Archive for March, 2018

Booting Windows IoT Core on i.MX6SabreLite

Made some good progress on secure booting on the SabreLite platform.

While the SabreLite platform from Boundry Device is getting rather long in the tooth. It is one of the (presently) unsupported platform for Windows IoT Core. I have put in a great deal of time and I now have, at least, a secure u-boot implementation working. I plan on doing a pull request to the private Microsoft repo soon. Just a few more pieces to check out. I anticipate the next steps to be not as difficult as there are some good templates to follow. Stay tuned…

NXP i.MX6/7 secure boot

So it’s been fun digging into the Windows IoT Core implementation on the i.MX platform. One of the most unique features of the Microsoft implementation is the secure boot feature. I have seen and heard lots of hype on IoT implementations on all kinds of platforms. Everything from high end x86/x64 down to the tiny Ardunio claim to be “IoT” ready and everyone seems to be jumping on the band wagon. But one thing I have noticed on many platforms is the lack of a good security infrastructure. This starts from boot up and continues through image loading and onward.

The windows boot process starts with a good solid secure boot infrastructure. Secure boot helps a compute resist attacks and infection from malware. Secure boot relies on the same public/private key (PKI) infrastructure we have become use to such things as secure web transactions and the like.  The private key is stored locally in a private key store an is used with the encryption algorithm to secure the boot code. Some of the newer silicon actually have features which help in this process. Some chips have dedicated I.P. (intellectual property) that will do the encryption based on standard algorithms, like A.E.S. Others may have on chip T.P.M. (Trusted Platform Module). For the i.MX platform we use the H.A.B. (High Assurance Boot or sometimes call High Availability Boot) feature. The HAB library is a sub-component of the boot ROM on i.MX processors. It is responsible for verifying the digital signatures included as part of the product software and ensures that, when the processor is configured as a secure device, no unauthenticated code is allowed to run.

From the developers point of view implementing secure boot can be quite painful. There are several additional steps that must be followed in a very specific order or you stand the chance of totally bricking your device. I have been working on an internal Microsoft project that uses the HAB feature of the i.MX and I have found the work most interesting. While for the time being this work is covered under an N.D.A. you will be hearing more in the near future.  Stay tuned!

.NET core vs. IoT core

The terms .NET Core and IoT Core sometimes get confused. When speaking Microsoft embedded I here these terms confused quite often. So here is the bottom line:

IoT Core is Microsoft’s strategy for crafting a stripped down version of the Windows 10 operating system suitable for running on small, resource constrained devices. These devices are usually embedded devices which may or may not have a display and are targeted for the “Internet of Things” space. The operating system is a “lite” version of the desktop OS running typically on ARM or x86 based devices. IoT Core maintains much of the desktops “look and feel” and the programming API’s so it should be familiar to Windows developers. IoT devices typically interface to IO sensors, acquire data for some local process and may be network connected.

.NET Core is a free, cross-platform, open source developer platform (i.e. framework) for building many different types of applications. .NET Core can run on the Linux or Apple’s macOS operating system. .NET Core supports several languages like C#, F# and Visual Basic. .NET Core does not support all the full .NET (desktop) Framework app-models, in part because many of them are built on Windows technology. .NET Core implements a subset of the subsystems in the .NET Framework, with the goal of a simpler implementation and programming model.

So remember IoT Core is an operating system while .NET Core is a programming framework.

 

 

Windows IoT Core on NXP Saber Lite board

I was pretty stoked with this announcement about NXP’s support for Windows IoT Core.

I was pretty far along the Windows IoT Core learning curve having rebuild and modified the Raspberry Pi BSP and image. I was looking for a new platform to port IoT Core too which lead me to my previous post. The porting to the Beaglebone was a dead end because of the way the interrupts were implemented on the SOC. Now, with the NXP support I have renewed enthusiasm. I am happily contributing to the private repo to broaden the boards supported. In particular I have a “close to working” image running on the Sabre Lite board developed by Boundary Devices. The standard reference SABRE board is already supported so I have a good starting point.

more to come …

.NET Core on Beaglebone and Gumstix platforms

With the release of .NET Core 2.0 its now practical to develop apps with Visual Studio 2017 and run them on BeagleBone and Gumstix platform. You may recall I developed the Windows Embedded Compact BSP for these platform. .NET Core is another twist in that it will run on top of a Debian Linux distro. Linux distro’s are much more popular on these platforms and they also come preinstalled from the factory this way. I have a few simple apps running and hope to be publishing more shortly. Stay tuned…