-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathfeed.xml
More file actions
288 lines (223 loc) · 44.9 KB
/
Copy pathfeed.xml
File metadata and controls
288 lines (223 loc) · 44.9 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
<?xml version="1.0" encoding="utf-8"?><feed xmlns="http://www.w3.org/2005/Atom" ><generator uri="https://jekyllrb.com/" version="4.0.0">Jekyll</generator><link href="/feed.xml" rel="self" type="application/atom+xml" /><link href="/" rel="alternate" type="text/html" /><updated>2021-03-08T09:48:57-05:00</updated><id>/feed.xml</id><title type="html">Robby Simpson</title><subtitle>Write an awesome description for your new site here. You can edit this line in _config.yml. It will appear in your document head meta (for Google search results) and in your feed.xml site description.</subtitle><entry><title type="html">Microcontroller-Controlled LiPo Protection Circuit</title><link href="/2021/03/08/lipo-protection-circuit.html" rel="alternate" type="text/html" title="Microcontroller-Controlled LiPo Protection Circuit" /><published>2021-03-08T00:00:00-05:00</published><updated>2021-03-08T00:00:00-05:00</updated><id>/2021/03/08/lipo-protection-circuit</id><content type="html" xml:base="/2021/03/08/lipo-protection-circuit.html"><p>Finding myself stuck at home more during the pandemic, one hobby I’ve focused on is robotics. Many of my projects run on batteries and some need to intelligently realize that the charge is running low so that they can take shutdown steps prior to disconnecting the battery.</p>
<p>I’ll also be the first to admit that batteries, particularly LiPos, are not my strong suit and kinda freak me out. I guess I’ve watched one too many YouTube videos….</p>
<p>I present here my design for a LiPo undervoltage detection and protection circuit, controlled by a microcontroller (μC). I take no responsibility for any issues, so if you decide to use it, you do so at your own risk. And I certainly welcome feedback: you can find me on <a href="https://twitter.com/robbotic">Twitter @RobBotic</a>.</p>
<p>I did look for COTS solutions, but unfortunately none that I could find would leave the decision making to a μC. And who can pass up a good learning opportunity?!?</p>
<p>Here are my goals and requirements for this circuit:</p>
<ul>
<li>Reusable design for many projects.</li>
<li>Works with <a href="https://hobbyking.com/en_us/turnigy-5000mah-3s-20c-lipo-pack-xt-90.html">my LiPo battery</a>, which is a 3S (~9.6 – ~12.6V) 5000mAh 20C pack (~100A), but oddly has an XT60 connector, which limits it to 60A. Plenty for me though….</li>
<li>Provides undervoltage protection, as these batteries should not be discharged below a certain level. Further, I’d prefer that the circuit completely disconnect, to prevent additional current drain. That way, if I do not unplug the battery right away, it is less of an issue (many protection circuits simply use transistors to disconnect the battery, which still has some current drain).</li>
<li>Reverse polarity protection (though with an XT60 connector it will be quite difficult to plug in incorrectly).</li>
<li>μC-controlled disconnect. Given one of my projects is a self-balancing robot, it needs to perform a shutdown sequence (put out a kickstand) prior to disconnecting the battery so that it does not fall on its face. Ideally this will work with the μC or single board computer of your choice, such as an <a href="https://www.arduino.cc/">Arduino</a> or <a href="https://www.raspberrypi.org/">Raspberry Pi</a>.</li>
<li>Largely failsafe. In the event of a short, a μC crash, etc., I’d like the battery to be disconnected.</li>
</ul>
<p>To operate, a user presses a START button (<strong>PBSW1</strong> below), which will power the μC. The μC then samples a voltage divider and determines whether to close a relay. The μC will enter a shutdown sequence (and eventually open the relay / stop powering the relay coil) should the voltage level drop enough in the voltage divider or should a STOP button (<strong>PBSW2</strong> below) be pressed.</p>
<p>And this is the resulting circuit, both hand drawn and created in <a href="https://www.autodesk.com/products/eagle/overview">EAGLE</a>:</p>
<figure style="text-align:center;font-style:italic;border:1px solid #000;padding-top:10px">
<a href="/assets/images/lipo_protect_hand_drawn.png"><img src="/assets/images/lipo_protect_hand_drawn.png" alt="LiPo Protection Circuit Hand Drawn" /></a>
<figcaption>Hand Drawn Circuit Diagram</figcaption>
</figure>
<figure style="text-align:center;font-style:italic;border:1px solid #000;padding-top:10px">
<a href="/assets/images/lipo_protect_eagle.png"><img src="/assets/images/lipo_protect_eagle.png" alt="LiPo Protection Circuit created in EAGLE" /></a>
<figcaption>EAGLE Circuit Diagram</figcaption>
</figure>
<dl>
<dt>BEC</dt>
<dd>This is simply a buck converter / voltage regulator. It turns out that the RC world calls them BECs (or SBECs or UBECs) and has a pretty good range of robust pieces available. I grabbed <a href="https://hobbyking.com/en_us/turnigy-8-15a-ubec-for-lipoly.html">this Turnigy UBEC</a>. It is probably overkill at 8A, but I may need some servos on the 5V side.</dd>
<dt>Fuse</dt>
<dd>I went with a 60A automotive fuse and soldered on XT60 connectors.</dd>
<dt>Relay</dt>
<dd>Once again, I went down the automotive route and used an automotive relay capable of handling a current in excess of 60A. This relay is closed to enable the battery to power both the μC as well as the load.</dd>
<dt>PBSW1</dt>
<dd>Momentary switch (normally open) to start the circuit. This switch was chosen to handle the current drawn by the μC, etc., but not the load.</dd>
<dt>PBSW2</dt>
<dd>Momentary switch (normally closed) to stop the circuit. The μC monitors this switch for a user request to start the shutdown sequence.</dd>
<dt>R1 and R2</dt>
<dd>Voltage divider. The values were chosen to drop the 3S LiPo voltage down to a reasonable level for a 3.3V analog input on the μC. The μC monitors this voltage and starts a shutdown sequence when the voltage falls below a threshold. Similarly, the μC will only close the relay if the voltage is above a (slightly higher for hysteresis) threshold.</dd>
<dt>R3</dt>
<dd>Pulldown resistor.</dd>
<dt>R4</dt>
<dd>I’ve read that this resistor may not be necessary with a MOSFET, but better safe than sorry.</dd>
<dt>D1</dt>
<dd>Reverse polarity protection, conveniently with the same voltage drop as <strong>D2</strong>. Note that I only need reverse polarity protection here, as the circuit is always initially powered on this side.</dd>
<dt>D2</dt>
<dd>Protects <strong>PBSW1</strong> from the load current. Thus, the load is only powered via the relay and not when <strong>PBSW1</strong> is pressed.</dd>
<dt>D3</dt>
<dd>Flyback diode.</dd>
<dt>Q1</dt>
<dd>N-channel MOSFET. I went with a logic-level MOSFET instead of the more common BJT to minimize the current, as <strong>Q1</strong> is always energized while the relay is closed. The μC outputs to <strong>Q1</strong> to close the relay / power the relay coil, as the μC itself cannot provide the current required to close the relay. Note that I went with a <a href="https://www.onsemi.com/pub/Collateral/BS270-D.PDF">BS270</a> here, but will likely reevaluate that decision in the near future, as the BS270 works well for 5V logic, but not 3.3V logic.</dd>
</dl>
<p>And here is the resulting make, complete with my not-so-great soldering skills and a 3D-printed box (printed with my beloved <a href="https://www.prusa3d.com/">Prusa I3 MK3S</a>):</p>
<figure style="text-align:center;font-style:italic;margin:0;border:1px solid #000;padding-top:10px">
<figure style="display:inline-block;margin:0">
<a href="/assets/images/lipo_protect_perf_top.jpg"><img src="/assets/images/lipo_protect_perf_top.jpg" alt="LiPo Protection Circuit Perfboard Top" /></a>
<figcaption>Top</figcaption>
</figure>
<figure style="display:inline-block;margin:0">
<a href="/assets/images/lipo_protect_perf_bottom.jpg"><img src="/assets/images/lipo_protect_perf_bottom.jpg" alt="LiPo Protection Circuit Perfboard Bottom" /></a>
<figcaption>Bottom</figcaption>
</figure>
<figcaption>LiPo Protection Circuit on Perfboard</figcaption>
</figure>
<figure style="text-align:center;font-style:italic;border:1px solid #000;padding-top:10px">
<a href="/assets/images/lipo_protect_test.jpg"><img src="/assets/images/lipo_protect_test.jpg" alt="LiPo Protection Circuit Testing" /></a>
<figcaption>Testing</figcaption>
</figure>
<figure style="text-align:center;font-style:italic;border:1px solid #000;padding-top:10px">
<a href="/assets/images/lipo_protect_box1.jpg"><img src="/assets/images/lipo_protect_box1.jpg" alt="LiPo Protection Circuit 3D Printed Box 1" /></a>
<figcaption>3D Printed Container</figcaption>
</figure>
<figure style="text-align:center;font-style:italic;border:1px solid #000;padding-top:10px">
<a href="/assets/images/lipo_protect_box2.jpg"><img src="/assets/images/lipo_protect_box2.jpg" alt="LiPo Protection Circuit 3D Printed Box 2" /></a>
<figcaption>Fully Assembled</figcaption>
</figure>
<figure style="text-align:center;font-style:italic;border:1px solid #000;padding-top:10px">
<a href="/assets/images/lipo_protect_final.jpg"><img src="/assets/images/lipo_protect_final.jpg" alt="LiPo Protection Circuit Assembled on Robot" /></a>
<figcaption>LiPo Protection Circuit Assembled on Robot</figcaption>
</figure>
<p><a href="https://twitter.com/robbotic">Let me know what you think.</a></p></content><author><name>robby</name></author><summary type="html">Finding myself stuck at home more during the pandemic, one hobby I’ve focused on is robotics. Many of my projects run on batteries and some need to intelligently realize that the charge is running low so that they can take shutdown steps prior to disconnecting the battery.</summary></entry><entry><title type="html">Still Here, Now with Jekyll and GitHub!</title><link href="/2019/11/25/still-here-now-with-jekyll-and-github.html" rel="alternate" type="text/html" title="Still Here, Now with Jekyll and GitHub!" /><published>2019-11-25T00:00:00-05:00</published><updated>2019-11-25T00:00:00-05:00</updated><id>/2019/11/25/still-here-now-with-jekyll-and-github</id><content type="html" xml:base="/2019/11/25/still-here-now-with-jekyll-and-github.html"><p>So, obviously I have not been good at updating my website / blogging. And I’m guessing I am not alone.</p>
<p>BUT, I have been busy.</p>
<p>In the professional world, I was appointed chair of the <a href="https://standards.ieee.org/about/bog/cag.html">IEEE-SA Corporate Advisory Group</a>, which also means a seat on the <a href="https://standards.ieee.org/content/ieee-standards/en/about/bog/index.html">IEEE-SA Board of Governors</a>. I’m really enjoying the experience and helping to shape IEEE-SA and standards. And a standard I chair, <a href="https://standards.ieee.org/standard/2030_5-2018.html">IEEE 2030.5</a>, has been selected for smart inverter communications as part of <a href="https://www.cpuc.ca.gov/General.aspx?id=4154">California’s Rule 21</a>!</p>
<p>In the personal world, there has also been a lot of activity. Sadly, I lost my best friend of 16 years (and I plan to write a future post on elderly dog care), but I also have had lots of good and interesting experiences as well!</p>
<p>As for this site itself, I’ve migrated away from WordPress. I figure if I am not good at regularly updating my content, I’m likely not good at updating the WordPress engine as well. Now the site hopefully looks very similar, but is built using <a href="https://jekyllrb.com/">Jekyll</a> (static!) and hosted on <a href="https://pages.github.com/">GitHub</a>. I’ll spare you the details as there are many excellent tutorials on the process already out there.</p>
<p>Oh - and if you visited before, the <a href="/deuterium/">Deuterium</a> project is still alive and well.</p>
<p>Stay tuned - I have several future posts planned!</p></content><author><name>robby</name></author><summary type="html">So, obviously I have not been good at updating my website / blogging. And I’m guessing I am not alone.</summary></entry><entry><title type="html">RESTful HTTP Client in a Browser using JavaScript</title><link href="/2015/07/14/restful-http-client-in-a-browser-using-javascript.html" rel="alternate" type="text/html" title="RESTful HTTP Client in a Browser using JavaScript" /><published>2015-07-14T00:00:00-04:00</published><updated>2015-07-14T00:00:00-04:00</updated><id>/2015/07/14/restful-http-client-in-a-browser-using-javascript</id><content type="html" xml:base="/2015/07/14/restful-http-client-in-a-browser-using-javascript.html"><p>A frustration I’ve often faced when interacting with RESTful HTTP servers is that browsers make poor RESTful HTTP clients. Specifically, browsers only support the GET and POST methods and do not allow you to specify media types or other header values. This does not make for simple, self-served, human interfaces in the IoT world.</p>
<p>It turns out, with a little JavaScript magic, your browser can make a pretty decent RESTful HTTP client.</p>
<p>The code snippets below show how to perform a GET with a specified Accept header as well as a PUT with a specified Content-Type header. I’ll leave the extension to other methods and headers as an exercise to the reader.</p>
<figure class="highlight"><pre><code class="language-javascript" data-lang="javascript"><span class="kd">function</span> <span class="nx">getOnOff</span><span class="p">(</span><span class="nx">contentType</span><span class="p">)</span>
<span class="p">{</span>
<span class="kd">var</span> <span class="nx">xmlhttp</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">XMLHttpRequest</span><span class="p">();</span>
<span class="kd">var</span> <span class="nx">ds</span> <span class="o">=</span> <span class="dl">""</span><span class="p">;</span>
<span class="nx">xmlhttp</span><span class="p">.</span><span class="nx">open</span><span class="p">(</span><span class="dl">"</span><span class="s2">GET</span><span class="dl">"</span><span class="p">,</span> <span class="dl">"</span><span class="s2">/onoff</span><span class="dl">"</span><span class="p">);</span>
<span class="nx">xmlhttp</span><span class="p">.</span><span class="nx">setRequestHeader</span><span class="p">(</span><span class="dl">"</span><span class="s2">Accept</span><span class="dl">"</span><span class="p">,</span> <span class="nx">contentType</span><span class="p">);</span>
<span class="nx">xmlhttp</span><span class="p">.</span><span class="nx">onreadystatechange</span> <span class="o">=</span> <span class="kd">function</span><span class="p">()</span>
<span class="p">{</span>
<span class="k">if</span><span class="p">(</span><span class="nx">xmlhttp</span><span class="p">.</span><span class="nx">readyState</span> <span class="o">==</span> <span class="mi">4</span><span class="p">)</span>
<span class="p">{</span>
<span class="nx">ds</span> <span class="o">=</span> <span class="nx">xmlhttp</span><span class="p">.</span><span class="nx">responseText</span><span class="p">;</span>
<span class="nb">document</span><span class="p">.</span><span class="nx">forms</span><span class="p">[</span><span class="mi">0</span><span class="p">].</span><span class="nx">textArea1</span><span class="p">.</span><span class="nx">value</span> <span class="o">=</span> <span class="nx">ds</span><span class="p">;</span>
<span class="p">}</span>
<span class="p">}</span>
<span class="nx">xmlhttp</span><span class="p">.</span><span class="nx">send</span><span class="p">();</span>
<span class="p">}</span></code></pre></figure>
<hr />
<figure class="highlight"><pre><code class="language-javascript" data-lang="javascript"><span class="kd">function</span> <span class="nx">putOnOff</span><span class="p">(</span><span class="nx">state</span><span class="p">,</span> <span class="nx">contentType</span><span class="p">)</span>
<span class="p">{</span>
<span class="kd">var</span> <span class="nx">xmlhttp</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">XMLHttpRequest</span><span class="p">();</span>
<span class="nx">xmlhttp</span><span class="p">.</span><span class="nx">open</span><span class="p">(</span><span class="dl">"</span><span class="s2">PUT</span><span class="dl">"</span><span class="p">,</span> <span class="dl">"</span><span class="s2">/onoff</span><span class="dl">"</span><span class="p">);</span>
<span class="nx">xmlhttp</span><span class="p">.</span><span class="nx">setRequestHeader</span><span class="p">(</span><span class="dl">"</span><span class="s2">Content-Type</span><span class="dl">"</span><span class="p">,</span> <span class="nx">contentType</span><span class="p">);</span>
<span class="k">if</span><span class="p">(</span><span class="nx">contentType</span> <span class="o">==</span> <span class="dl">"</span><span class="s2">application/xml</span><span class="dl">"</span><span class="p">)</span>
<span class="p">{</span>
<span class="k">if</span><span class="p">(</span><span class="nx">state</span> <span class="o">==</span> <span class="dl">"</span><span class="s2">on</span><span class="dl">"</span><span class="p">)</span>
<span class="p">{</span>
<span class="nx">xmlhttp</span><span class="p">.</span><span class="nx">send</span><span class="p">(</span><span class="dl">"</span><span class="s2">&lt;OnOff&gt;</span><span class="se">\n\t</span><span class="s2">&lt;state&gt;on&lt;/state&gt;</span><span class="se">\n</span><span class="s2">&lt;/OnOff&gt;</span><span class="dl">"</span><span class="p">);</span>
<span class="p">}</span>
<span class="k">else</span> <span class="k">if</span><span class="p">(</span><span class="nx">state</span> <span class="o">==</span> <span class="dl">"</span><span class="s2">off</span><span class="dl">"</span><span class="p">)</span>
<span class="p">{</span>
<span class="nx">xmlhttp</span><span class="p">.</span><span class="nx">send</span><span class="p">(</span><span class="dl">"</span><span class="s2">&lt;OnOff&gt;</span><span class="se">\n\t</span><span class="s2">&lt;state&gt;off&lt;/state&gt;</span><span class="se">\n</span><span class="s2">&lt;/OnOff&gt;</span><span class="dl">"</span><span class="p">);</span>
<span class="p">}</span>
<span class="p">}</span>
<span class="k">else</span> <span class="k">if</span><span class="p">(</span><span class="nx">contentType</span> <span class="o">==</span> <span class="dl">"</span><span class="s2">application/json</span><span class="dl">"</span><span class="p">)</span>
<span class="p">{</span>
<span class="k">if</span><span class="p">(</span><span class="nx">state</span> <span class="o">==</span> <span class="dl">"</span><span class="s2">on</span><span class="dl">"</span><span class="p">)</span>
<span class="p">{</span>
<span class="nx">xmlhttp</span><span class="p">.</span><span class="nx">send</span><span class="p">(</span><span class="dl">"</span><span class="s2">{</span><span class="se">\n\"</span><span class="s2">state</span><span class="se">\"</span><span class="s2">: </span><span class="se">\"</span><span class="s2">on</span><span class="se">\"\n</span><span class="s2">}</span><span class="dl">"</span><span class="p">);</span>
<span class="p">}</span>
<span class="k">else</span> <span class="k">if</span><span class="p">(</span><span class="nx">state</span> <span class="o">==</span> <span class="dl">"</span><span class="s2">off</span><span class="dl">"</span><span class="p">)</span>
<span class="p">{</span>
<span class="nx">xmlhttp</span><span class="p">.</span><span class="nx">send</span><span class="p">(</span><span class="dl">"</span><span class="s2">{</span><span class="se">\n\"</span><span class="s2">state</span><span class="se">\"</span><span class="s2">: </span><span class="se">\"</span><span class="s2">off</span><span class="se">\"\n</span><span class="s2">}</span><span class="dl">"</span><span class="p">);</span>
<span class="p">}</span>
<span class="p">}</span>
<span class="p">}</span></code></pre></figure>
<p>I’ve integrated a page with similar functions into the <a href="/deuterium/" title="Deuterium">Deuterium</a> demo to provide a simple human interface. The demo server simply serves up this page and the user can easily interact RESTfully with the server’s resources. Check out the Deuterium test servers to see this in action.</p>
<p>One limitation (unless you want to fool around with your browser’s security settings) is that these snippets are subject to cross domain scripting restrictions, making a generic client less easy. At that point, you may want to look into various browser plugins.</p>
<p>As a bonus, if your browser supports HTTP/2, then this trick will work seamlessly with HTTP/2 (essentially the JavaScript utilizes whatever transport the browser is using).</p></content><author><name>robby</name></author><summary type="html">A frustration I’ve often faced when interacting with RESTful HTTP servers is that browsers make poor RESTful HTTP clients. Specifically, browsers only support the GET and POST methods and do not allow you to specify media types or other header values. This does not make for simple, self-served, human interfaces in the IoT world.</summary></entry><entry><title type="html">Implementing HTTP/2 with mbed TLS</title><link href="/2015/05/14/implementing-http2-with-mbed-tls.html" rel="alternate" type="text/html" title="Implementing HTTP/2 with mbed TLS" /><published>2015-05-14T00:00:00-04:00</published><updated>2015-05-14T00:00:00-04:00</updated><id>/2015/05/14/implementing-http2-with-mbed-tls</id><content type="html" xml:base="/2015/05/14/implementing-http2-with-mbed-tls.html"><p>I’ve <a href="/deuterium">recently been exploring</a> <a href="https://mbed.org/technology/mbed-tls/">mbed TLS</a> and thought I’d share some numbers I’ve found.</p>
<p>First, the specifics:</p>
<ul>
<li>mbed TLS version: 1.3.10</li>
<li>Compiler: arm-none-eabi-gcc (GNU Tools for ARM Embedded Processors) 4.9.3 20141119 (release) [ARM/embedded-4_9-branch revision 218278]</li>
<li>Processor: <a href="http://www.ti.com/product/cc3200">TI CC3200</a> (ARM Cortex-M4 core)</li>
</ul>
<p>As I’ve been primarily focused on an HTTP/2 server here, I configured mbed TLS to support the mandatory to implement (MTI) ciphersuite for HTTP/2, TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256, along with various required features such as SNI, ALPN, and X.509 certificates. This resulted in a config.h file with the following items #define’ed:</p>
<ul>
<li>POLARSSL_HAVE_LONGLONG</li>
<li>POLARSSL_HAVE_ASM</li>
<li>POLARSSL_HAVE_IPV6</li>
<li>POLARSSL_PLATFORM_PRINTF_ALT</li>
<li>POLARSSL_PLATFORM_FPRINTF_ALT</li>
<li>POLARSSL_REMOVE_ARC4_CIPHERSUITES</li>
<li>POLARSSL_ECP_DP_SECP256R1_ENABLED</li>
<li>POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED</li>
<li>POLARSSL_NO_PLATFORM_ENTROPY</li>
<li>POLARSSL_PKCS1_V15</li>
<li>POLARSSL_SSL_EXTENDED_MASTER_SECRET</li>
<li>POLARSSL_SSL_DISABLE_RENEGOTIATION</li>
<li>POLARSSL_SSL_MAX_FRAGMENT_LENGTH</li>
<li>POLARSSL_SSL_PROTO_TLS1_2</li>
<li>POLARSSL_SSL_ALPN</li>
<li>POLARSSL_SSL_SERVER_NAME_INDICATION</li>
<li>POLARSSL_SSL_TRUNCATED_HMAC</li>
<li>POLARSSL_SSL_SET_CURVES</li>
<li>POLARSSL_X509_CHECK_KEY_USAGE</li>
<li>POLARSSL_X509_CHECK_EXTENDED_KEY_USAGE</li>
<li>POLARSSL_AES_C</li>
<li>POLARSSL_ASN1_PARSE_C</li>
<li>POLARSSL_BIGNUM_C</li>
<li>POLARSSL_CIPHER_C</li>
<li>POLARSSL_CTR_DRBG_C</li>
<li>POLARSSL_ECDH_C</li>
<li>POLARSSL_ECP_C</li>
<li>POLARSSL_ENTROPY_C</li>
<li>POLARSSL_GCM_C</li>
<li>POLARSSL_MD_C</li>
<li>POLARSSL_OID_C</li>
<li>POLARSSL_PK_C</li>
<li>POLARSSL_PK_PARSE_C</li>
<li>POLARSSL_PLATFORM_C</li>
<li>POLARSSL_RSA_C</li>
<li>POLARSSL_SHA256_C</li>
<li>POLARSSL_SSL_CACHE_C</li>
<li>POLARSSL_SSL_SRV_C</li>
<li>POLARSSL_SSL_TLS_C</li>
<li>POLARSSL_X509_USE_C</li>
<li>POLARSSL_X509_CRT_PARSE_C</li>
<li>SSL_CIPHERSUITES TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256</li>
</ul>
<p>With this config.h in place, I executed the following command:
CC=arm-none-eabi-gcc AR=arm-none-eabi-ar CFLAGS+=”-mthumb -mcpu=cortex-m4 -ffunction-sections -fdata-sections” make lib</p>
<p>This resulted in a static library (libmbedtls.a) with a size of <strong>238972 bytes</strong>. Keep in mind that this is doing <em>everything</em> in software (AES, SHA, ECC, etc.).</p>
<p>One trick I learned along the way: It’s best to store your certificates and keys in DER format — no PEM. This allows you to remove POLARSSL_PEM_PARSE_C and POLARSSL_BASE64_C. With this trick, I went from a static library (libmbedtls.a) with a size of 243536 bytes to one with a size of 238972 bytes. This method also reduces size of the certificates and keys themselves.</p>
<p>That’s it for now - I hope you find these tips helpful!</p></content><author><name>robby</name></author><summary type="html">I’ve recently been exploring mbed TLS and thought I’d share some numbers I’ve found.</summary></entry><entry><title type="html">Open Source Software — Who Actually Reviews the Code?</title><link href="/2015/03/01/open-source-software-who-actually-reviews-the-code.html" rel="alternate" type="text/html" title="Open Source Software — Who Actually Reviews the Code?" /><published>2015-03-01T00:00:00-05:00</published><updated>2015-03-01T00:00:00-05:00</updated><id>/2015/03/01/open-source-software-who-actually-reviews-the-code</id><content type="html" xml:base="/2015/03/01/open-source-software-who-actually-reviews-the-code.html"><p><em>This post is co-authored by Robby Simpson and Sven Krasser. So, you can find it on both <a href="http://robbysimpson.com/">Robby’s</a> and <a href="http://www.skrasser.com/">Sven’s</a> blogs — you should check them both out!</em></p>
<p>Last year saw a large number of critical bugs in open source software (OSS). These bugs received a lot of media attention and re-opened the discussion of <a href="http://linux.slashdot.org/story/15/02/21/1621244/linux-foundation-bugs-can-be-made-shallow-with-proper-funding">bugs</a> and <a href="http://www.itworld.com/article/2864095/think-that-software-library-is-safe-to-use-not-so-fast.html">security</a> in OSS. This has led many to question whether ESR’s famous statement that <a href="http://www.catb.org/~esr/writings/cathedral-bazaar/cathedral-bazaar/ar01s04.html">“Given enough eyeballs, all bugs are shallow”</a> holds true.</p>
<p>There are two aspects to consider here: first, does bug discovery parallelize well? Particularly for subtle security-related bugs, a large number of users does not necessarily aid discovery, but rather a dedicated review effort may be required. We’ll leave this aspect for a separate discussion…</p>
<p>Second, are there actually more eyeballs looking at open source software? For that question, we have some data to contribute to the discussion. In 2003, Robby released NETI@home, a project to gather network performance metrics from endhosts, as part of his <a href="https://smartech.gatech.edu/handle/1853/14612">PhD dissertation</a> work at Georgia Tech. You can find the <a href="http://sourceforge.net/projects/neti/">source code</a> on SourceForge. The NETI@home agent runs on end user machines and gathers various network performance data (e.g., numbers of flows per protocol, number of packets per flow, TCP window size). Such data has many uses, including <a href="/papers/csimpson-empirical.pdf">improving models in network simulations</a> and <a href="/papers/neti-honey.pdf">observing suspicious traffic patterns</a>.</p>
<p>A driving factor for releasing NETI@home as OSS stems from the fact that it gathers a lot of information that could raise privacy concerns with users. The most forthcoming way to address these concerns, which could hinder adoption, is to allow users to actually read the code. And as researchers that piqued our curiosity — how many users have these concerns and will further review the source code?</p>
<p>How could we measure this user code review? Download stats for the source code are an option, but they don’t tell us much about users actually looking at the code. Instead, we placed a comment in the section of code where privacy preferences are honored, which reads:</p>
<figure class="highlight"><pre><code class="language-c" data-lang="c"><span class="cm">/*
* You have found the "hid-
* den message!" Please visit
* http://www.neti.gatech.edu/sec/sec.html
* and log in as user 'neti'
* and pw 'hobbit'
*/</span></code></pre></figure>
<p>The web page mentioned in this comment contained an explanation along with an email address (it was taken down around 2009). Visiting such a link requires a lower threshold than sending an email, so we were looking for both pageviews of that page along with emails to the address given on that page. The former would have told us someone found the comment while the latter would confirm that someone would have taken action on it. However, we didn’t receive any pageviews (and therefore we didn’t receive any emails either).</p>
<p>To put this into perspective with NETI@home’s user base, there were about 13,000 downloads of the software, and there were about 4,500 active users that ran the agent. We can safely say that the type of user running the software falls into the geek category, so there’s some expected selection bias with respect to taking an interest in the source code.</p>
<p>Granted, this is slightly different than contributors to an open source project reviewing code. Nonetheless, it came as a surprise to us, and it certainly went against the conventional wisdom at the time.</p>
<p>As fans of OSS, we were both disappointed in the results. However, we hope that sharing this data point will add to the larger discussion, help strengthen the open source community, and show the need for dedicated code review.</p></content><author><name>robby</name></author><summary type="html">This post is co-authored by Robby Simpson and Sven Krasser. So, you can find it on both Robby’s and Sven’s blogs — you should check them both out!</summary></entry><entry><title type="html">First IoT Device with HTTP/2?</title><link href="/2015/02/16/first-iot-device-with-http2.html" rel="alternate" type="text/html" title="First IoT Device with HTTP/2?" /><published>2015-02-16T00:00:00-05:00</published><updated>2015-02-16T00:00:00-05:00</updated><id>/2015/02/16/first-iot-device-with-http2</id><content type="html" xml:base="/2015/02/16/first-iot-device-with-http2.html"><p>As far as I know, this is the first embedded / Internet of Things device to run <a href="https://tools.ietf.org/html/draft-ietf-httpbis-http2">HTTP/2</a>!</p>
<p><img src="/assets/images/CC3200_HTTP2-225x300.jpg" alt="TI CC3200 LaunchPad running an HTTP/2 server" /></p>
<p>This particular platform is a <a href="http://www.ti.com/product/cc3200">Texas Instruments CC3200 LaunchPad</a>. The CC3200 is a Wi-Fi SoC that incorporates an ARM Cortex-M4 and Wi-Fi into a single piece of silicon.</p>
<p>Over the past couple of days, I ported the <a href="/deuterium/" title="Deuterium">Deuterium HTTP/2 library</a> to the CC3200 and set up a simple HTTP/2 server with a RESTful interface to one of the onboard LEDs.</p>
<p>I went with Wi-Fi in this case (as opposed to 802.15.4, for example) so that I can easily show it off at the upcoming <a href="http://www.ietf.org/meeting/92/">IETF in Dallas</a>.</p>
<p>Granted, I had 256 KB of RAM and BSD socket support to work with, so no huge accomplishment… But, it still demonstrates the capabilities of HTTP/2 for the Internet of Things.</p>
<p>Kudos to TI for such a good product!</p>
<p>If you are interested in using HTTP/2 on this or another embedded platform, check out the <a href="/deuterium/" title="Deuterium">Deuterium HTTP/2 library</a>.</p></content><author><name>robby</name></author><summary type="html">As far as I know, this is the first embedded / Internet of Things device to run HTTP/2!</summary></entry><entry><title type="html">HTTP/2 and the Internet of Things</title><link href="/2015/01/26/http2-and-the-internet-of-things.html" rel="alternate" type="text/html" title="HTTP/2 and the Internet of Things" /><published>2015-01-26T00:00:00-05:00</published><updated>2015-01-26T00:00:00-05:00</updated><id>/2015/01/26/http2-and-the-internet-of-things</id><content type="html" xml:base="/2015/01/26/http2-and-the-internet-of-things.html"><p>I have never been a fan of using custom or obscure protocols to talk to embedded devices, particularly if the goal is to bring them into the mainstream of communications (e.g., the Internet of Things). I’m looking at you <a href="https://tools.ietf.org/html/rfc7252">CoAP</a>, <a href="https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=mqtt">MQTT</a>, etc.!</p>
<p>It’s not that CoAP, MQTT, and all of the others aren’t well designed, useful, or perhaps even better. It’s that they are not what the rest of the Internet are using to communicate.</p>
<p>So, what is? Well, I think we all know the answer to that: HTTP. Even email, which has always had its own protocols, is largely using HTTP at this point.</p>
<p>The HTTP we all know and love, <a href="http://tools.ietf.org/html/rfc7230">HTTP/1.1</a>, is poorly suited to embedded devices. Its use of loose, plain ASCII makes for complex parsing (codespace!) and eats up a lot of RAM and buffer space. Then, when you try and shuffle all of those ASCII characters across the network, you eat up bandwidth — something embedded devices often do not have in abundance. Further, transmitting bits takes energy – a particular problem if you are battery-powered.</p>
<p>Well, I’m hoping that the next version of HTTP, <a href="https://tools.ietf.org/html/draft-ietf-httpbis-http2">HTTP/2</a>, helps to lessen those problems. Of course it will not be as efficient and great for embedded devices as a protocol designed for the embedded space, but consideration was given to the embedded space during the design of HTTP/2. And the goals of the large Web servers often align with those of the embedded space — less memory and bandwidth also matter if you are serving millions of clients!</p>
<p>How does HTTP/2 help? Well, for starters, it employs a very efficient, yet low memory (unlike gzip) compression technique, <a href="https://tools.ietf.org/html/draft-ietf-httpbis-header-compression">HPACK</a>. HPACK works by assigning header names and values to entries in tables. Then, only the entry number needs to be used. This allows for efficient use of bandwidth while not sacrificing the original syntax of HTTP. The sizes of the tables can be limited via negotiation, limiting RAM usage.</p>
<p>What about the complex parsing, you ask? Well, it’s not entirely gone, but HTTP/2 did a lot to try and tighten the syntax and thus the parsing. As with all new protocols, a lot of the legacy could be dropped or tightened. Finally, for those header names and values that may not warrant entry into the tables built up between server and client, Huffman codes can be used. Canonical Huffman codes, in fact.</p>
<p>HTTP/2 also encourages each client/server pair to use a single TCP connection. Individual requests and their responses are sent in streams over this connection. Once again, the number of simultaneous streams can also be limited via negotiation. This connection reuse means less network overhead – no more three-way handshake for each request/response, no more slow start over and over again, no more TLS renegotiation over and over again. You get the point. And considering IoT devices tend to focus on short messages, the benefits really add up.</p>
<p>Other features of HTTP/2 that are particularly beneficial to the embedded world include: binary message framing, header list size negotiation, server push, ping, and windowing. Each of these could definitely use a lot more description, but I’m hoping to avoid “tl;dr”.</p>
<p>In conclusion, I believe that HTTP/2, while not perfect, will allow embedded/IoT devices to fully join the rest of the Internet and no longer be second-class citizens. Truly enabling the Web of Things!</p>
<p>If you are interested in using HTTP/2 for an IoT application, check out <a href="/deuterium/" title="Deuterium">Deuterium</a>, my own embedded implementation of HTTP/2.</p></content><author><name>robby</name></author><summary type="html">I have never been a fan of using custom or obscure protocols to talk to embedded devices, particularly if the goal is to bring them into the mainstream of communications (e.g., the Internet of Things). I’m looking at you CoAP, MQTT, etc.!</summary></entry></feed>