How to connect mbed LPC114FN28 to AXEDA for Internet of Things?

This post shows how to connect mbed LPC114FN28 to AXEDA Service for Internet of Things.

mbed LPC1114FN28

• platform partner : switch-science
  

>The mbed LPC1114FN28 operates at CPU frequencies of 48 MHz. The LPC1114FN28 includes up to 32 kB of flash memory, up to 4 kB of data memory, one Fastmode Plus I2C-bus interface, one RS-485/EIA-485 UART, one SPI interface with SSP features, four general purpose counter/timers, a 10-bit ADC, and up to 22 general purpose I/O pins.

http://developer.mbed.org/platforms/LPC1114FN28/
>Note: LPC1114FN28 platform doesn’t support RTOS due to its flash size. Please *do not import mbed-rtos library into your project.

mbed LPC1114FN28 has very limited size memory size and no Internet connectivity.
In addition, LPC114EN28 doesn’t support RTOS and EthernetInterface.

How to connect mbed LPC114FN28 to AXEDA (IoT Cloud Platform)?
An answer is WIZ550io.

WIZ550io is an auto configurable Ethernet controller that includes a W5500 (TCP/IP hardwired chip and PHY embedded), a transformer and RJ45. It supports Serial Peripheral Interface (SPI) bus as host interface. Therefore,
host system can be simply connect to Internet without EthernetInterface or TCP/IP software stack (included in RTOS).
http://developer.mbed.org/components/WIZ550io/

Hardware - mbed LPC1114FN28 + WIZ550io

• WIZ550io: Ethernet Connectivity

  pin name	LPC1114FN28	direction	WIZ550io
  miso	dp1		J1:3
  sck	dp6	—->	J1:5
  scs	dp26	—->	J1:6
  RSTn	dp25	—->	J2:3

• Potentiometer:

  pin name	LPC1114FN28	direction	Potentiometer
  AnalogIn	dp13	<—-	2(OUT)

Software - AxedaGo-mbedNXP + W5500Interface

1. Import AxedaGo-mbedNXP

   • click and import this program : AxedaGo-mbedNXP
     

2. Change a platform as mbed LPC1114FN28

   • This program is made for LPC1768. But, we will use LPC1114FN28. So, LPC1114EN28 is selected the right platform in the compiler.
     

3. Delete EthernetInterface and mbed-rtos on AxedaGo-mbedNXP_WIZ550io

4. Import W5500Interface

   • click and import this program : W5500Interface
     

5. Porting main.cc

   • For using WIZ550io, EthernetInterface Init. should be changed as below,

     #if defined(TARGET_LPC1114)
     SPI spi(dp2, dp1, dp6); // mosi, miso, sclk
     EthernetInterface eth(&spi, dp25, dp26); // spi, cs, reset
     AnalogIn pot1(dp13);
     #else
     EthernetInterface eth;
     AnalogIn pot1(p19);
     AnalogIn pot2(p20);
     #endif
     

   • AnalogIn ports should be also configured by depending on platform.

AXEDA

• Ref.: Axeda Go Kit for mbed NXP LPC1768 Prototyping Board
  • site link :http://developer.axeda.com/Instructions/axeda-go-kit-mbed-NXP-LPC176

• make dashboard on Axeda

  1. Click "AXEDA REDY"
     

  2. Select mbed LPC1768 and enter device name
     

  3. Copy serial number
     

  4. input serial number in code(main.cc)

     char *SERIAL_NUM = "SerialNumber";
     

Enjoy AXEDA with LPC1114FN24 + WIZ550io

Before Enjoy Axeda, click the Compile button at the top of the page and download .bin on your platform.

• Serial Terminal Log.
  You will comfirm DHCP IP address, Protentiometer value and sending message in debugging message.

    Connected to COM42.
  
    initializing Ethernet
     - Ethernet ready
    Ethernet.connecting 
     - connecting returned 0 
    Trying to get IP address..
      -  IP address:192.168.13.53    //<---  DHCP IP address 
    Sending Value for well1 0.00     //<--- Potentiometer value
    Received 36 chars from server:   //sending message
    HTTP/1.1 200 
    Content-Lengtved 36 chars from server:
    HTTP/1.1 200 
    Content-Length: 0
  
    Sending Value for well1 0.14     //<--- Potentiometer value
    Received 36 chars from server:   //sending message
    HTTP/1.1 200 
    Content-Length: 0
  
    Sending Value for well1 0.27    
    Received 36 chars from server:
    HTTP/1.1 200 
    Content-Length: 0
  
    Sending Value for well1 0.29
    Received 36 chars from server:
    HTTP/1.1 200 
    Content-Length: 0
  

• Axeda Developer Toolbox
  Your mbed board is now connected to your Axeda Toolbox account.
  Open up the mbed Widget by proceeding to your dashboard from the staging page.

In Data Items, it is able to displays to Potentiometer values from LPC1114FN24 + WIZ550io with graphic line.

Comparison of mbed LPC1768 and mbed LPC1114FN28 for Axeda

	mbed LPC1768 (lwIP)	mbed LPC1114FN28 (WIZ550io)
Codes
Memory usage

In casd of mbed LPC1768, the code size for Axeda is more than double the size of the Flash memory of the LPC1114 to 66.8kB. On the other hand, memory usage of LPC1114FN28 + WIZ550io is 65% (20.8kB).

Get Codes

http://developer.mbed.org/users/embeddist/code/AxedaGo-mbedNXP_WIZ550io/

generated by haroopad

Firewall SoC with TCP/IP Offload Engine for Internet of Things

There is no doubt that the number of IoTs will increase explosively.

>Gartner, Inc. forecasts that 4.9 billion connected things will be in use in 2015, up 30 percent from 2014, and will reach 25 billion by 2020.

As the IoT device continues to increase, IoT devices will be faced with the network flooding attack, such as DDoS, more frequently. However, because of its capacity of memory and MCU, nearly most IoT devices are very vulnerable to heavy network attacks and traffisc.

Weakness of these IoT device must be a great opportunity to TOE-embedded MCU, W7500. While TOE under Network attack is to reduce the MCU and memory resources of IoT device, because it is possible to protect the System of IoT device.

What is Firewall TCP/IP offload Engine for IoT?

Software TCP/IP stack

First, let’s examine the Software TCP/IP stack.

Software TCP/IP stack implemented on host system requires more capacity of extra memory and extra processing power for network communications. Normally, ARM Cortex-M core copies data from Ethernet MAC buffer to memory, analyze the received packets in memory using the software stack and then executes an appropriate process.

If network flooding attack has occurres, Cortex-M will repeatedly excute process in order to process flooding packets. Therefor, excessive number of TCP requests such as SYN-flooding attacks will overload the IoT device.

Hardware TCP/IP TOE

On the other hand, the hardware TCP/IP TOE, which is implemented as Hardwired logic from Ethernet MAC Layer to TCP/IP Layer, is able to protect IoT system against network attack under excessive number of flooding packet by making discard flooding packets detected.

Comparison of Software TCP/IP stack and Hardware TCP/IP TOE under the Network attack such as DDoS.

This means that Cortex-M does not have to handle the flooding packet even under Network attack. Further, because the TCP / IP stack processing is performed in TOE, it is possible to save the amount of memory for TCP/IP communications.

These TOE features are not to limited to the Network attack, it is also possible to expect the same performance under heavy network traffic.

We compared the network performance of software TCP/IP stack and Hardware TCP/IP TOE under DoS Attack (Syn-flood attack).

Comparison of Software and Hardware TCP/IP System

	Software TCP/IP	Hardware TCP/IP
Platform Pic.
Platform Name	mbed1768	W7500 EVB
Max Clock (MHz)	96	48
Flash (KB)	512	128
RAM (KB)	64	32
Use DMA	O	O
software	RTOS + lwIP	Non-OS + Fireware
Code size (KB)	Flash:64.5 / RAM:35.2	Flash: 9.09 / RAM: 8.99
Compiler	Web-compiler (mbed.org)	keil
Test tools	Iperf.exe, scapy (python)

Network configurations for Network Performancs tests

How to use iperf

>Iperf is a tool to measure maximum TCP bandwidth, allowing the tuning of various parameters and UDP characteristics. Iperf reports bandwidth, delay jitter, datagram loss.

https://iperf.fr/

# ex.) host IP(192.168.77.34):port[5000], display format is Mbit/sec, interval 1 sec.
iperf.exe -c 192.168.77.34 -p 5000 -f m -i 1

• -c : —client host, -c will connect to the host specified.
• -p : —port #, the server port for the server to listen.
• -f : —format [], ‘m’ = Mbit/sec
• -i : —interval #, Sets the interval time in seconds between periodic bandwidth through performance

Scripts for DoS Attack (Syn-flood attack)

We used the scapy (python library) as DoS Attack.

Scapy is a powerful interactive packet manipulation program. It can easily handle most classical tasks like scanning, tracerouting, probing, unit tests, attacks or network discovery.
http://www.secdev.org/projects/scapy/

from scapy.all import
inter = input('inter(time in seconds to wait between 2packets) :')

def synFlood(src, tgt, inter):
    IPlayer = IP(src, dst=tgt)
    TCPlayer= TCP(sport=3000, dport=3000) # as your env. change source and destination port
    pkt = IPlayer / TCPlayer
    send(pkt, loop=1, inter=inter) #

#send(pkts, inter=0, loop=0, verbose=None)
#    Send packets at layer 3, using the conf.L3socket supersocket. pkts can
#    be a packet, an implicit packet or a list of them.
#    loop: send the packets endlessly if not 0.
#    inter: time in seconds to wait between 2 packets
#    verbose: override the level of verbosity. Make the function totally silent when 0.
#   * Refer to http://www.secdev.org/projects/scapy/files/scapydoc.pdf for more detail.

# as your env. change to real IP address and so on.
src = "192.168.77.253" # PC IP address
tgt = "192.168.77.34"  # target board
synFlood(src, tgt, inter)

Network performance

It is possible to prove that the network performance of Hardware TCP/IP TOE is better and more stable than software TCP/IP stack under SYN flood attack. In particular, when interval is 0.001sec., the network performance of TOE is 9 times better than the software TCP/IP stack even though the platform embedded software TCP/IP stack is better than TOE platform.

It is confirmed that the Hardware TCP/IP TOE is able to maintain the network performance even if SYN-flood attack is increased. Otherwise, it is possible to observe that the network performance of software TCP/IP stack became extremely worse according to the interval of SYN-attack.

generated by haroopad

Firewall for Internet of Things

Intro

• What is a ddos attack ?


• DDoS Attacks Continue to Rise


• Internet of things devices could be used to support DDoS attacks

** What is a firewall for IoT ?**
- We will compare the traditional method and the proposed method under DoS Attack (SYN-flood attack).

IoT Platform: mbed NXP LPC1768

It is based on the NXP LPC1768, with a 32-bit ARM Cortex-M3 core running at 96MHz. It includes 512KB FLASH, 32KB RAM and lots of interfaces including built-in Ethernet, USB Host and Device, CAN, SPI, I2C, ADC, DAC, PWM and other I/O interfaces. The pinout above shows the commonly used interfaces and their locations. Note that all the numbered pins (p5-p30) can also be used as DigitalIn and DigitalOut interfaces.
- Link1: For more detail

Traditional method: LwIP (TCP/IP software stack) + Ethernet MAC (LPC1768) + Ethernet PHY (DP83848J)@mbed application board (Ethernet connector)

* Feature list
* 128x32 Graphics LCD
* 5 way joystick
* 2 x Potentiometers
* 3.5mm Audio jack (Analog Out)
* Speaker, PWM connected
* 3 Axis /1 1.5g Accelerometer
* 3.5mm Audio jack (Analog In)
* 2x Servo motor headers
* RGB LED, PWM connected
* USB-mini-B Connector
* Temperature sensor
* Socket for for Xbee (Zigbee) or RN-XV (Wifi)
* RJ45 Ethernet Connector
* USB-A Connector
* 1.3mm DC Jack input

• Link2: mbed application board in mbed.org

Proposed method: WIZ550io (TOE + Ethernet MAC + Ethernet PHY)

- Link3: WIZ550io components in mbed.org
- Link4: W5500 components in mbed.org

Application for iperf

Recv only code for Software stack

• fixed an echo server on mbed.

[code lang=cpp]
#include "mbed.h"
#include "EthernetInterface.h"

EthernetInterface eth;
int main()
{
printf("Trying rn");
// as your env. change to real IP address and so on.
int ret = eth.init("192.168.77.34", "255.255.255.0", "192.168.77.1");

if (!ret) {
printf("Initialized, MAC: %snr", eth.getMACAddress());
printf("Connected, IP: %s, MASK: %s, GW: %snr",
eth.getIPAddress(), eth.getNetworkMask(), eth.getGateway());
} else {
printf("Error eth.init() - ret = %dnr", ret);
return -1;
}

eth.connect();
printf("IP Address is %sn", eth.getIPAddress());

TCPSocketServer server;
server.bind(5000);
server.listen();

while (true) {
printf("nWait for new connection...n");
TCPSocketConnection client;
server.accept(client);
client.set_blocking(false, 1500); // Timeout after (1.5)s

printf("Connection from: %sn", client.get_address());

char buffer[2048];
while (true) {
int n = client.receive(buffer, sizeof(buffer));

if (n < 0) break; // !_is_connected

}
client.close();
}
}
[/code]

Recv only code for TOE

[code lang=cpp]
#include <stdio.h>
#include <string.h>
#include "mbed.h"
#include "EthernetInterface.h"


//DigitalOut myled(LED1);
//Serial pc(USBTX , USBRX);
int main() {

printf("Test - WIZ550iorn");

/** Set the spi bus clock frequency
*
* @param hz SCLK frequency in hz (default = 1MHz)
* Maximum SPI data bit rate of 12.5 Mbit/s in LPC176X
*/
spi.frequency(12500000);
SPI spi(p5, p6, p7); // mosi, miso, sclk
EthernetInterface eth(&spi, p8, p11); // spi, cs, reset

// as your env. change to real IP address and so on.
int ret = eth.init("192.168.77.34", "255.255.255.0", "192.168.77.1");
if (!ret) {
printf("Initialized, MAC: %snr", eth.getMACAddress());
printf("Connected, IP: %s, MASK: %s, GW: %snr",
eth.getIPAddress(), eth.getNetworkMask(), eth.getGateway());
} else {
printf("Error eth.init() - ret = %dnr", ret);
return -1;
}

printf("IP Address is %sn", eth.getIPAddress());

TCPSocketServer server;
server.bind(5000);
server.listen();

while (true) {
printf("nWait for new connection...n");
TCPSocketConnection client;
server.accept(client);
client.set_blocking(false, 1500); // Timeout after (1.5)s

printf("Connection from: %sn", client.get_address());

char buffer[2048];
while (true) {
int n = client.receive(buffer, sizeof(buffer));

if (n < 0) break; // !_is_connected
}
client.close();
}
}
[/code]

Comparison of memory Size

	Software stack	TOE (W5500)
Codes
Memory usage

35.2kB(110%) : The LPC1768 has 3 RAM banks: One general purpose one of 32kB, and two additional ones of 16kB each for Ethernet/USB/CAN purposes. Ethernet completely fills one of those additional banks. The online compiler does take this into account for the total RAM usage, but assumes only 32kB is available, so it gets over the 100% what it displays, still will work fine though. (from mbed.org: http://developer.mbed.org/questions/3579/mbed-LPC-1768-RAM-Usage-128-what-does-th/)

** TOE can reduce the flash and RAM usage of by 7% and 119% respectively. **

DoS Attack (Syn-flood attack)

We used the scapy based on python library for DoS Attack.

[code lang=python]
from scapy.all import

inter = input('inter(time in seconds to wait between 2packets) :')

def synFlood(src, tgt, inter):
IPlayer = IP(src, dst=tgt)
TCPlayer= TCP(sport=3000, dport=3000) # as your env. change source and destination port
pkt = IPlayer / TCPlayer
send(pkt, loop=1, inter=inter) #

#send(pkts, inter=0, loop=0, verbose=None)
# Send packets at layer 3, using the conf.L3socket supersocket. pkts can
# be a packet, an implicit packet or a list of them.
#
# loop: send the packets endlessly if not 0.
# inter: time in seconds to wait between 2 packets
# verbose: override the level of verbosity. Make the function totally silent when 0.
# * Refer to http://www.secdev.org/projects/scapy/files/scapydoc.pdf for more detail.


# as your env. change to real IP address and so on.
src = "192.168.77.253" # PC IP address
tgt = "192.168.77.34" # target board (LPC1768)

synFlood(src, tgt, inter)
[/code]

How to use iperf

Iperf is a tool to measure maximum TCP bandwidth, allowing the tuning of various parameters and UDP characteristics. Iperf reports bandwidth, delay jitter, datagram loss

• https://iperf.fr/

[code lang=text]
# ex.) host IP(192.168.77.34):port[5000], display format is Mbit/sec, interval 1 sec.
>iperf.exe -c 192.168.77.34 -p 5000 -f m -i 1
[/code]

• -c : --client host, -c will connect to the host specified.


• -p : --port #, the server port for the server to listen.


• -f : --format [], 'm' = Mbit/sec


• -i : --interval #, Sets the interval time in seconds between periodic bandwidth
  Through performance

Network Configuration

• **Fig. Network configurations to measure performance **
  

Network performance

• Fig. Traditional method: lwIP performance according to traffic of SYN packet
  




• Fig. Proposed method: TOE(W5500) performance according to traffic of SYN packet.
  

**The network performance of traditional method is better the proposed method when DoS attack is weak. Because, the traditional method used the bus-interface for MAC. (The proposed method doesn't used spi-dma.)
However, The proposed method kept up the network performance under SYN-flood attack.
Otherwise, the network performance of the traditional method is became extremely worse according to the interval of SYN-attack.
**

An Simple IoT example - connected CO2 Sensor with WIZ550S2E

This IoT example shows how to connect CO2 sensor to your ethernet network, and how to send sensing data by using Serial-to-Ethernet gateway module as UDP client. Using S-to-E gatewat module, your device does not need any additional codes and hardware requried.

In this example, WIZ550S2E-232 as a S-to-E module and S-300 as a CO2 sonsor module are used.

• WIZ550S2E-232: This module is a gateway module that converts RS-232 protocol into TCP/IP protocol and enables remote gauging, remote management of the device through the network based on the Ethernet and the TCP/IP by connecting to existing equipment with RS-232 serial interface.




• S-300: This SO2 (Carbon Dioxide) sensor module designed by ELT (http://eltsensor.co.kr/) and has available output with TTL-UART for sampling interval of about 3 seconds .

Block Diagram and Network Configurations

• This figure is shown the block diagram and network configurations for this project.
  
  

  
  
  • IoT Sensor Node is made up as follows
    
    
    
    
    • S-to-E : WIZ550S2E-232
    
    
    • CO2 Sonsor : S-300
    
    
    • UDP Client embedded on S-to-E
    
    
  
  
  • Monitoring Server is composed as follows
    
    
    
    
    • UDP server : Hercules (TCP/IP utils) on PC
    
    
  
  
  
  
  




• Serial-to-Ethernet Module : WIZ550S2E-232
  
  
  
  

  
  
  • Gateway module that converts RS-232 protocol into TCP/IP protocol
  
  
  • Serial to Ethernet Module based on W5500 & Cortex-M0
  
  
  • RJ-45 mounted, Pin-header type module
  
  
  • Serial signals : TXD, RXD, RTS, CTS, GND
  
  
  • Support the configuration method of AT command & Configuration tool program
  
  
  • Configuration tool program operates on Windows, Linux & MAC OS
  
  
  • Support the interface board for RS-232 and RS422/485
  
  
  • 10/100Mbps Ethernet & Max.230kbps serial speed
  
  
  • Support WIZ VSP (Virtual Serial Port) program
  
  
  • Dimension (mm) : 55(L) x 30 (W) x 23.49 (H)
  
  


• Co2 Sensor: ELT Sensor : S-300
  
  
  
  
  
  
  • Non-Dispersive Infrared (NDIR) technology used to measure CO₂levels.
  
  
  • Pre-calibrated
  
  
  • Available outputs : TTL-UART, I2C, ALARM, PWM/Analog Voltage.
  
  
  • Gold-plated sensor provides long-term calibration stability.
  
  
  • Installed re-calibration function
  
  
  • Operate as ACDL mode (Automatic Calibration in Dimming Light mode).
  
  
  • Manual Re-Calibration function is executable.
  
  
  • ROHS Directive- 2011/65/EU,[EN50581 : 2012,IEC 62321-3-1 : 2013]
  
  
  • Size : 33mmx33mmx13.1mm
  
  
  • Weight : 10 grams
  
  

Hardware connections

Three lines as below the may be connected for Sensor node.
The TXD in S-300 and RXD in WIZ550S2E should be connected together.

WIZ550S2E	Direction	S-300 JIG
RXD	<---	TXD
VCC(baseboard)	<---	VCC (5V)
GND		GND

• WIZ550S2E
  
  




• S-300 JIG
  
  

Software

• WIZ550S2E Side: Sensor Node
  
  

  
  
  • wiznet_configuration_tool is dedicated utility to configure the WIZ550S2E.
  
  
  • WIZ550 Configruation Tool Download : wiznet_configuration_tool_ver1.02.zip
  
  
  • WIZ550 Configruation Tool User Guide : WIZ550 Configruation Tool Guides
  
  
  
  
  




• PC tools: Monitoring Server
  
  

  
  
  • Herdules
    
    

    
    > Hercules SETUP utility is useful serial port terminal (RS-485 or RS-232 terminal) , UDP/IP terminal and TCP/IP Client Server terminal. It was created for HW group internal use only, but today it's includes many functions in one utility and it's Freeware! With our original devices (Serial/Ethernet Converter, RS-232/Ethernet Buffer or I/O Controller) it can be used for the UDP Config.
    

  
  
  • Hercules download : version3.2.8

  
  
  • Hercules user guide : User Guide
  
  
  
  
  

  

Setting

• WIZ550S3E Side: Sensor Node
  
  
  

  
  
  • Refer to User Guide for more details
    
    
    
    
    • Korean- user guide
    
    
    • English- user guide
    
    
  
  


• PC tools: Monitoring Server
  

Excuting

• UART frame of S-300
  
  




• CO2 Data received from the Sensor node
  
  




• CO2 Data shown in text format
  
  




• CO2 Data shown in Hex format
  
  

  

Tip4 - Arduino Example

ArduinoNote List-page

Arduino IDE는 기본적으로 User들을 위해 많은 Example를 포함하고 있다.
이러한 Example즉 각 Skectch의 설명은 아래의 목록은 참고하면 유용하다.
(Ethernet Shiedl관련 sketch의 설명도 있다.)

arduino.cc > Learning > Examples


Ethernet Shield중 ChatServer
하기 그림과 같이 모든Sketch들이
* sketch에 대한 설명
* Hardware Required : 지원하는 platform과 Shield
* Circuit : 회로에 대한 설명
* Schematic
* Code
* See Also : 관련 Sketch 링크
등의 Tutorial식으로 설명한다.

Tip3 - Arduino에서 사용되는 structure/Function/variables and constant

ArduinoNote List-page

Arduino IDE를 작성하면서 variables / stucture / Func. 등의 자세한 사항은 하기의 arduino.cc내의 Language Reference를 참고하면 유용하다.

arduino.cc > Learning > Reference