it tends to cater only for up to about 50W. The number of cores as well as the bandwidth and number of high-performance interfaces was simply too small, and comprehensive remote management features were missing. However, processor manufacturers such as AMD have made their server technologies increasingly efficient in recent years and now also offer multiprocessor systems in TDP classes, which already offer all the functions that can be

ETNdigi - 1/2019

30W embedded server technology enables completely passively cooled systems in robust designs thanks to soldered processors coupled with all RAS (reliability, availability and serviceability) features known from the classic server segment. At the same time, it doesn’t provide too much functionality – especially not the comprehensive graphics support of APUs that integrate the CPU and GPU on a single die – so there’s no need to retain unnecessary resources. The AMD EPYC Embedded 3000 processor family is at the cutting edge of this new class of embedded server processors, offering 4, 8, 12, or 16 high-performance cores, simultaneous multi-threading (SMT) support, up to 1TB DDR4 memory (over 4 channels), and up to 64 PCIe Gen 3 lanes. Compared to traditional solutions available on the market, it supports 52% more instructions per clock and twice the connectivity. Besides all of this, AMD also provides up to 2.7x more power per dollar. All in

Fig 2: With up to 16 cores for 32 threads at up to 3.0 GHz, up to 128 GB of DDR4 2666 RAM, 32 PCIe Gen 3.0 lanes and 4x 10 GbE, the congaB7E3 COM Express Type 7 modules with AMD EPYC Embedded 3000 processors provide a massive performance boost for the harsh environment.

Page 15

congatec also offers cooling solutions for its COM Express Type 7 Server-onModules that match the processor and can be adapted to customers’ housings if required. This allows OEMs to get the maximum processor performance out of their designs, as this increasingly depends on the die temperature.

all, these are convincing arguments. This is particularly true for single-socket designs, because for the first time they now feature extremely high memory bandwidth, which can only be obtained in competitive solutions at the dualsocket level and at significantly higher costs. The cost argument is important because besides the integration of a second processor, duplicate software licenses are also often required. Flexible design options and comprehensive security features Thanks to comprehensive configuration options and high software compatibility with competing solutions, the AMD EPYC processors are highly flexible and currently the most attractive migration platform for nextgen embedded server designs. They support up to 32 NVMe or SATA devices and up to 8 native 10 GbE channels. Support is also provided for legacy I/Os such as field buses and discrete I/O interfaces, which is critical for industrial server technologies. Attractive features for HPC and AI applications also include seamless support of high-end AMD Radeon GPUs and improved floating-point performance in both single and dual die

versions, which is essential for the many emerging AI applications. Also attractive is the hardware-integrated virtualization of the AMD EPYC Embedded processors for parallel operation of RTOS and GPOS on one system, as well as the comprehensive security package – from Secure Boot System, Secure Memory Encryption (SME) and Secure Virtualization Execution, to the secure migration channel between two SEV-capable platforms. For the 10 Gigabit Ethernet ports, the new embedded server processors further support IPsec with

The AMD EPYC Embedded 3000 processor family is the absolute leader in the new class of embedded server processors, offering 4, 8, 12, or 16 high-performance cores, simultaneous multi-threaded (SMT) support, up to 1TB DDR4 memory (over 4 channels) and up to 64 PCIe Gen 3 lanes.

Page 16

integrated crypto acceleration. The result: Even the server administrator does not have access to such an encrypted VM. This is very important for the high security required by many edge server services, which must enable multivendor applications in Industry 4.0 automation while effectively warding off sabotage attempts by hackers. Application-ready Server-on-Modules congatec has now made the AMD EPYC Embedded 3000 processor series available on COM Express Type 7 Server-on-Modules. This form factor standard impresses with its small dimensions of 125 x 95 mm and currently supports up to 96 GB of memory onboard as well as 4x 10 GbE and up to 32 PCIe Gen 3 lanes. While the sum of supported interfaces does not match the full performance potential of the AMD EPYC Embedded 3000 processors, customers are rewarded with an extremely small and – this is particularly important – applicationready Server-onModule that includes all drivers, best practice designs and guidelines to allow highly efficient implementation of embedded server designs in a small form factor. Compared to in-house fullcustom designs, customers save between 50 and 90 percent of effort. Another advantage of modules is flexible scalability; this is a result of the ease with which modules can be replaced. For

ETNdigi - 1/2019

customers who want to use even more interfaces or implement dual-socket solutions, congatec also offers fullcustom designs based on these processors. These can be realized comparatively easily and significantly more efficiently with an applicationready, proven module and carrier board layout than if OEMs had to implement everything by themselves. Promising roadmap for embedded server technologies Interestingly, Server-on-Modules will support even more performance in the future. With the participation of congatec and Samtec, the COM-HPC Working Group of the PICMG already provided initial information on a new COM Express

Module standard at SPS/IPC/Drives 2018. It will be designed for even faster high-speed interfaces, such as 30 GbE, PCIe Gen 4 and 5, and can also execute significantly more interfaces. Applicationready modules in this new standard are expected in 2020. As a result, the Server-on-Module segment will become significantly stronger in the future, with companies such as congatec driving this trend forward by supporting standardization under the PICMG specifications and offering comprehensive services for OEM customers. This has even led to a market for application-ready carrier boards, as can be seen in the designs offered by congatec’s cooperation partners iesy and Connect Tech. So if you’re looking for tomorrow’s embedded server

designs, talk to the industry leading companies today! The new AMD EPYC Embedded 3000-based conga-B7E3 Server-on-Modules are just the beginning, and the roadmap is very promising at both processor and Serveron-Module level. Interested OEM customers can request further information from congatec, but an NDA agreement is required. However, the current COM Express Type 7 variant is perfectly designed to address the needs beyond the embedded high-end that up until now were served by modules with integrated graphics. So it is ideal to further the evolutionary development of existing solutions – for example, for autonomous robotic vehicles in combination with embedded vision and integrated AI (see below).

Vision and AI flexibly scalable According to Yole Développement, camera technologies in autonomous robotic vehicles are expected to grow at a CAGR of about 140 percent in the next four to five years, increasing from 5 to 900 million US dollars. In addition, the overall market for vision technologies is also growing strongly at a CAGR of 12 percent, with industrial vision systems the largest submarket. It will generate approximately 1.4 billion US dollar in revenue in 2023. At the same time, the market for PC and board-based camera technologies is fragmented, so that standardized COTS offers with long-term availability are opening up additional market opportunities. congatec is strongly committed to this segment and cooperates with leading vision providers such as Basler in order to offer OEM solution packages from a single source. For example, by

ETNdigi - 1/2019

combining Basler camera technology with COM Express Type 7 Server-onModules and connecting two GPGPU cards, it becomes possible to create high-performance headless systems for the development of ultra-flexible, completely passively cooled systems for autonomous robotic vehicles with AI. To support this, AMD processor technology also provides an end-toend software solution for neural networks and inference engines that

balance performance between CPU and GPU, including MIOpen and ROCm for Linux, or PAL for Windows for the GPGPU. congatec offers the required kits in cooperation with AMD and Basler upon request – also for the migration of existing CUDA code, which can be ported with just a few clicks and virtually no performance loss of runtime systems when used on AMD platforms. Developers benefit from a system solution that is optimized for CPU and GPU as it comes from a single source. In addition, Open CL based heterogeneous system architectures allow more flexible balancing, making overall performance significantly easier to adjust, which saves valuable energy. Ultimately, however, the decisive factor is vendor independence as it secures investments much more long term than reliance on solutions from individual manufacturers.

Page 17


for IoT devices tightening

As IoT devices become more popular worldwide, their information security risks have increased. The tightening of legislation brings new challenges to many companies’ software design processes. Etteplan utilizes Arm’s embedded system technology and the Mbed and Pelion platforms in its software development and integration expertise.

Nicolas Devillard, Arm Antti Tolvanen, Etteplan

Page 18

When talking about IoT information security, many probably remember the high-profile attacks that made international headlines. For example, two years ago the malware program WannaCry caused global havoc. The worst impacts were suffered by the UK’s health care system, the NHS.

motivated by simple curiosity.

In reality, attacks are much more frequent; it is only that the media do not have the capacity to report each and every case.

The information security risks of IoT devices, and the related cyber security requirements, usually increase with the importance of the device. The highest requirements are set for security-critical devices or devices linked to infrastructure that is critical for society. Any personal information, such as health or credit card information, must also be secure.

The motives for the attacks range from wanting to cause damage to equipment or infrastructure, to accessing valuable and sellable information, or extorting money. Sometimes an attack may be

Device protection also implies being able to trust data gathered from IoT sensors, and being able to trust that actuators are working as expected and managed throughout their lifecycle. Successful attacks must be

ETNdigi - 1/2019

detected as soon as possible in order to avoid data pollution or theft. Legislation tightening in the EU and US Legislation concerning IoT information security is divided into hard and soft law. Hard law means legislation and regulations, while soft law refers to industry standards and certificates. In the EU, hard law concerning, for example, health technology remains ill-defined for now. It states that, in terms of cyber and information security, devices should represent the latest available technology in the sector. Soft law introduces standards, but not all of these are mandatory.


Mbed ecosystem partner.

But if cyber security matters and testing methods relating to SW development are not part of a company’s core competence, they may lack the capability to react to potential changes. In addition to outsourcing, help may be at hand in the form of development platforms available in the markets, which take into account standards’ current and future requirements.

As a result of the partnership, Arm’s embedded system technology, expertise and the IoT device platform have become a key element of Etteplan’s software development and integration expertise. Etteplan offers its customers tailored IoT applications where Arm Mbed is connected to cloud service solutions and devices are managed using Pelion.

One of these platforms is Arm Mbed, which helps tend to information security requirements in the development process of IoT devices. The British company Arm has built an extensive ecosystem around Mbed, consisting of hundreds of

Currently Etteplan uses these technologies in practically all of its projects as it helps integrate cyber security requirements, makes SW development faster and reduces customer costs. Etteplan is also training its SW developers extensively in the use Photo: Getty Images

EU legislation is, however, becoming tighter. Although no decisions have been made so far, certification is expected to become compulsory in the 2020s, while consumers’ interest in devices’ information security is rising. This trend is steering equipment manufacturers towards certification for business reasons alone. The US trumps the European Union in hard law, with cyber security requirements tightening especially in three areas: health technology, self-driving cars, and purchasing of government IoT devices. All cyber security tests are quickly becoming compulsory in these areas. It must also be possible to update and fix the devices, should vulnerabilities emerge. Arm plays a major role in Etteplan’s services Companies’ software development may face major challenges due to the ever-tighter legislation. For larger companies, taking standards into account is probably a daily routine, and tighter laws may simply add new provisions which have to be taken into account in product

ETNdigi - 1/2019

thousands of SW developers and over 300 supported modules. Further to this, Arm’s Pelion IoT Platform is a flexible, secure and efficient foundation spanning connectivity, device and data management. It accelerates the time to value of your IoT deployments by helping you easily connect trusted IoT devices on global networks, invisibly administer them, and extract real-time data from them to drive competitive advantage. Arm and Etteplan have been engaged in productive collaboration concerning Mbed and later Pelion since 2015, when Arm accepted Etteplan as an

of Mbed and Pelion. Arm, known especially for its Arm Cortex-M processors, is a market leader in its sector, and the company’s products are renowned for their security. A major reason for Arm’s success is the company’s strong awareness of information security problems and the will to tackle these challenges head on. Arm’s engineering is based on the needs of the developers of embedded systems, and the company strives to build in functionalities at the hardware level that help guarantee the highest level of information security.

Page 19


Ronald Singh Digi International GmbH

At some point in almost every company’s IoT product design planning process comes the decision of whether to build or buy. Very often this choice is determined largely by a) the anticipated lifespan of the product and/or b) the projected volume of manufacture. However, there are actually several ingredients that are go into this complex equation.

Presuming that you’re not building a one-off garage opener project, and that you have an innovative idea that you hope will be the next Dyson or the Google Nest, the key question is: what is also your value-add / intellectual property? Is it the hardware design – its innovation, connectivity, integration, simplicity and the sheer elegance of your design, OR is it in your software – its porting, GUI, analytics capability and cloud connectivity?

modular approach might be the easiest and most economical way to solve this problem. A modular design can also help deliver the product on-time even with internal resource bottlenecks. Things to consider include:

Evaluating a Modular vs. Integrated Design

- Technology debt: You are responsible for your bespoke product - if it needs change or the outside environment evolves, it will cost (several) development cycles; that requires your team’s time and company’s cash.

The idea that modular design is more expensive than an integrated design is usually unfounded or based on an incorrect understanding of modular design. When in-house technical expertise or bandwidth is limited, a

Page 20

- Engineering opportunity cost: If your team is building a custom product, is that sapping resources for another project that could be driving your business?

Individual steps in the design process show where a modular design is

advantageous. The time saved using a modular design is essential. Consider these three factors: 1. The processor or radio module is already completed and has already been tested, and thus a crucial component of the hardware design is already available before starting the project. 2. This makes it easier to design the application board. Some parts of that circuit can be deduced from the reference design in the starter kit, which allows the application board to be designed even more quickly and reliably. 3. The key software drivers are delivered with the module BSP already and can be used immediately, so software development can start on day one since the target platform is already available.

ETNdigi - 1/2019

Engineering time is always costly; your engineering team will have to design, test and verify your hardware design, and write some code.

As a result, real parallel engineering can take place. Performance tests are often necessary before a final design decision is made. This can be conducted with modules, reducing development time. - Direct cost: Engineering time is always costly; your engineering team will have to design, test and verify your hardware design, and write some code. The circuit board is a significant cost factor. The circuit board configuration is always determined by the most complex switching or structural element. For example, an ARM processor with a speed of 1.2 GHz and DDR3 memory requires a multi-layer structure with micro-via and at least 10 to 12 layers. Using a modular design, the application or carrier board can be implemented easily with at least 2 to 4 fewer layers. For long-term availability, memory is the most critical component in a processor application today. This means that redesign will be necessary in the lifecycle due to discontinued memory. If modules are used, this is the responsibility of the module producer.

using a module in other products, at higher quantities, results in additional room to negotiate a price. In addition to avoiding pure development costs, continued investments for the acquisition of the appropriate tools for development, manufacture and test equipment may be required

Upgradeability: Is your design flexible enough to meet future needs? In a diverse and constantly evolving world, as your customers and their needs change, is your solution flexible enough to stay relevant? Application board is easier to redesign

Managing Risk Risk means time and costs. With a modular approach, the design for the application board is much simpler, and therefore the risk of eventual redesign is significantly lower. A redesign in the course of the lifecycle usually becomes necessary for the embedded module only because this is where the memory modules are located. Less risk and timely completion of development can play a crucial role in contributing to a product’s commercial success.

Module changes seldom force a redesign Contributes to a product’s commercial success Addressing Security Security is a subject of much discussion with respect to IoT applications. Accordng to HP Security Research, 70% of IoT devices are vulnerable to attack. To thwart attackers, it is critical to invest

Production and QA: It is critical to establish the minimum of flow disruption for manufacturing; the last item off the production line needs to works identically to the first, and that will take some time. Negotiating on price with economies of scale: Since the module will be used by many customers, each customer will benefit from the excess quantity produced by the module provider. And

ETNdigi - 1/2019

Digi XBee RF modules provide wireless connectivity in a range of protocols and form factors to support today's low-power applications.

Page 21

in a device-security framework that simplifies the process of securing connected devices. A security framework should encapsulate:

and you can accelerate parallel software development with Digi's support for embedded Android and Linux development environments including Yocto Project.

SECURE BOOT: Authentication capability to ensure only authenticated software updates that have been signed by the manufacturer are allowed.

Versatile, off-the-shelf single board computers (SBCs)

SECURE STORAGE: A file system-level encryption that enables data to be transparently encrypted offering secure storage of sensitive data. AUTHENTICATION: Data authentication and device identity management options that also ensure that products are not shipped with default user and password settings. SECURE CONNECTIONS: The latest encryption protocols for data in motion and over-the-air (OTA) transmissions to ensure the integrity of data flowing across a network. PROTECTED HARDWARE PORTS: Internal and external I/O ports are hardened and access-controlled to prevent unwanted local intrusion. ONGOING MONITORING AND SUPPORT: Ongoing threat measurement and monitoring services as well as performing internal and external security audits and proactive communication regarding upcoming threats. As a premier supplier of a full range of embedded solutions, including modules and SBCs as well as software and remote management capabilities. Digi's suite of embedded solutions includes RF and cellular modules, as well as SoMs and SBCs to support your development requirements. Whether your chief

Digi SBCs support ARM, NXP, Rabbit processors and multiple wireless interfaces. concern is range, power, programmability, certification, security, or software tools, Digi has your needs covered. Take a brief tour of the device families that support rapid modular development in a world where you can’t afford to have product development tied up in certification challenges. Ultra-compact, highly integrated system-on-module solutions Digi’s system-on-modules (SOMs) offer multiple embedded wireless solutions including pre-certified 802.11a/b/g/n/ac, Bluetooth and options to add cellular. Built on the latest processors, such as the NXP i.MX6UL, i.MX6 and soon i.MX8X, Digi SOMs provide device security for connected IoT applications,

Borne from our SOMs, Digi's line of compact, cost-effective and versatile offthe-shelf single board computers (SBCs) offer significantly reduced time-tomarket by virtually eliminating the traditional risk, effort, and complexity of custom board designs without sacrificing flexibility or capabilities. Digi SBCs support ARM, NXP, Rabbit processors and multiple wireless interfaces. For our NXP SOM based SBC’s, we also provide complete schematics, gerber files, bill of materials and resources so developers can rapidly create their own carrier boards. RF modules in multiple form factors Digi XBee RF modules provide wireless connectivity in a range of protocols and form factors to support today's lowpower applications. Easy-to-deploy, precertified, and configurable using XCTU and the XBee mobile app, these low-cost modules support all of your wireless design requirements. Digi XBee also offers the easiest way to integrate cellular connectivity into an OEM device. With the introduction of 3GPP standards like LTE Cat 1, LTE-M and NB-IoT, as well as older standards like 3G HSPA/GSM, Digi has the cellular modem for your design. Digi XBee Cellular modems provide easy cellular connectivity without having to go through a costly FCC or carrier enddevice certification process.

TRUSTFENCE FOR EMBEDDED DESIGNS Embedded security is a critical design component for a growing number of connected IoT applications and devices. The built-in security of Digi TrustFence® gives you immediate access to critical features including secure connections, authenticated boot, encrypted data storage, access-controlled ports, secure software updates, and seamless integration of the dedicated on-module Secure Element (SE). Many of Digi’s customers operate in highly regulated industries. Digi has taken an industry-leading position around the adoption of standards and other relevant security certifications such as HIPAA, FIPS 140-2, and NIST, as well as helping customers comply with certifications like PCI-DSS for retail and FDA for medical devices.

Page 22

ETNdigi - 1/2019


Connected Intelligence Powered by the New NXP i.MX 8X

Next Generation Edge Intelligence

Designed for Faster Time to Market

!"#$%&'($")'*(+"*('#'*,-.,(/0"%1 2'*3-/'2(4.1(#4/5-.'(0'4*.-.,(4&(&5'('1,'

9*'7/'*&-+-'1()-&5(2":)4*'(4.1(&""02 &"(,'&(8"%(%$(4.1(*%..-.,(;%-/<08

Industry-Leading Device Security

Built For Demanding Applications

6%-0&7-.(2'/%*-&8(&54&(/4.(,*")(4.1 414$&()-&5(.')(4.1('3"03-.,(&5*'4&2

=41'(&"()-&52&4.1(-.1%2&*-40(&'#$'*4&%*' (*4.,'2>(25"/<(4.1(3-?*4&-".

WWW.DIGI.COM/CC8X ETNdigi - 1/2019

Page 23


FOR BETTER POWER INTEGRITY MEASUREMENTS Today’s ASICs, FPGAs and off-the-shelf ICs have increasingly stringent power requirements. These requirements result in the need to test power rails that have decreasing voltages and tighter tolerances. For such tests, users rely on oscilloscopes. However, with the more precise requirements, measurement errors that approach the required measurement value are problematic. Every mV of measurement error is critical, for example when measuring a 1.5 V power rail with 2 % tolerance. In addition, high-speed digital signals and other sources can couple onto power rails, requiring GHz of bandwidth to identify. Here are seven tips on how to quickly and accurately characterize rail noise and identify coupled signals. Joel Woodward Rohde & Schwarz

Low-noise, highbandwidth scopes, such as the 8 GHz R&S RTP, enable fast and accurate characterization of DC rails. Specialized probes designed specifically for power rail measurements, such as the 4 GHz R&S RT-ZPR40 power rail probe, have a number of attributes to produce highly accurate measurements.

Page 24



Measurements will never be better than the noise of the measurement system. Every oscilloscope contributes internal broadband noise to measurements. Choosing a scope that has lower noise ensures a better measurement (see figure 1). For example, if you are trying to measure a 1.8 V rail with 2 % tolerance, having 10 mV of scope and probe noise is problematic, since this will be additive to the signal you are measuring.

Oscilloscope manufacturers characterize and publish AC RMS noise at each vertical attenuation setting, and this generally is a good first step in choosing a low-noise scope. However, for power integrity the worst-case peak-to-peak voltage matters. It is easy to check this value with the scope you are using. With no inputs connected, measure the peakto-peak amplitude at the vertical setting you will be using. Many newer scopes offer 10-bit and 12-bit vertical resolution. However, the additional resolution is almost always obscured by noise

ETNdigi - 1/2019

unless averaging or high-resolution mode is used. For oscilloscope on the market today, frontend noise has not caught up with advances in vertical resolution. Noise is a better indication of measurement accuracy than bits of resolution.



Many oscilloscopes offer 50 Ω and 1 MΩ paths. The 50 Ω path generally has lower noise. In addition, if using an active probe for power integrity measurements, the probe will use the 50 Ω path. Measuring peak-to-peak noise of the oscilloscope with the probe you are using on the 50 Ω path will indicate how much measurement error you will have.



Oscilloscope noise is a function of vertical attenuation settings. Smaller settings have less noise than larger settings. Most oscilloscopes do not have sufficient offset to use large vertical gain. For example, at 10 mV per division, the oscilloscope may only offer 120 mV of internal offset. This forces users to choose a lower vertical setting to get the signal on the display, and therefore will result in a less accurate measurement. There are other ways to compensate for limited internal offset. A blocking capacitor removes DC offset solving the problem of insufficient offset, but eliminates the ability to see low-frequency drift that can occur when subsystems turn on and off. AC coupling on scopes also provides DC blocking. However, AC coupling has the same limitation of eliminating the ability to see

low-frequency drift, and for many scopes is limited to the 1 MΩ path.



Higher-bandwidth scopes are becoming increasingly useful, since they allow teams to see coupled signals such as high-speed clocks riding on the power rail. Since scope and probe noise has linear noise density over broadband frequencies, using maximum bandwidth will result in over-reporting power rail noise values. In the absence of high-frequency coupled signals, limit oscilloscope bandwidth to reduce broadband noise. This technique significantly increases measurement accuracy. A common question is how much to reduce measurement bandwidth. Experienced users often view the FFT to determine how much bandwidth reduction is possible while still capturing periodic and random disturbances on the power rail (see figure 2). When viewing the FFT, bandwidth can be reduced where no higherfrequency tones are present. Another method is simply to look at the signal. If the signal shape changes at all when you reduce bandwidth, you’ve reduced the bandwidth too much, as shown in figure 3.



Most oscilloscope manufacturers offer specialized probes crafted for power rail measurements. They include a number of capabilities not found in other probes. Large built-in offset compensates for lack of built-in oscilloscope offset. This enables users to choose the lowest vertical attenuation setting for reduced noise. Power rail probes typically have Using an FFT and a high bandwidth solution, such as the 8 GHz R&S RTP oscilloscope and 4 GHz R&S RT-ZPR40 power rail probe enables teams to quickly determine both coupled sources and the degree to which they can limit bandwidth while retaining signal content.

ETNdigi - 1/2019

Page 25

Peak-to-peak voltage measurements using an 8 GHz R&S RTP oscilloscope and a 4 GHz R&S RT-ZPR40 power rail probe show the impact of bandwidthlimiting at three different values. The 2.5 GHz bandwidth setting visually shows coupled signals that are attenuated and are missed with lower bandwidth limit settings.

1:1 attenuation ratios, meaning they will have significantly less noise than probes with 10:1 attenuation ratio. Power rail probes have high DC impedance, typically 50 kΩ, which is significant, since rail impedances are typically in the mΩ range. Power rail probes come with a variety of connection methods, including a 50 Ω pigtail coax for the highest quality measurements, as well as a probe browser where flexibility is paramount. Use of an SMA pigtail connector requires some forethought, since they work best when designed in. Browsers are more flexible, but do not have the accuracy of SMA pigtails. Power rail probes should have sufficient bandwidth to capture coupled signals. Users can achieve low-noise probe with a passive probes with 1:1 attenuation ratio. However, the probes have bandwidth limits less than 40 MHz. While this approach is good, since it uses the higher impedance 1 MΩ path, bandwidth-limiting inherent to the probe eliminates critical signal content and will under-report peak-to-peak voltage measurements. Some manufactures specify guaranteed power rail probe bandwidth, while others provide the

typical value. For example, the R&S RTZPR40 power rail probe has a typical 3 dB rolloff of 4 GHz. Check with your oscilloscope vendor to determine which scope models are supported with their power integrity probes. For some companies, the probes will work across all models with a probe interface, while for other companies, the probe may only work on a subset of models. Worse, insertion of the probe in unsupported models may run the risk of damaging the scope’s inputs.



Getting accurate DC values requires low measurement loading. If you connect the scope’s 50 Ω path directly to a power rail, the 50 Ω loading will change the DC level of the rail. To mitigate this effect, higher measurement impedance is required. The 1 MΩ oscilloscope path has a sufficiently high impedance level at DC, but unfortunately has more noise and isn’t the path supported with power rail probes. Power rail probes typically have DC impedance of 50 kΩ, greater

than a million times more impedance than the rail itself. This means that the DC rail voltage will be only very minimally impacted during measurement.



Even the fastest digital oscilloscopes are blind more than 90 % of the time. Between each acquisition, the scope must process the waveform before acquiring the next waveform. Infrequent events – in the case of power rails, this means potential worst-case peak-topeak voltages – can be missed. To compensate, users turn on infinite persistence, automated measurements, and wait until the highest amplitudes are found. How long should a user wait? It depends on the target system. Scopes with a fast update rate will show the overall noise envelope faster, and users will see a better graphical view of the DC rail signal behavior. For an oscilloscope that updates 1000 waveforms per second with automated measurements, users will achieve measurement results 20 times faster than an oscilloscope that updates 50 waveforms per second with automated measurements enabled. Instead of waiting for measurement values to converge over 20 minutes with the slower scope, a user of the faster scope can accomplish the same task in just one minute. Since systems incorporate an ever-larger number of power rails, each of which requires verification, the scope update rate is becoming more and more important. Power integrity continues to grow in significance as FPGAs, ASICs and standard device rails become smaller and tolerances become tighter. Choosing the right measurement tools enables fast and accurate characterization of each rail.

Page 26

ETNdigi - 1/2019

Full speed ahead to 5G With the new force in spectrum analysis R&S FSV3000/FSVA3000

Contact Contactususfor formore more information information or a demo: or a demo: Rohde Rohde&&Schwarz SchwarzFinland FinlandOyOy Tel. Tel.0207 0207600 600400 400

With the advent of 5G NR technology in R&D and production, engineers need test solutions that support 5G bandwidth and meet strict RF requirements. Rohde & Schwarz supports these users with a new signal and spectrum analyzer family. ❙ Up to 400 MHz analysis bandwidth ❙ All relevant 5G NR frequency bands up to 44 GHz ❙ Ultimate high-speed signal analysis

ETNdigi - 1/2019

Page 27

NB1 and M1

Cellular technologies

Sarah Brucker Rutronik Elektronische Bauelemente GbmH

for IoT

The LTE categories NB1 and M1 are becoming increasingly popular. Each year, the number of devices with low power cellular standards is growing by an average of over 100 million devices, claims market research company Berg Insight AB in its latest report Cellular and LPWAN IoT Device Ecosystems. Cellular standards with new embedded SIM solutions are experiencing an additional upturn in demand.

NB1 and M1, also known as NB-IoT (Narrow Band IoT) and LTE-M1, are simpler versions of normal LTE (Long Term Evolution, 3.9G). This means they use a much lower frequency spectrum and, therefore, consume very little current. Boasting a range of several kilometers and excellent in-building penetration, these standards enable completely new application fields for the IoT. This technology is particularly suitable for energy-efficient applications in which small amounts of data need to be transmitted in individual cases. Since with LTE-M, the downlink and uplink peak value is ~300 kbps at a maximum transmission rate of 20/23 dBm; with NB (Narrow Band) IoT, it is just ~30/60kbps at the same transmission rate. LTE networks as the basis Since both technologies are based on LTE standards, already existing LTE networks can be used. This is a decisive advantage for the subcategories, as they not only benefit from robust and secure data transmission, but network expansion with worldwide roaming can be carried out quickly and in some cases even through software updates. The MNOs (Mobile Network Operators) organize the frequencies, dimension the dial-in nodes, and expand them according to regional requirements. Network

Page 28

the nRF91 SiP requires about four times less space on the PCB and approximately five times less volume than other LTE-M and NB-IoT modules.

coverage in the USA, Europe, and Asia is already very good, and in most regions even better than with longrange suppliers. This is also due to the fact that the range with NB-IoT is up to seven times greater and with LTE-M up to four times greater than the standard LTE range. (continues on p. 30)

ETNdigi - 1/2019

Electronics High-Tech Components for Your Innovations


As a leading distributor of electronic components we are able to offer you a wide portfolio of products, expert technical support for product development and design-in, individual logistics and supply chain management solutions as well as comprehensive services. Semiconductors Passive Components Electromechanical Components

Displays & Monitors Boards & Systems Storage Technologies Wireless Technologies

For more information about RUTRONIK:

ETNdigi - 1/2019

Committed to excellence Page 29

Data transmission even from places that are difficult to access NB1 and M1 make 2G fallback superfluous. Thanks to the greater ranges, it is not absolutely necessary. In addition, the power supply can be dimensioned more easily because, unlike GPRS, no 2A current peaks have to be absorbed. Low module costs, the external wiring, the Internet provider, and the hassle-free ‘everywhere’ infrastructure clearly outperform alternative long-range technologies in most applications. NB-IoT and LTE-M are especially suitable for IoT, i.e. everywhere where small amounts of data occasionally need to be transmitted, also from places that are difficult to cover, such as basements, ducts or wide-open fields. There are a whole host of possible applications, especially for sensors that regularly send small amounts of data to a control station. In the smart metering sector, for example, electricity, water, and other meter data can be transmitted directly to utility companies. Other focus areas are infrastructure, transportation and logistics, agriculture and forestry, wearables, and product-as-a-service with predictive maintenance and repair of machinery. The most energy-efficient NB-IoT is better suited for applications with a fixed location, where normally no wireless cells are changed during transmission, while LTE M1 is the better choice for mobile applications due to its faster transfer rate. nRF91: Secure and NB-IoT ready As a pioneer in the field of ultra-low-power wireless technologies, Nordic Semiconductor is also committed to these new wireless transmission types. Thanks to the nRF91 series, the manufacturer offers a multi-mode module for NB1 and M1. The SiP (System in Package) comes with an ARM Cortex M33 microcontroller for customerspecific programming of the application, sensors, and actuators. ARM TrustZone® and ARM CryptoCell ensure secure storage access, while TLS and SSL guarantee end-to-end data encryption of the data transmission. The rewritable flash memory technology, together with the possibility of overthe-air updates, allows subsequent improvements to the firmware, the stacks, and the application. The module automatically searches for available LTE-M and NB-IoT networks and toggles between them. Built with integrated assisted GPS or without GPS unit in a package measuring just 10 x 16 x 1.2mm, the nRF91 SiP requires about four times less space on the PCB and approximately five times less volume than other LTE-M and NB-IoT modules and separate GNSS modules. Seeing as the M33 core enables real edge computing to a certain extent, local information can already be generated from the measured data in the field which can then be efficiently transmitted via the mobile radio unit. This optimizes the overall energy balance and keeps online data consumption to a minimum. The corresponding nRF91-SDK (software development

Page 30

kit) contains all the common stacks, such as MQTT, CoAP, http, LWM2M, IPv4, IPv6, DTLS, TLS, and TCP. Sensors, LEDs, buttons, and switching relays can be connected via 32 GPIOs. The quartz, SAW filter, and all passive components are integrated – in the SiP, so that only a 50Ω single-ended line is needed as the antenna to complete the edge module.

The cellular part of nRF91 family was designed at Nordics wireless design team located in Oulu, Finland.

Sending without SIM New developments in the field of connectivity continue to drive NB-IoT and LTE-M forward. If you wanted to send or receive data via a cellular network in the past, a SIM card holder and a physical SIM card were necessary in addition to suitable hardware. This means greater space requirements on the PCB and a longer BoM (bill of materials) – and thus higher costs. Added to this is the task of manually swapping SIM cards in the event of changing provider. This is where ‘embedded SIM’ solutions, such as iUICC (integrated Universal Integrated Circuit Card), can help. They offer the advantage that the SIM functions are already integrated on the hardware module – which means less space requirements, a shorter BoM, and lower costs, since embedded SIM solutions can be controlled and updated remotely. Customers can obtain precise embedded SIM solutions from the Rutronik partner Telit, a leading provider of cellular hardware, connectivity, and cloud solutions, which markets its 2G wireless modules under the name simWISE. The LTE-M and NB-IoT modules are also to be equipped with simWISE by the end of 2018, for example the ME910C1 LTE-M and NB-IoT combi module. The simWISE modules are complemented by the Telit IoT cloud platform. This results in a customizable cloud solution with device, connectivity, data, and system management functions.

ETNdigi - 1/2019

Mouser Electronics – your authorized TI distributor stocking more products for your next design.

ETNdigi - 1/2019

Page 31

More Effective Security at the Microcontroller Level Cybersecurity threats are genuine worry for all of us - as nobody is truly invulnerable from their effects. There have been a series of major attacks in recent times, many of which have had huge consequences for the organisations involved and subsequently filtered down to impact us as individuals. What is more, the rate of these attacks shows absolutely no sign of slowing down - if anything the regularity with which they occur is only going to accelerate.

Mark Patrick Mouser Electronics

Attacks do not just hurt an organisation financially, they can leave a long-term scar on its reputation too. Customers/users may be put off by hearing of security breaches and start looking for an alternative option that they deem to be safer. Ensuring that adequate protection is in place is therefore strongly advised. The susceptibility of computing systems was made apparent by the notorious WannaCry strike. In particular, this malicious software was able to hit Britain’s National Health Service (NHS), as well as some of Spain’s largest companies (including Telefónica), causing computers and their data to be locked up and held until ransom payments were made. The attack launched upon the NHS was coordinated and managed with the objective of infecting as large a number of computers across the expansive public healthcare service’s operations as possible within a period of just a few hours - giving cybersecurity teams very little time in which to react once it had first been detected. Its potency was mainly due to the fact that as a worm it had the capability to quickly spread within the networks involved, passing rapidly from one system to the next. This ransomware incident brought about major disruption in hospitals all over the UK, leading to them diverting emergency patients to other facilities and cancelling operations. Attacks on healthcare providers around the world have been on the increase since then, as these systems contain valuable private information, including both medical and financial records, and are in many cases not as well protected as they really need to be. Countless

Page 32

other business sectors and government agencies have been subject to ransomware attacks too. Only a month after WannaCry had hit, the NotPetya worm caused havoc within banks and utility companies across Eastern Europe. So what needs to be done to protect embedded system implementations from the growing cyber menace? Traditionally developers have been able to rely on software-based solutions of some form - such as passwords, encryption and authentication. However, this is simply not enough anymore. Far high degrees of protection are now clearly being mandated - and these need to have hardware as well as software aspects. In general, connectivity (whether it is wireline or wireless in nature) is now an important part of modern embedded system design. The problem with this is that it only serves to open up more attack surfaces to prospective hackers. Consequently, new protection methods need to be applied.The scope of possible threats has expanded too - in addition to potential malware injection, firmware substitution, eavesdropping, identity theft and unauthorised network connection, there is the possibility of remote IoT nodes being subjected to physical damage, plus the growing popularity of various other underhand practices to factor in - like counterfeiting and reverse engineering. The security functions and operations that are now being incorporated into microcontrollers - such as built-in security blocks, strong cryptographic/ authentication engines, key management features, tamper detection and prevention mechanisms,

ETNdigi - 1/2019

Infineon’s OPTIGA TPMs.

protection of external memory and encryption/ decryption of communication protocols - are all of significant value when combatting the hacker fraternity. Additionally, through the use of on-chip accelerators or inclusion of a co-processor IC to accompany the microcontroller, such operations can potentially be accomplished while not impinging upon the overall system performance.

This is a useful feature in IoT device management, enabling authentication of firmware-over-the-air (FOTA) updates when they are sent out to network nodes. The ATECC608A’s secure boot capabilities protect IoT nodes from threats during boot up (through corruption of boot code prior to this), allowing a root of trust to be established when nodes are activated.

Supplied in TSSOP-28 and VQFN-32 package formats, Infineon’s OPTIGA family of trusted platform modules (TPMs) have been designed in accordance with the stringent specifications set out by the Trusted Computing Group (TCG). These microcontroller security ICs provide hardware accelerators for asymmetric encryption techniques (such as ECC and RSA), as well as SHA-1 and SHA-256 hash algorithms. Through their use, the encryption and decryption off data can be offloaded from the microcontroller (so that its resources can be re-focused onto other activities). As a consequence, security will no longer need to have a detrimental effect on a microcontroller’s operational performance. The TPMs support an operating temperature range covering -20°C to +85°C, with an extended range version covering -40°C to +85°C available for industrial embedded deployments.

Featuring numerous tamper detection mechanisms, plus secure boot functionality, Maxim’s MAXQ1061 secure cryptographic controller IC offers elevated degrees of secure key storage. Private key management ensures that unauthorised access cannot be gained. On-chip key generation relies on a random number generator and certificate verification. Without verification, TLS handshaking is not possible, which stops hackers from being able to communicate with the chip. Furthermore, the 128-bit AES encryption engine enables high levels of security to be maintained through the support of AES-GCM (SP 800-38D compliant) and AES-ECB (SP 800-A compliant) modes. Signature verification is employed to protect the system during boot up, with the hacker prevented from accessing data from the host processor without a signature.

Featuring integrated cryptographic hardware accelerator capabilities, the ATECC608A from Microchip provides the data security and authentication required by resource-limited embedded designs (such as those that will be used to construct widely distributed networks of IoT nodes). It is able to perform asymmetric cryptography operations (based on ECC and ECDSA algorithms) as much as 1000x faster than software running on standard microprocessors or microcontrollers. This highly sophisticated security IC takes care of identity authentication and session key creation, with support for numerous key generation protocols (such as TLS 1.2 and TLS 1.3). Its symmetric AES-ECB Block Cipher mode offers support for small message encryption - thus dramatically reducing the communication overheads associated with encryption/decryption of small messages or personally identifiable information.

In order to protect their embedded systems, developers need to give consideration to security at the initial stages of the design, rather than leaving it to the end, when it will be more difficult to address. Coupling software, hardware and architectural security, as well as diagnostic/verification considerations, together enables a more secure layer of protection than having these solutions work independently of one another. Taking a holistic approach - where security is considered from respective software, hardware and architecture standpoints - will offer far greater protection than having isolated solutions installed for each. Also, rather than putting the responsibility for security onto the already under strain system microcontroller, the inclusion of an addition IC into the design that is devoted specifically to dealing with security concerns is likely to prove far more efficient.

Another attractive attribute of this device in an IoT context is its key generation for software download.

ETNdigi - 1/2019

Microchip’s ATECC608A Cryptographic

Page 33

First Industry 4.0 Plug & Play solution

One of the greatest challenges posed by the IoT world lies in the ability to extract, analyze, filter and aggregate data, in a "plug & play" mode, to transform them into high added value information by facilitating the integration of corporate decision-making processes, with the aim to achieve more efficient and punctual management of production and business. Carlo Talamo Advantech Nordics

Protocol conversion is a critical first step in solving multi-vendor and legacy equipment challenges. A protocol converter is a device employed to achieve interoperability by converting one standard or proprietary protocol used by a device to another protocol suitable for another device. Advantech’s Equipment Protocol Conversion solution (EIS-D210A) is pre-integrated with Alleantia software to enable multi-vendor equipment interoperability whilst improving process visibility and push control to the edge. Alleantia makes it easy to implement comprehensive supervision and control systems for plants, devices, machines, and sensors. It is also expandable without programming, with its native web architecture and extensive integration capabilities with external applications. Alleantia, thanks to the proprietary I4.0 "Plug & Play" technology and the Library of Things, with more than 5,000 drivers ready to use, simplifies and speeds up the interconnection projects of industrial devices. The "connected by Alleantia" technology today stands as the simplest, most intuitive and powerful plug & play solution for realizing the so-called Industry 4.0, being able to fully satisfy the growing demand for increasingly rapid and effective deployment of industrial IoT projects. The Alleantia offer consists of a multiplatform software, available for Windows and Linux, capable of simply connecting “Plug & Play”, easily and in a few minutes and without programming, any industrial device (machine tools, robots, PLC or simple sensors) to computer world, or the so-called IoT Apps. The exclusivity of the Industrial IoT Alleantia solution is based on its Xpango technology which, with a Library of Things with more than 5,000 drivers and

Page 34

its Digital Twin IIoT Apps with ready-touse interfaces, allows you to quickly connect machines and devices industrial (CNC, PLC, robots, inverters, sensors, energy meters, etc.) and to collect telemetry data, operating parameters and alarms, to transfer them to IT applications (on-premise and in-cloud), operating in bidi-directional mode. With Alleantia, Advantech has created a Solution Ready Package (SRP) based on several industrial grade gateways like the UTX-3117 and the ARK-1124 fanless embedded PC with the IoT WISE-PaaS / EdgeSense and with Alleantia's ISC software, the SRP enables protocol interoperability between machines and multi-vendor devices, making immediate implementation of remote supervision systems and operation management for plants, devices, machines and sensors. Advantech, since 36 years the reference brand in the industrial PC and embedded computing, has chosen to enable the creation of a partner ecosystem and a complete industrial IoT value chain: in line with this strategy, Advantech has launched the WISE-PaaS platform in 2014 and developed the connection with all IoT layers, integrating sensors, edge computing, communications, PaaS platforms, Solution Ready Platform (SRP) and enabling the integration of cloud services. In Advantech's vision, the key to success is the co-creation, collaboration and integration between the supplier of the technological platform and experts in the reference markets, for the creation of SRP, integrated hardware and software solutions that enable a powerful combination of OT and IT for the collection, management and optimized data analysis. Thanks to the solutions developed by Advantech and Alleantia, application developers, system integrators, machine

and plant builders and industrial components will be able to easily implement new projects for digital transformation involving products, processes and new services in a 4.0 key, quickly and at low cost. The integration of Alleantia's technology and Advantech's embedded platforms represents a high-performance and easy implementable solution for the digital transformation of even the most complex industrial processes. For example, in production plants, the most frequent cases of data acquisition concern: machine tools, processing plants, integrated production lines. Among the main advantages: solution adaptable to the different applications to be integrated (management, MES, supervision); portfolio of pre-integrated applications for customers without adequate management applications; expandable solution: more data, more value for the customer; quick training curve for full mastery of the solution; also solutions suitable for SMBs. Alleantia is a Software Company, established in 2011, internationally known for its cutting-edge proposals applied to the Industrial Internet of Things, in particular to Industry 4.0. The “Connected by Alleantia” software solutions, installed in the IoT Edge gateways of leading manufacturers, integrate every type of machine, production plant, instrumental transport equipment and industrial automation device with the web, business systems and new IoT applications with "Ready to use" interfaces. The availability of IoT data, released by Alleantia, enables the creation of new value, new business models and new professional skills, allowing each company to create its own "IIoT plug & play".

ETNdigi - 1/2019

ETNdigi - 1/2019

Page 35

A different kind of


Microchip Technology

Over the past two decades, we’ve seen three waves of innovation in the cloud computing market. The first wave was collocated hosting, giving customers financial efficiencies in renting physical space rather than investing in data center real estate. The second wave, and what most clouds look like today, is the virtualized data center model where developers are still forced to spend much of their time “keeping the lights on” versus building great applications, and the third wave is a full-managed, serverless cloud environment.

About ten years ago, Google got sick of the limitations of physical, virtualized data centers and switched to a container-based, serverless architecture. This means developers don’t need to spin up servers, configure networks or patch operating systems. They can focus on building innovative software, at scale. Products like YouTube, Gmail and Maps serve millions of users each minute. Yet the developers working on these applications

Page 36

update production code multiple times a day without disruption, and their systems are resilient and secure. Today, we’re delivering this vision to the rest of the world on Google Cloud Platform (GCP). With AppEngine, you never see servers or patches, and you can literally spend zero hours on administration per year. With BigQuery, you don’t have to provision and

ETNdigi - 1/2019

maintain an analytics cluster. With DataProc, our managed Hadoop and Spark service, you can be up and running in 90 seconds. We let customers focus on functionality, not managing infrastructure. Our customers are eager to leverage services and technologies that have powered Google’s own internal infrastructure to build and deploy their solutions. When building Google Cloud, we concentrated around three fundamental principles: Security, networking and infrastructure: Our infrastructure doesn’t rely on any single technology to make it secure. Rather, we build security through progressive layers that deliver true defense in depth. Our hardware infrastructure is also custom designed by Google “from chip to chiller” to precisely meet our requirements, including security. We operate one of the largest backbone networks in the world, connecting our data centers with hundreds of thousands of miles of fiber optic cable. According to a third-party estimate, more than 25% of global Internet traffic flows over our network in a given day. We have more than 100 points of presence across 33 countries, and we continue adding and scaling zones and regions to meet customers’ preferences and policy requirements. The scale of our infrastructure allows us to absorb many Denial of Service (DoS) attacks, and we have multiple layers of protection that further reduce the risk of any DoS impact. Finally, our operations teams detect threats and respond to incidents 24 × 7 × 365.

Unlock data and accelerate development: Analytics and machine intelligence at web scale have been core to GCP since the beginning.

Google BigQuery, Google Cloud Datalab and Google Cloud Dataproc—all based on the same distributed data services that are used at Google—are changing how customers analyze and use data. Google is also known as a world leader in Artificial Intelligence (AI), with our ability to provide modern machine learning and pre-trained models for rich application development. We also have APIs for computer vision (video and still image), speech recognition (audio to text), natural language processing (gain context from words), translation and more. These services can be used by developers with little to no experience using machine learning; they just need to know how to use the API. This allows customers to add machine learning technology to solve challenges in their business or provide new features to their customers.

Open, enterprise-friendly: We think cloud customers need a flexible and responsive relationship with their providers. The best way to keep open source at the forefront is to build active communities around the technology. We are committed to building communities around two of the most important innovations in the world: containers and machine learning. Kubernetes and Tensorflow are quickly becoming industry and developer standards, and we continue to invest in technology that allows you to build the way you want. We believe, over time, you’ll value our investments in custom hardware, elastic compute and truly no ops services, but we aren’t going to hold you hostage with locked down/proprietary APIs. In fact, the latest release of Kubernetes is great for running federated clusters across zones, regions, or even across on-premises and cloud providers. Again, you choose the optimal architecture.

Google IoT Core Use Case.

ETNdigi - 1/2019

Page 37

industry has been relying on trusted platform modules for security, while the phone industry has been using SIM cards to protect keys and credentials. However, in today’s IoT devices, private keys often reside in the Flash memory of a microcontroller where they can be accessed very easily. Private keys can also be maliciously manipulated during the manufacturing of end products such as thermostats and HVAC systems, but also in more costly assets such as industrial equipment that is used to control major manufacturing plants. When the most critical source of security —the private key—is maliciously attacked, the identity of the IoT device is corrupted beyond the capabilities of any encryption scheme to protect it.

These three fundamental principles also make GCP an ideal cloud computing environment for the Internet of Things (IoT). Enterprises that rely on industrial devices such as sensors, conveyor belts, farming equipment, medical equipment and pumps—particularly, globally distributed ones—are struggling to monitor and manage these devices for several reasons, including operational cost and complexity, patchwork security, and data fragmentation. With Cloud IoT Core on GCP, customers can easily connect and centrally manage millions of globally dispersed connected devices. When used as part of the broader Google Cloud IoT solution, you can ingest all your IoT data and connect to our state-of-the-art analytics and machine learning services to gain actionable insights. What about security? In too many IoT implementations, Transport Layer Security (TLS) encryption is believed to provide sufficient security. But, just as you would not publish a list of social security numbers in a newspaper, you would not list private keys to all the websites using a network on a public web page. To provide the best possible security, a device’s identity needs to be unique, protected, trusted and verifiable. A connected device’s private key is the most critical element in the authentication process. If a hacker owns your private key, he essentially becomes you. For the past 20 years, the computing

Page 38

As security is one of the core principles of GCP, Microchip has partnered with the Cloud IoT Core to strengthen the authentication security level between the IoT hardware and GCP. In a recent “Hardware Root of Trust with Google Cloud IoT Core and Microchip” webinar (1), representatives from Google Cloud Platform and Microchip discussed how to implement hardwarebased security to meet the challenges of implementing an IoT solution. Our joint offering offers impressive benefits to the IoT developer including: • Speeds up development time to reduce costs and accelerate time to market • Easy-to-use solution reduces barriers and makes cloud technology accessible • Global and proven robustness, elasticity and scalability; you pay for the way you use it, when you use it. Protecting Private Keys in IoT Hardware Working in collaboration with Google Cloud Platform, Microchip has implemented a JSON Web Token (JWT) based authentication system. This solution is based on Cloud IoT Core and Microchip’s recently released ATECC608A CryptoAuthentication™ device, a cost-effective Arm® Cortex®M0+ based SAM D21 microcontroller (MCU) and the popular ATWINC1500 WiFi® module. How does this solution work? The ATWINC1500, with its integrated TLS 1.2 stack, establishes a TLS session. An authenticated MQTT connection must be established for Google Cloud IoT Core to authorize the device to push messages to the cloud. To do this, the device

issues an MQTT CONNECT request with a JWT as a password. The private key that resides safely inside the ATECC608A signs the JWT that is presented by the MCU. The ATECC608A then provides a signature to the MCU, which appends it to the JWT. This is then transmitted as a password to the CONNECT message (username field is ignored). The MQTT message is then carried to Cloud IoT Core, which holds the public key—which Microchip has securely delivered to the Google backend—that mathematically corresponds to the private key used in the ATECC608A. Cloud IoT Core verifies the signed token and authorizes the communication. The Cloud IoT Core Authentication Use Case video(2) provides additional details. The advantage of this solution resides in the simplicity of the implementation. The small code size required for JWT authentication allows you to use small and cost-effective MCUs like the SAM D21 device. The heavy lifting is done by the ATWINC1500, which completely handles the TLS function so that you do not need to have expertise with the TLS stack to implement this solution. In addition to being the vault for the private key, the ATECC608A runs the “ECDHA sign” operation, which makes this implementation even more agnostic regarding the TLS stack provider. Some may argue that this solution could theoretically be transport agnostic too. But the most obvious benefit is that this total system solution enables you to connect your IoT devices to one of the most robust, scalable and widely adopted cloud computing platforms in the world, backed by the global infrastructure, intelligence and expertise of Google Cloud Platform. To learn more about how to protect your connected system from hackers and malicious attacks, visit the Trusted and Secure Authentication with ATECC608A for Google Cloud IoT Core page on Microchip’s website. watch? v=A32RFbkozFc&feature=yout watch?v=8JtcSBV_2U&

ETNdigi - 1/2019

IoT Security Suite Making the Complex Simple

The IoT Security Suite for the SAMA5D2 MPU enables rapid and easy use of its advanced security features, such as ARM® TrustZone® technology and hardware cryptography, without a long learning curve. The suite covers the security requirements for IoT device manufacturers in a single, easy-to-use package. It supports storing, encrypting, decrypting and exchanging keys between devices and applications, and its easy-to-use APIs save you time. Features Trusted Boot – Root of Trust (RoT) verified startup Firmware Protection – Encryption and execution of authenticated firmware Trusted Device ID – Unique device certificate tied to the RoT Secure Storage – Secure storage of keys, certificates and data Secure Communications – Authenticated device pairing and IoT cloud communications Secure Firmware Update – Securely upgrade firmware remotely

SAMA5D2 Xplained Ultra Evaluation Board (ATSAMA5D2-XULT)

Download the IoT Security Suite Evaluation Kit (free) to get started.

The Microchip name and logo and the Microchip logo are registered trademarks of Microchip Technology Incorporated in the U.S.A. and other countries. ARM and Cortex are registered trademarks of ARM Limited (or its subsidiaries)

in the EU and other countries. All other trademarks are the property of their registered owners. © 2018 Microchip Technology Inc. All rights reserved. DS60001511A. MEC2201Eng01/18 ETNdigi - 1/2019

Page 39

IoT to the Cloud?

Just Plug & Play

Premiered at IoT World 2019 in Santa Clara, California, ST’s new plug-and-play module encapsulates MEMS devices for motion, context, and environmental sensing housed in a robust 57 mm x 38 mm x 20 mm plastic case. A completely new approach that enables the use and configuration of the module without needing to enter a single line of code helps everyone from young people to expert designers discover the power of IoT and quickly understand how they can easily collect and send sensor information to the cloud.

The module connects with Bluetooth® Low Energy to a smartphone, allowing users to watch the sensors function as a pedometer, asset tracker, environmental monitor, or as other instruments. Beginners can also explore vibration monitoring, data recording, inclinometer/level-sensing, digital compass, and babymonitoring applications. serves a wide range of sensing, tracking, and monitoring use cases and is delivered ready to use with a 500mAh lithium battery and 8GB microSD card.

Page 40

Managed by an ultra-low-power STM32L4 microcontroller, the on-board sensors include an LSM6DSOX, the first inertial sensor with machine learning, and a LIS3DHH, an ultra-high-resolution three-axis accelerometer. Experts can create systems that are a lot smarter and more efficient, especially since ST also integrated the LIS2DW12, a 16-bit femto accelerometer that consumes only 50 nA, and the latest LPS22HH barometer that can climb up to 200 Hz. The integrated Bluetooth LE module is compatible with ST’s Bluetooth mesh software pack. The HTS221 hygrometer suitable for predictive maintenance

couples with the STTS751 is lowvoltage temperature sensor. The module also integrates a LIS2MDL, the magnetometer used in toy drone controller units, meaning that developers can use the to create consumer or industrial projects. Attracted by its ease of use and relevance to all users across its full range of customers from consumers and beginners to IoT professionals, the has been showcased at Microsoft Build 2019 as a new demonstration platform for Azure IoT Central, which simplifies connecting smart devices to the cloud for data capture and analysis.

ETNdigi - 1/2019

STM32 meets Linux The new STM32 heterogeneous architecture combines Arm® Cortex®-A and Cortex-M cores. This flexible architecture performs fast processing and real-time tasks on a single chip, always achieving the greatest power efficiency. It enables developers to use the same software and development tools as for STM32 MCUs while also creating applications for an open-source Linux environment that will run on the more powerful cores.

The STM32MP1 is completed with a dedicated PowerManagement IC. An ideal companion chip for use in battery-operated applications, the PMIC integrates four DC/DC buck converters, six LDOs, a DC/DC boost converter, and USB VBUS and generalpurpose power switches, creating space and BoM The STM32MP1 microprocessors with power-efficient real-time savings to supply all required power rails for the MPU and control and high feature integration facilitate development of other components on the high-performance embedded solutions for Industrial, board. Consumer, Smart Home, Health and Wellness applications.

Building a gateway mixing highprocessing tasks on Linux and real-time applications with or without a GUI, is now easier than ever. To accelerate development, ST has released OpenSTLinux as a mainlined, opensource Linux distribution that contains all the essential building blocks for running software on the application-processor cores. OpenSTLinux has already been reviewed and accepted by the Linux community: Linux Foundation, Yocto project®, and Linaro.

ETNdigi - 1/2019

The STM32MP1 embeds a 3D Graphics Processor Unit to support Human Machine Interface displays and a wide range of external DDR SDRAM and Flash memories. Moreover, it integrates a large set of peripherals that can be seamlessly allocated either to Cortex-A/Linux or Cortex-M/real-time activities. The STM32MP1 series are available in a range of BGA packages to support the lowest PCB cost structure and use the smallest board space.

The STM32MP1 enjoys rich software and tool support. Users familiar with STM32 ecosystem can benefit from the specially upgraded STM32Cube development tools, enhanced to support peripherals allocation to either Cortex-A or Cortex-M cores, to generate Linux Device trees, and to configure STM32MP1’s DRAM controller. ST further supports customers with a selection of community boards and System-on-Module boards from third parties.

Page 41

ETN is a Finnish technology media for everyone working, studying or just interested in technology. Through website with daily news and technical articles, daily newsletters and columns ETN covers every aspect of high technololy. We cover automation, components, devices, networks, test & measurement, design & programming, embedded, power, manufacturing and distribution. All in Finnish.

For advertising and editorial cooperation, contact us Editor-in-chief Veijo Ojanperä +358-407072530 Sales Manager Anne-Charlotte Sparrvik +46-734171099

Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.