Infineon XMC4800 IoT Connectivity Kit
Important notice: The following example demonstrates a security extension for a generic Infineon XMC4800 IoT Connectivity Kit.
- Hardware
- Getting Started with the Infineon XMC4800 IoT Connectivity Kit and OPTIGA™ Trust X
The security extension for the standard Infineon XMC4800 IoT Connectivity Kit comprises 3 parts
- Infineon XMC4800 IoT Connectivity Kit (Order)
- Infineon My IoT Adapter Board (Order)
- Infineon OPTIGA™ Trust X Shield2Go (Order)
- Embedded Linux machine with exposed GPIOs; e.g Raspberry Pi. It is required to register your OPTIGA™ Trust X security chip on your AWS IoT instance
All three components together depicted below
Before you begin, see Prerequisites to this guide
If you want to open a serial connection with the board to view logging and debugging information, you need a 3.3V USB/Serial converter, in addition to the XMC4800 IoT Connectivity Kit. The CP2104 is a common USB/Serial converter that is widely available in boards such as Adafruit's CP2104 Friend.
Amazon FreeRTOS uses Infineon's DAVE development environment to program the XMC4800. Before you begin, you need to download and install DAVE and some J-Link drivers to communicate with the on-board debugger.
- Go to Infineon's DAVE software download page.
- Choose the DAVE package for your operating system and submit your registration information. After registering with Infineon, you should receive a confirmation email with a link to download a .zip file.
- Download the DAVE package .zip file (DAVE_version_os_date.zip), and unzip it to the location where you want to install DAVE (for example, C:\DAVE4).
Note: Some Windows users have reported problems using Windows Explorer to unzip the file. We recommend that you use a third-party program such as 7-Zip. - To launch DAVE, run the executable file found in the unzipped DAVE_version_os_date.zip folder.
For more information, see the DAVE Quick Start Guide.
To communicate with the XMC4800 Relax EtherCAT board's on-board debugging probe, you need the drivers included in the J-Link Software and Documentation pack. You can download the J-Link Software and Documentation pack from Segger's J-Link software download page.
Setting up a serial connection is optional, but recommended. A serial connection allows your board to send logging and debugging information in a form that you can view on your development machine.
The XMC4800 demo application uses a UART serial connection on pins P0.0 and P0.1, which are labeled on the XMC4800 Relax EtherCAT board's silkscreen. To set up a serial connection:
- Connect the pin labeled “RX<P0.0” to your USB/Serial converter's “TX” pin.
- Connect the pin labeled “TX>P0.1” to your USB/Serial converter's “RX” pin.
- Connect your serial converter's Ground pin to one of the pins labeled “GND” on your board. The devices must share a common ground.
Power is supplied from the USB debugging port, so do not connect your serial adapter's positive voltage pin to the board.
Note: Some serial cables use a 5V signaling level. The XMC4800 board and the Wi-Fi Click module require a 3.3V. Do not use the board's IOREF jumper to change the board's signals to 5V.
With the cable connected, you can open a serial connection on a terminal emulator such as GNU Screen. The baud rate is set to 115200 by default with 8 data bits, no parity, and 1 stop bit.
After you set up your environment, you can download Amazon FreeRTOS. Download latest stable release which includes support for OPTIGA™ Trust X security chip from Infineon's github repository: https://github.com/Infineon/amazon-freertos-optiga-trust-x You can download the code by cloning the repository with the Git GUI
foo@bar:~$ git clone https://github.com/Infineon/amazon-freertos-optiga-trust-xNote: The maximum length of a file path on Microsoft Windows is 260 characters. The longest path in the Amazon FreeRTOS is 122 characters. To accommodate the files in the Amazon FreeRTOS projects, make sure the path to the AmazonFreeRTOS directory is fewer than 98 characters long. For example, C:\Users\Username\Dev\AmazonFreeRTOS works, but C:\Users\Username\Documents\Development\Projects\AmazonFreeRTOS causes build failures.
To run the demo, you must configure your project to work with AWS IoT and a Wi-Fi network.
- Browse to the AWS IoT console.
- In the navigation pane, choose Settings.
- Copy your AWS IoT endpoint from the Endpoint text box. It should look like <1234567890123>-ats.iot.<us-east-1>.amazonaws.com.
- Open aws_demos\application_code\common_demos\include\aws_clientcredential.h in your IDE (refer to the Import the Amazon FreeRTOS Sample Code into DAVE section).
- Set clientcredentialMQTT_BROKER_ENDPOINT to your AWS IoT endpoint.
- Open the same aws_clientcredential.h file.
- Specify values for the following #define constants:
clientcredentialMQTT_BROKER_ENDPOINT
Your AWS IoT endpoint
clientcredentialIOT_THING_NAME
The AWS IoT thing for your board
clientcredentialWIFI_SSID
The SSID for your Wi-Fi network
clientcredentialWIFI_PASSWORD
The password for your Wi-Fi network
clientcredentialWIFI_SECURITY
The security type of your Wi-Fi network.
Valid security types are:- eWiFiSecurityOpen (Open, no security)
- eWiFiSecurityWEP (WEP security)
- eWiFiSecurityWPA (WPA security)
- eWiFiSecurityWPA2 (WPA2 security)
In the original AWS FreeRTOS documentation a user needs to generate it's own private-public key pair per device, whereas the current example uses private-public keypair pre-provisioned in the security controller, as well as a corresponding X.509 certificate. The code from this example read the certificate out of the chip and uses this credential to initialize mbedTLS. mbedTLS requires for a successful initialization to populate corresponding to the certificate private key, however OPTIGA™ Trust X doesn't allow to extract a private key--all private key related functions are performed on chip--thus this example uses a dummy EC key to let mbedTLS start without errors.
- Start DAVE.
- In DAVE, choose File, Import. In the Import window, expand the Infineon folder, choose DAVE Project, and then choose Next.
- In the Import DAVE Projects window, choose Select Root Directory, choose Browse, and then choose the XMC4800 demo project.
In the directory where you cloned your Amazon FreeRTOS, the demo project is located in demos/infineon/xmc4800_iotkit_trustx/dave.
- Choose Finish.
The aws_demos project should be imported into your workspace and activated. - From the Project menu, choose Build Active Project.
Make sure that the project builds without errors.
After you have configured your project, you are ready to run the demo project on your board.
- Use a USB cable to connect your XMC4800 IoT Connectivity Kit to your computer. The board has two microUSB connectors. Use the one labeled “X101”, where Debug appears next to it on the board's silkscreen.
- From the Project menu, choose Rebuild Active Project to rebuild aws_demos and ensure that your configuration changes are picked up.
- Sign in to the AWS IoT console.
- In the navigation pane, choose Test to open the MQTT client.
- In Subscription topic, enter freertos/demos/echo, and then choose Subscribe to topic.
- From Project Explorer, right-click aws_demos, choose Debug As, and then choose DAVE C/C++ Application.
- Double-click GDB SEGGER J-Link Debugging to create a debug confirmation. Choose Debug.
- When the debugger stops at the breakpoint in main(), from the Run menu, choose Resume.
In the AWS IoT console, the MQTT client from steps 4-5 should display the MQTT messages sent by your device. Top