|Product Performed to Expectations:||10|
|Specifications were sufficient to design with:||9|
|Demo Software was of good quality:||8|
|Product was easy to use:||7|
|Support materials were available:||9|
|The price to performance ratio was good:||8|
|TotalScore:||51 / 60|
First of all, thank Randall Scasny(rscasny) for organizing this PSoC® 6 WiFi-BT Pioneer Kit (CY8CKIT-062-WIFI-BT) road test and Cypress for offering the road test kit. I am very grateful for being selected for the road test.
With a growing number of devices connecting to the internet, IoT security becomes a great concern. Among many of security topics, secure boot is the first and most important thing for IoT devices. It builds the root of trust which is the fundamental of a secured system. In this review, I will demonstrate how to build a secure boot image on this PSoC® 6 WiFi-BT Pioneer Kit (CY8CKIT-062-WIFI-BT).
To follow the steps in this review, you need the following software:
2. This project uses OpenSSL to sign the software image. I used Win32 OpenSSL which can be downloaded from https://slproweb.com/products/Win32OpenSSL.html. I first tried version 1.1.1 and it didn't work, so I recommend use version 1.1.0.
3. We also need a serial terminal software such as Tera Term (download from here).
4. Python 3.7.1 may be required if you want to generate your own asymmetric keys using the Python script coming with the template project. I first tried Python 3.5.4 and it didn't work.
2. Install Software
The installation of the prerequisite software should be quite straight forward so I am not going to describe it in details. However, a couple of things need to pay attention:
1. After installing PSoC Creator 4.2, some components may be out-of-date, so you may need to run Cypress Update Manager multiple times to get all components updated as shown below.
2. When install OpenSSL, make sure the full installation path doesn't contain any space. For example, my OpenSSL installation path is E:\OpenSSL-Win64\bin. After the installation, add your OpenSSL installation path to your system environment variable PATH as shown below.
2. If you install Python 3.7.1, make sure add the interpreter's executable folder to the folder list of system environment variable PATH. You can verify use the command shown below.
3. Create the Secure Boot Project
We will not start the secure boot project from scratch. Instead, we will copy a template project from the installed PDL (Peripheral Driver Library), then we will modify the copied project so it can work for PSoC® 6 WiFi-BT Pioneer Kit (CY8CKIT-062-WIFI-BT).
Copy secure_image folder from your PSoC Creator installation path (e.g., C:\Program Files (x86)\Cypress\PDL\3.0.4\security) to your working workspace folder (e.g., C:\ws\PSoC6), then open the workspace file C:\ws\PSoC6\secure_image\example\Secure_Image_Example_workspace.cywrk in PSoC Creator 4.2 IDE. You should see two projects in the Workspace Explorer windows as shown below. As you can see, these two projects are targeted at device CY8C6347BZI-BLD53 which is not the device used on PSoC® 6 WiFi-BT Pioneer Kit (CY8CKIT-062-WIFI-BT). We will modify and update files in the projects later.
4. Create Asymmetric Keys (Optional)
The template project supplies a pair of private and public keys which are located under the project's source folder src\scripts\keys (In my case, the full path is C:\ws\PSoC6\secure_image\src\scripts\keys). You can use these keys as is for this example project, but if you want to use your own keys, there are one batch script file and one Python script file can do the job for you. They are located under folder src\scripts (In my case, the full path is C:\ws\PSoC6\secure_image\src\scripts\). Copy the two scripts rsa_keygen.bat and rsa_to_c.py to a work directory where the key pairs and a section of C code will be generated (For example, I copied to C:\tmp folder). The path of this work directory must not include spaces. Open a command window, change to your work directory(e.g., C:\tmp) and type rsa_keygen.bat.
The batch file will call the Python script file too. After the batch file is executed, a new folder called keys_generated will be created and it contains three new files as shown below.
To update the supplied keys with newly generated keys,
1. copy the content of rsa_private_generated.txt and overwrite the content of src\scripts\keys\rsa_private.txt;
2. copy the content of rsa_public_generated.txt and overwrite the content of src\scripts\keys\rsa_public.txt;
In addition, you need install public key in cy_si_keystorage.c source file. Copy the data of each section in rsa_c_generated.txt to the corresponding section in src\cy_si_keystorage.c. For example, as shown below, to update moduloData section, just copy the highlighted data at left side to the data highlighted at the right side. Repeat the same operation for other sections such as expData, barrettData, inverseModuloData and rBarData.
5. Change Target Device to CY8C6247BZI-D54
As mentioned before, the template project is target to device CY8C6347BZI-BLD53. To change the device, right click on the project "secure_image" then select Device Selector... menu. On the device list, scroll up and select CY8C6247BZI-D54 as shown below. Repeat this operation for the other project "user_app0".
The workspace should look like the following after the correct device has been selected.
6. Update PDL Version
Even though we copied template from PDL v3.0.4, a couple of post build script files still refer to PDL v3.0.1. We need to change PDL version from 3.0.1 to 3.0.4 in src\scripts\secure_image_postbuild.bat as shown below (the left side is the original and the right side is the updated one).
Similarly, we need to change PDL version from 3.0.1 to 3.0.4 in src\scripts\user_app0_postbuild.bat as shown below (the left side is the original and the right side is the updated one).
7. Add UART to Projects
We'd like to get informed whether the secure boot image and user application code have passed the authentication and security check. The easiest way to do is print out some message on a screen, so we will add UART to the design. Double click on the TopDesign.cysch file under secure_image project in Workspace Explorer window, drag and drop UART(SCB)[v2.0] from Component Catalog window to the schematic window.
Double click the UART icon in the schematic window, the following configuration dialog window will pop up. Change the name to "UART" as shown below then click OK to close the dialog window.
Repeat the above operations on the user_app0 project.
8. Retarget Standard I/O
In order to use printf function to print message through UART port, we need to enable retarget I/O utility for the projects. Right click on secure_image project in Workspace Explorer then click Build Settings... menu. A Build Settings dialog window will pop up.
In the pop up dialog window, click on Peripheral Driver Library on the left side and scroll down on the right side, then click on the checkbox of Retarget I/O item and make sure it is checked.
Repeat the above operations for user_app0 project as well.
9. Generate Code
Right click on secure_image project in Workspace Explorer then click Set As Active Project. The current active project will show in bold font.
10. Update Retarget Source Code
Double click on file stdio_user.h under secure_image project to edit it. Add line 149 and modify line 155 & 156 to the same as shown below. Under project user_app0, there's a file with the same name, repeat the same editing operations on this file as well.
11. Replace Three Files with Attachment
There are three files have been modified to use UART to print out verification information. Unzip the attached files then replace the corresponding files in your project folder. The three files are:
12. Build Projects
Set the current active project to secure_image project, then click on the Build button, the IDE will build the secure_image project. Next, set user_app0 as the active project, the build it too. The final image file to program is located at example\user_app0.cydsn\CortexM4\ARM_GCC_541\Debug\user_app0.hex.
13. Program the Device
We can use either the standalone PSoC Programmer software or click on Programmer buttonin PSoC Creator IDE to program the device. Since we will erase and program the device multiple times, I choose the standalone PSoC Programmer software.
Connect the kit and your PC using the supplied USB cable and start PSoC Programmer software. If you haven't updated the KitProg2's firmware before, the software will prompt you for an update as shown below. Click OK button to close the warning window.
Click on the Utilities tab, if you see the Upgrade Firmware button is greyed out, that means your KitProg2 is not in the right mode. You need push the mode switch button (SW4) on your kit once. Then the Upgrade Firmware button will become available and you can click on it to update the firmware.
After the firmware update is completed, the KitProg2 will become KitProg3 as shown below.
Click on the Open button on the top left corner to load the hex file. Browse and select file example\user_app0.cydsn\CortexM4\ARM_GCC_541\Debug\user_app0.hex mentioned before.
14. Verify the Secure Boot
This project will print secure boot status on UART port and we will use Tera Term software to receive the status message. The KitProg hardware creates a USB/UART port on your PC. In my case, it's port COM5. You can identify your port number by plugging and unplugging the USB cable to see which port appears and disappears. Start Tera Term software and set you port with the settings shown below.
Once the serial connection is made, push the reset button (SW1) on your kit and you should see the following messages. That means your system has been securely booted.
15. Make the Secure Boot Fail
How do we make sure the secure boot has done the right job? One way to check is to make it fail. We will modify the hex file then program the device with the modified file.
Open the file example\user_app0.cydsn\CortexM4\ARM_GCC_541\Debug\user_app0.hex with your favorite text editor (I use Notepad++) and modify one byte between offset 0x10000000 and 0x10020000. For example, I will modify the byte at offset 0x10000600 from 0x0F to 0x0E as shown below. Please note that the last byte of each line in the hex file is a checksum, so we need to modify accordingly (if you decrease a byte content by 1, you need to increase the checksum byte by 1 accordingly). Remember saving the file after the modification.
After we program the modified hex file, we didn't see any message out of the serial port anymore. The reason behind is the ROM code cannot authenticate the image in the flash memory, so the secure boot code will never be executed.
Next, we will let the secure boot image pass the authentication but make the application code fail the authentication check. First, we restore the hex file to its original state. Then we modify one byte between offset 0x10002000 and 0x10080000. For example, I will modify the byte at offset 0x10020600 from 0x84 to 0x85 as shown below. Please note that the last byte of each line in the hex file is a checksum, so we need to modify accordingly (if you increase a byte content by 1, you need to decrease the checksum byte by 1 accordingly). Remember saving the file after the modification.
After we program the modified hex file, we observed the application failed authentication check while the secure boot image still passed authentication check.
PSoC6 is very powerful device. Its built-in security features make it very suitable for IoT applications. However, the strong power and the complexity of the device make the learning curve somehow steep for the first time PSoC users.
PSoC® 6 WiFi-BT Pioneer Kit (CY8CKIT-062-WIFI-BT) has a lot of features which allows users be able to fully explore the power of PSoC6 devices. Cypress provides a wide range of software tools for PSoC development. The drawback is time consuming to learn multiple tools. A highly integrated cross platform IDE is preferred.