Getting Started with the Infineon OPTIGA Trust X and XMC4800 IoT Connectivity Kit - FreeRTOS

Getting Started with the Infineon OPTIGA Trust X and XMC4800 IoT Connectivity Kit

This tutorial provides instructions for getting started with the Infineon OPTIGA Trust X Secure Element and XMC4800 IoT Connectivity Kit. In comparison to the Getting Started with the Infineon XMC4800 IoT Connectivity Kit tutorial, this guide shows you how to provide secure credentials using an Infineon OPTIGA Trust X Secure Element.

You need the following hardware:

  1. Host MCU - Infineon XMC4800 IoT Connectivity Kit, visit the AWS Partner Device Catalog to purchase one from our partner.

  2. Security Extension Pack:

    • Secure Element - Infineon OPTIGA Trust X.

      Visit the AWS Partner Device Catalog to purchase them from our partner.

    • Personalization Board - Infineon OPTIGA Personalisation Board.

    • Adapter Board - Infineon MyIoT Adapter.

To follow the steps here, you must open a serial connection with the board to view logging and debugging information. (One of the steps requires you to copy a public key from the serial debugging output from the board and paste it to a file.) To do this, you need a 3.3V USB/Serial converter in addition to the XMC4800 IoT Connectivity Kit. The JBtek EL-PN-47310126 USB/Serial converter is known to work for this demo. You also need three male-to-male jumper wires (for receive (RX), transmit (TX), and ground (GND)) to connect the serial cable to the Infineon MyIoT Adapter board.

Before you begin, you must configure AWS IoT and your FreeRTOS download to connect your device to the AWS Cloud. For instructions, see Option #2: Onboard Private Key Generation. In this tutorial, the path to the FreeRTOS download directory is referred to as <freertos>.

Overview

This tutorial contains the following steps:

  1. Install software on the host machine to develop and debug embedded applications for your microcontroller board.

  2. Cross-compile a FreeRTOS demo application to a binary image.

  3. Load the application binary image to your board, and then run the application.

  4. For monitoring and debugging purposes, interact with the application running on your board across a serial connection.

Set Up Your Development Environment

FreeRTOS uses Infineon's DAVE development environment to program the XMC4800. Before you begin, download and install DAVE and some J-Link drivers to communicate with the on-board debugger.

Install DAVE

  1. Go to Infineon's DAVE software download page.

  2. Choose the DAVE package for your operating system and submit your registration information. After you register, you should receive a confirmation email with a link to download a .zip file.

  3. Download the DAVE package .zip file (DAVE_version_os_date.zip), and unzip it to the location where you want to install DAVE (for example, C:\DAVE4).

    Note

    Some Windows users have reported problems using Windows Explorer to unzip the file. We recommend that you use a third-party program such as 7-Zip.

  4. To launch DAVE, run the executable file found in the unzipped DAVE_version_os_date.zip folder.

For more information, see the DAVE Quick Start Guide.

To communicate with the XMC4800 IoT Connectivity kit's on-board debugging probe, you need the drivers included in the J-Link Software and Documentation pack. You can download the J-Link Software and Documentation pack from Segger's J-Link software download page.

Establish a Serial Connection

Connect the USB/Serial converter cable to the Infineon Shield2Go Adapter. This allows your board to send logging and debugging information in a form that you can view on your development machine. To set up a serial connection:

  1. Connect the RX pin to your USB/Serial converter's TX pin.

  2. Connect the TX pin to your USB/Serial converter's RX pin.

  3. Connect your serial converter's ground pin to one of the GND pins on your board. The devices must share a common ground.

Power is supplied from the USB debugging port, so do not connect your serial adapter's positive voltage pin to the board.

Note

Some serial cables use a 5V signaling level. The XMC4800 board and the Wi-Fi Click module require a 3.3V. Do not use the board's IOREF jumper to change the board's signals to 5V.

With the cable connected, you can open a serial connection on a terminal emulator such as GNU Screen. The baud rate is set to 115200 by default with 8 data bits, no parity, and 1 stop bit.

Monitoring MQTT Messages on the Cloud

You can use the MQTT client in the AWS IoT console to monitor the messages that your device sends to the AWS Cloud. You might want to set this up before the device runs the demo project.

To subscribe to the MQTT topic with the AWS IoT MQTT client

  1. Sign in to the AWS IoT console.

  2. In the navigation pane, choose Test to open the MQTT client.

  3. In Subscription topic, enter iotdemo/#, and then choose Subscribe to topic.

Build and Run the FreeRTOS Demo Project

Import the FreeRTOS Demo into DAVE

  1. Start DAVE.

  2. In DAVE, choose File, and then choose Import. Expand the Infineon folder, choose DAVE Project, and then choose Next.

  3. In the Import DAVE Projects window, choose Select Root Directory, choose Browse, and then choose the XMC4800 demo project.

    In the directory where you unzipped your FreeRTOS download, the demo project is located in projects/infineon/xmc4800_plus_optiga_trust_x/dave4/aws_demos/dave4.

    Make sure that Copy Projects Into Workspace is cleared.

  4. Choose Finish.

    The aws_demos project should be imported into your workspace and activated.

  5. From the Project menu, choose Build Active Project.

    Make sure that the project builds without errors.

Run the FreeRTOS Demo Project

  1. From the Project menu, choose Rebuild Active Project to rebuild aws_demos and confirm that your configuration changes are picked up.

  2. From Project Explorer, right-click aws_demos, choose Debug As, and then choose DAVE C/C++ Application.

  3. Double-click GDB SEGGER J-Link Debugging to create a debug confirmation. Choose Debug.

  4. When the debugger stops at the breakpoint in main(), from the Run menu, choose Resume.

At this point, continue with the public key extraction step in Option #2: Onboard Private Key Generation. After all steps are complete, go to the AWS IoT console. The MQTT client you set up previously should display the MQTT messages sent by your device. Through the device's serial connection, you should see something like this on the UART output:

0 0 [Tmr Svc] Starting key provisioning... 1 1 [Tmr Svc] Write root certificate... 2 4 [Tmr Svc] Write device private key... 3 82 [Tmr Svc] Write device certificate... 4 86 [Tmr Svc] Key provisioning done... 5 291 [Tmr Svc] Wi-Fi module initialized. Connecting to AP... .6 8046 [Tmr Svc] Wi-Fi Connected to AP. Creating tasks which use network... 7 8058 [Tmr Svc] IP Address acquired [IP Address] 8 8058 [Tmr Svc] Creating MQTT Echo Task... 9 8059 [MQTTEcho] MQTT echo attempting to connect to [MQTT Broker]. ...10 23010 [MQTTEcho] MQTT echo connected. 11 23010 [MQTTEcho] MQTT echo test echoing task created. .12 26011 [MQTTEcho] MQTT Echo demo subscribed to iotdemo/# 13 29012 [MQTTEcho] Echo successfully published 'Hello World 0' .14 32096 [Echoing] Message returned with ACK: 'Hello World 0 ACK' .15 37013 [MQTTEcho] Echo successfully published 'Hello World 1' 16 40080 [Echoing] Message returned with ACK: 'Hello World 1 ACK' .17 45014 [MQTTEcho] Echo successfully published 'Hello World 2' .18 48091 [Echoing] Message returned with ACK: 'Hello World 2 ACK' .19 53015 [MQTTEcho] Echo successfully published 'Hello World 3' .20 56087 [Echoing] Message returned with ACK: 'Hello World 3 ACK' .21 61016 [MQTTEcho] Echo successfully published 'Hello World 4' 22 64083 [Echoing] Message returned with ACK: 'Hello World 4 ACK' .23 69017 [MQTTEcho] Echo successfully published 'Hello World 5' .24 72091 [Echoing] Message returned with ACK: 'Hello World 5 ACK' .25 77018 [MQTTEcho] Echo successfully published 'Hello World 6' 26 80085 [Echoing] Message returned with ACK: 'Hello World 6 ACK' .27 85019 [MQTTEcho] Echo successfully published 'Hello World 7' .28 88086 [Echoing] Message returned with ACK: 'Hello World 7 ACK' .29 93020 [MQTTEcho] Echo successfully published 'Hello World 8' .30 96088 [Echoing] Message returned with ACK: 'Hello World 8 ACK' .31 101021 [MQTTEcho] Echo successfully published 'Hello World 9' 32 104102 [Echoing] Message returned with ACK: 'Hello World 9 ACK' .33 109022 [MQTTEcho] Echo successfully published 'Hello World 10' .34 112047 [Echoing] Message returned with ACK: 'Hello World 10 ACK' .35 117023 [MQTTEcho] Echo successfully published 'Hello World 11' 36 120089 [Echoing] Message returned with ACK: 'Hello World 11 ACK' .37 122068 [MQTTEcho] MQTT echo demo finished. 38 122068 [MQTTEcho] ----Demo finished----

Build the FreeRTOS Demo with CMake

This section covers using CMake on Windows with MingW as the native build system. For more information about using CMake with other operating systems and options, see Using CMake with FreeRTOS.

If you prefer not to use an IDE for FreeRTOS development, you can use CMake to build and run the demo applications or applications that you have developed using third-party code editors and debugging tools.

To build the FreeRTOS demo with CMake

  1. Set up the GNU Arm Embedded Toolchain.

    1. Download a Windows version of the toolchain from the Arm Embedded Toolchain download page.

      Note

      Due to a bug reported in the objcopy utility, we recommend that you download a version other than "8-2018-q4-major."

    2. Open the downloaded toolchain installer, and follow the instructions in the wizard.

    3. On the final page of the installation wizard, select Add path to environment variable to add the toolchain path to the system path environment variable.

  2. Install CMake and MingW.

    For instructions, see CMake Prerequisites.

  3. Create a folder to contain the generated build files (<BUILD_FOLDER>).

  4. Change directories to your FreeRTOS download directory (<freertos>), and use the following command to generate the build files:

    cmake -DVENDOR=infineon -DBOARD=xmc4800_plus_optiga_trust_x -DCOMPILER=arm-gcc -S . -B <BUILD_FOLDER> -G "MinGW Makefiles" -DAFR_ENABLE_TESTS=0
  5. Change directories to the build directory (<BUILD_FOLDER>), and use the following command to build the binary:

    cmake --build . --parallel 8

    This command builds the output binary aws_demos.hex to the build directory.

  6. Flash and run the image with JLINK.

    1. From the build directory (<BUILD_FOLDER>), use the following commands to create a flash script:

      echo loadfile aws_demos.hex > flash.jlink echo r >> flash.jlink echo g >> flash.jlink echo q >> flash.jlink
    2. Flash the image using the JLNIK executable.

      JLINK_PATH\JLink.exe -device XMC4800-2048 -if SWD -speed auto -CommanderScript flash.jlink

      The application logs should be visible through the serial connection that you established with the board. Continue to the public key extraction step in Option #2: Onboard Private Key Generation. After all the steps are complete, go to the AWS IoT console. The MQTT client you set up previously should display the MQTT messages sent by your device.

Troubleshooting

For general troubleshooting information, see Troubleshooting Getting Started.