TSensor

I have made one prototype of the TSensor board using the PCBA service from Macrofab. The prototype cost was about 120$, however the unit price for a small batch of 50 boards is about 40$. Prototype is fully functional and was tested with a Pmod TMP3 sensor and a Dragino LPS8 gateway.

The only problem with this prototype is the lack of user button as the BOOT0 pin can only be used to boot the Murata's module in "flash loader" mode.

Design files are available on this website (see "Files" section) under CC-BY-4.0 license. Feels free to use it and modify it for your own usage.

In the previous post we have seen that TTN services can be use to collect messages from our sensor node. These messages are composed of :

• a TLV field encoding the authenticated responses from our node's I2C sensor,
• the 18-byte unique ID of the SE050 chip,
• a 16-byte random (which is actually set to 0 in this example),
• a 12-byte timestamp computed by the SE050,
• the signature of all the previous data using ECDSA-SHA512 (on NIST P256).

To validate the authenticity of the received data, someone would have to compute the SHA512 hash of the TLV field, chip ID, random and timestamp and use the known sensor public key together with the computed hash and the received signature to check its validity. More information on how this is done can be found on Wikipedia.

So to check the authenticity of our sensor messages, we have to :

1. retrieve messages from TTN,
2. verify the authenticity using a library such as OpenSSL.

First, you will have to obtain the certificate corresponding to the SE050 private key use for the attestation generation. To retrieve this certificate from the SE050 chip, use the firmware provided by mbed-tsensor-vcom repository. You will have to retrieve the certificate stored at the address 0xF0000013 thanks to the instructions provided by the README file of this repo.

Second, we will use a Python script to perform these two steps. First, you will have to install TTN and pyOpenSSL library using pip:

pip install ttn
pip install pyopenssl

Then, using only a few lines of Python 3, we can retrieve the data and authenticate them (this script is available in mbed-tsensor-lorawan repo):

import time
import ttn
import OpenSSL
import base64

app_id = "YOUR_APP_ID"
access_key = "YOUR_ACCES_KEY"

with open("certificate.pem", 'r') as f:
  pubkey = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM, f.read())

def uplink_callback(msg, client):
  print("Received uplink from ", msg.dev_id)
  packet = base64.b64decode(msg.payload_raw)
  temp = packet[10] + packet[11]/256
  data = packet[:12+16+18+12]
  signature = packet[12+16+18+12:]
  print("temperature: " + str(temp))

  try:
    OpenSSL.crypto.verify(pubkey, signature, data, 'sha512')
  except Exception:
    print("invalid signature")
  else:
    print("valid signature")
  print()

handler = ttn.HandlerClient(app_id, access_key)

# using mqtt client
mqtt_client = handler.data()
mqtt_client.set_uplink_callback(uplink_callback)
mqtt_client.connect()
time.sleep(60)
mqtt_client.close()

# using application manager client
app_client =  handler.application()
my_app = app_client.get()
print(my_app)
my_devices = app_client.devices()
print(my_devices)

 If you turn on your board (wait a few seconds for the JOIN request to be processed by TTN) and then launch this script, you will see the measured temperature and an output showing if the sensor message can be or cannot be authenticated.

In the next post, I will present you the design of the TSensor board, its schematic and its PCB layout.

Mbed OS comes with a Lorawan stack that can be used to easily implement a Lora end-node. An example demonstrating how to use the Lorawan API is also provided by ARM. In this post, we reuse the Mbed Lorawan example to build a Lorawan trusted temperature sensor.

First, a dummy (fake) sensor class is implemented in the Mbed example. In our application, this fake sensor is replaced by a real one : a Pmod TMP3 I2C sensor has to be connected to the SE050 I2C master to use this application. This sensor can be replaced by another but you will have to modify or replace the implemented `getTemp()` function.

Second, the Mbed example is designed to send regularly data through the Lora interface. In this example, we keep all the Lora mechanic except the content of the `send()` function. This function is modified to send the whole attestation object generated by the SE050 when it signs the response of the Pmod TMP3 sensor to host requests (in our case temperature measurements are returned).

RSA or ECC can be used to generate the attestation object, ECC attestation objects are a way smaller than RSA attestation objects so this application uses ECC cryptography. However, ECC attestation objects are still really large (about 150 bytes) so this kind of application will consume slightly more energy that some really low power applications sending only few bytes. Unfortunately, this is the price of the security. Some kind of attestation can also be achieved using symmetric cryptography (smaller keys and therefore less data) but, in this case, both the sensor and a server will have to store one or more secret keys which can be a problem. With asymmetric cryptography, only a public certificate has to be stored.

You can download the trusted lorawan sensor application from github repo mbed-tsensor-lorawan. You will also need a lorawan gateway (or use a public one) and a lorawan network provider (like The Things Network). More information on how to build the application is given in the repo `README.md` file.

In the next post, i am going to show you how to authenticate data sent by the Lorawan node using Python and pyOpenSSL.

The first step of the TSensor development was to choose an OS natively supporting most of the required features. Nowadays, there is a large number of embedded OS which could be used to build the TSensor node. If we only consider Open Source (and free) OS, my short list was :

• FreeRTOS supported by Amazon
• MBED supported by ARM
• Zephyr supported by Intel

At the end, MBED was chosen as the B-L072Z-LRWAN1 board is natively supported by this OS (including the Lorawan stack). Unfortunately, this is not the case for the SE050 secure element (others OS do not natively support this component neither). At this point, there is two strategies: either port the NXP Plug & Trust middleware to MBED OS or develop a driver from scratch.

There is two problems with the former strategy: First, a large part of the NXP's middleware source code is licensed under a restrictive license which does not allow to share it. In addition, its source code analysis shows that this piece of software is really memory hungry. Several buffers as large as 1024 bytes are used to store temporary data during command building. In the same time, one of the main concern when dealing with MBED OS is its memory footprint. Indeed, MBED OS and the Lorawan stack consume almost all the available volatile memory of the STM32L072 MCU. In consequence, it is hardly possible to use both MBED OS with its Lorawan stack and the NXP's Plug & Trust middleware at the same time on such a cheap chip like the STM32L072. Therefore the only viable strategy is to develop an SE050 driver from scratch keeping in mind that its volatile memory footprint should be as small as possible.

TSensor development platform is designed to meet the use case where measures from an environmental sensor have be authenticated. Thus, only the management of the SE050 attestation mechanism used to authenticate the data exchanged on a I2C bus connecting a sensor with a host MCU has to be implemented. In addition, because measurements are not confidential (at least in the vicinity of the sensor) and because attestation mechanism is based on asymmetric cryptography, exchanges between the host MCU and the SE050 do not need to be encrypted to be secure. Consequently, the minimal SE050 driver required to build a trusted node is not so complex.

SE050 driver is composed of two layers:

• Low level T1 over I2C layer implemented using NXP's open source (Apache 2.0) code
  • This layer implements low level mechanics allowing to wrap ISO7816 APDUs into I2C frames.
• High level SE050 API implemented using open source (Apache 2.0) code.
  • This layer implements a comprehensive API allowing to easily use the features provided by the SE050 chip.

On the following github repo (mbed-se050-drv), you will find an MBED library implementing the previously described minimal driver, it allows to use the SE050 I2C attestation feature. You can use repo mbed-se050-example to test this library.

In the next post, you will learn how to use the mbed-se050-drv library to build a trusted lorawan end-node.