Maxim Integrated / Mbed 2 deprecated DeepCover Embedded Security in IoT

MAXREFDES143#: DeepCover Embedded Security in IoT Authenticated Sensing & Notification

Dependencies:   MaximInterface mbed

The MAXREFDES143# is an Internet of Things (IoT) embedded security reference design, built to protect an industrial sensing node by means of authentication and notification to a web server. The hardware includes a peripheral module representing a protected sensor node monitoring operating temperature and remaining life of a filter (simulated through ambient light sensing) and an mbed shield representing a controller node responsible for monitoring one or more sensor nodes. The design is hierarchical with each controller node communicating data from connected sensor nodes to a web server that maintains a centralized log and dispatches notifications as necessary. The mbed shield contains a Wi-Fi module, a DS2465 coprocessor with 1-Wire® master function, an LCD, LEDs, and pushbuttons. The protected sensor node contains a DS28E15 authenticator, a DS7505 temperature sensor, and a MAX44009 light sensor. The mbed shield communicates to a web server by the onboard Wi-Fi module and to the protected sensor node with I2C and 1-Wire. The MAXREFDES143# is equipped with a standard shield connector for immediate testing using an mbed board such as the MAX32600MBED#. The simplicity of this design enables rapid integration into any star-topology IoT network requiring the heightened security with low overhead provided by the SHA-256 symmetric-key algorithm.

More information about the MAXREFDES143# is available on the Maxim Integrated website.

Diff: SensorNode.hpp

Revision:
32:0a09505a656d
Parent:
25:37ea43ff81be
--- a/SensorNode.hpp	Tue Apr 04 14:10:48 2017 -0500
+++ b/SensorNode.hpp	Mon Nov 06 17:34:13 2017 -0600
@@ -28,129 +28,126 @@
 * trademarks, maskwork rights, or any other form of intellectual
 * property whatsoever. Maxim Integrated Products, Inc. retains all
 * ownership rights.
-*******************************************************************************
-*/
+*******************************************************************************/
 
 #ifndef SENSORNODE_HPP
 #define SENSORNODE_HPP
 
 #include <stdint.h>
-#include <cstring>
-
+#include <MaximInterface/Devices/DS28E15_22_25.hpp>
+#include <MaximInterface/Utilities/RomId.hpp>
+#include <MaximInterface/Utilities/ManId.hpp>
 #include "DS7505.hpp"
 #include "MAX44009.hpp"
-#include "Slaves/Authenticators/DS28E15_22_25/DS28E15.h"
 
 class SensorData;
-namespace OneWire
-{
-  class RomId;
-  class DS2465;
-}
+namespace MaximInterface { class DS2465; }
 namespace mbed { class I2C; }
 
 /// Interface to the Authenticated Sensor Node peripheral board.
-class SensorNode
-{
+class SensorNode {
 public:
-  enum State
-  {
+  enum State {
     UnableToCommunicate, ///< I2C or 1-Wire communication failure.
-    NotProvisioned, ///< DS28E15 has not been provisioned.
-    NotAuthentic, ///< DS28E15 is not authentic.
-    Authentic ///< DS218E15 is authentic.
+    NotProvisioned,      ///< DS28E15 has not been provisioned.
+    NotAuthentic,        ///< DS28E15 is not authentic.
+    Authentic            ///< DS218E15 is authentic.
   };
-  
+
   /// @param i2c Configured I2C communication interface.
   /// @param ds7505_i2c_addr I2C bus address of the DS7505 in mbed format.
   /// @param max44009_i2c_addr I2C bus address of the MAX44009 in mbed format.
   /// @param ds2465 Interface to DS2465 on the Controller.
-  SensorNode(mbed::I2C & i2c, uint8_t ds7505_i2c_addr, uint8_t max44009_i2c_addr, OneWire::DS2465 & ds2465);
-  
+  SensorNode(mbed::I2C & i2c, uint8_t ds7505_i2c_addr,
+             uint8_t max44009_i2c_addr, MaximInterface::DS2465 & ds2465);
+
   /// Detect if an authentic Sensor Node is connected.
   /// @param userEntropy Additional entropy to supply to the RNG.
   /// @returns Authentic on success.
   State detect(unsigned int userEntropy);
-  
+
   /// Read the current temperature and filter life measurements with authentication.
   /// @param userEntropy Additional entropy to supply to the RNG.
   /// @param sensorData Measurements output location.
   /// @returns Authentic on success.
-  State authenticatedReadSensorData(unsigned int userEntropy, SensorData & sensorData);
-  
+  State authenticatedReadSensorData(unsigned int userEntropy,
+                                    SensorData & sensorData);
+
   /// Reads the current temperature and filter life measurements.
   /// @param sensorData Measurements output location.
   /// @returns True on success or false if unable to communicate with a sensor.
   bool readSensorData(SensorData & sensorData);
-  
+
   /// Get the ROM ID for this sensor node.
-  const OneWire::RomId romId() const { return ds28e15.romId(); }
-  
+  const MaximInterface::RomId romId() const { return romId_; }
+
   /// Get the initial lux measurement for this sensor node.
-  double initialLux() const { return m_initialLux; }
-  
+  double initialLux() const { return initialLux_; }
+
   // Grant access to hardware interfaces for provisioning.
-  friend bool provisionCoprocessor(OneWire::DS2465 & ds2465);
+  friend bool provisionCoprocessor(MaximInterface::DS2465 & ds2465);
   friend bool provisionSensorNode(SensorNode & sensorNode, bool validSecret);
-  
+
 private:
   /// Authenticated data stored in DS28E15.
-  struct AuthData
-  {
+  struct AuthData {
     static const uint8_t initialFilterLife = 100;
-    OneWire::DS28E15_22_25::Segment segment;
-    uint8_t & filterLife;
-    unsigned int pageNum, segmentNum;
-    
-    AuthData() : filterLife(segment[0]), pageNum(0), segmentNum(0) { reset(); }
-    
-    void reset()
-    {
+    MaximInterface::DS28E15::Segment segment;
+    int pageNum, segmentNum;
+
+    uint8_t & filterLife() { return segment[0]; }
+    const uint8_t & filterLife() const { return segment[0]; }
+
+    AuthData() : pageNum(0), segmentNum(0) { reset(); }
+
+    void reset() {
       segment.fill(0);
-      filterLife = initialFilterLife;
+      filterLife() = initialFilterLife;
     }
   };
-  
+
   /// Padding value used in creation of the Slave Secret.
   static const uint8_t defaultPaddingByte = 0x00;
-  
+
+  static const MaximInterface::ManId manId;
+
   /// Indicates hardware RNG is initialized.
   static bool rngInitialized;
   // Initialize the hardware RNG.
   static void initializeRng();
-  
+
   /// Initial lux measurement taken on initialization.
   /// Assumed to be the maximum intensity that will be observed.
-  double m_initialLux;
-  
+  double initialLux_;
+
   /// Authenticated data stored on the DS28E15.
   AuthData authData;
-  
+
   // Hardware interfaces
-  OneWire::DS2465 & ds2465; ///< Interface to DS2465 on Controller.
-  OneWire::SingledropRomIterator selector;
-  OneWire::DS28E15 ds28e15; ///< DS28E15 for authentication.
-  DS7505 ds7505; ///< DS7505 temperature sensor.
+  MaximInterface::DS2465 & ds2465; ///< Interface to DS2465 on Controller.
+  MaximInterface::DS28E15 ds28e15; ///< DS28E15 for authentication.
+  MaximInterface::RomId romId_;
+  DS7505 ds7505;     ///< DS7505 temperature sensor.
   MAX44009 max44009; ///< MAX44009 optical light sensor.
-  
+
   /// Initialize sensors for measurement.
   /// @returns True on success.
   bool initializeSensors();
-  
+
   /// Select the Slave Secret for this Sensor Node in the Controller.
   /// @returns True on success.
   bool setSecret();
-  
+
   /// Check if the Sensor Board is provisioned.
   /// @param provisioned True if the sensor board is provisioned.
   /// @returns True if provisioning check was successful.
   bool checkProvisioned(bool & provisioned);
-  
+
   /// Check if the Sensor Board is authentic.
   /// @param userEntropy Additional entropy to supply to the RNG.
   /// @returns True if the Sensor Board passed the authentication check.
   bool checkAuthentic(unsigned int userEntropy);
-  
+
   /// Checks if the authenticated data stored in the DS28E15 needs to be updated.
   /// Updates the authenticated data if necessary.
   /// @param sensorData Current sensor data to check.