How to Quickly Create AWS Cloud-Controlled IoT Endpoints

By Bill Giovino

Contributed By Digi-Key's North American Editors

Internet of Things (IoT) sensor endpoints are being deployed rapidly to monitor commercial and industrial processes and systems, and add artificial intelligence (AI) and machine learning (ML) techniques, where appropriate. Particularly in Industrial IoT (IIoT), the sensor data is analyzed to increase efficiency, reduce power consumption, track overall system performance, ensure worker safety, maintain security functions, and reduce downtime through predictive maintenance.

While the technology is growing in use, for designers new to IoT and cloud control, learning the core concepts of sensor deployment, commissioning, and cloud services and connectivity can represent a steep learning curve, leaving them uncertain as to where to begin. This can impact development time and add to overall deployment cost.

To reduce the learning curve, turnkey solutions are becoming more widely available to simplify IoT connectivity and cloud-based analysis and dashboard presentation.

This article will briefly discuss the shift to IoT connectivity and cloud services such as Amazon Web Services (AWS). It will then introduce an AWS IoT sensor development board from Microchip Technology and explain how developers can use it to easily get a Wi-Fi-enabled, AWS-connected sensor node up and running while learning basic IoT and cloud control concepts. It will then discuss how a daughter board from MikroElektronika can quickly interface to the Microchip board to form a 3D motion sensor board that is controlled and monitored through AWS.

The expanding role of IoT systems

IoT and IIoT networks are expanding into new areas. The most common application for new IIoT networks is to improve productivity by increasing efficiency, while at the same time maintaining and improving safety and security. Process monitoring is chiefly done by installing sensors that monitor industrial processes and the environment, including temperature, humidity, and pressure. Motion data such as acceleration, stability, and shock can also be monitored, along with simple analog data and switch positions. The position of robots, workers, or assets can be ascertained using GPS, RFID tags, or various wireless triangulation algorithms.

The collected sensor data must be analyzed to not only improve efficiency but also ensure optimal system performance. A simple way to monitor and control these various sensors is to connect them to an existing cloud server. This saves the time and effort of building a custom web application with the appropriate security.

However, for some organizations new to IoT and cloud control, learning these concepts can represent a steep learning curve, and so facilities managers and their engineers can be uncertain as to where to begin. This can result in costly delays in implementing these IIoT endpoints.

Kit gets designers started quickly with IoT and IIoT

To get started with IoT networking and cloud computing, Microchip Technology has introduced the EV15R70A IoT Wi-Fi development board with support for AWS (Figure 1). A complete turnkey solution for IoT and AWS connectivity, the board can be used as a hub to gather sensor data in the field and send that data to AWS to be analyzed and presented on a simple browser-based interface. Although small, the board is powerful and features many options for secure IoT endpoints.

Image of Microchip EV15R70A IoT Wi-Fi development board (click to enlarge)Figure 1: The Microchip EV15R70A IoT Wi-Fi development board is a turnkey solution for connecting Wi-Fi-enabled sensors to AWS for analysis, presentation, monitoring, and control. (Image source: Microchip Technology)

The EV15R70A is controlled by a Microchip Technology ATMEGA4808-MFR 20 megahertz (MHz) microcontroller with 48 kilobytes (Kbytes) of flash and 6 Kbytes of SRAM. This is enough memory to run a simple IoT sensor node, with memory to spare for additional application code to control external devices, using any of the 18 port pins shown (Pxx, brown labels). There are 256 bytes of on-chip EEPROM available for storing calibration constants, security information, Wi-Fi connectivity data, and sensor data. The ATMEGA4808-MFR has a powerful 8-bit megaAVR core that can easily manage the IIoT data transfers while consuming very little power. Power consumption is further reduced through the use of a two-cycle hardware multiplier that reduces CPU cycles.

For Wi-Fi connectivity, the ATMEGA4808 interfaces by SPI to a Microchip Technology ATWINC1510-MR210PB1952 802.11b/g/n Wi-Fi module (Figure 2). It includes WEP, WPA, and WPA2 security, and supports encrypted transport layer security (TLS) connections. In the module part number, “1952” represents the firmware version on the ATWINC1510, so later boards may have modules with later firmware versions.

Image of Microchip Technology ATWINC1510-MR210PB 802.11b/g/n Wi-Fi moduleFigure 2: The Microchip Technology ATWINC1510-MR210PB 802.11b/g/n Wi-Fi module supports WEP, WPA, and WPA2 security over TLS. It interfaces to a host microcontroller using an SPI serial port. (Image source: Microchip Technology)

The ATWINC1510-MR210PB features an integrated pc board antenna, A1 in Figure 2. This makes the EV15R70A development board ready to use out of the box, helping developers unfamiliar with RF and antenna layout to get started more quickly. If additional Wi-Fi range is needed, an external antenna can be connected.

The ATWINC1510-MR210PB requires a 2.7 to 3.6-volt supply and draws only 0.380 milliamps (mA) in Doze Mode when not transmitting or receiving. When the radio is operational, the module draws 269 mA (maximum) when transmitting, and 61 mA when receiving. For an IoT endpoint, this is low enough to help extend battery operation. The module has appropriate certifications for use in the Americas, Europe, and Asia, simplifying the process of getting regulatory approval for final designs that incorporate the EV15R70A.

Encrypting data on IIoT networks

Secure internet traffic today is typically encrypted using TLS to prevent hostile operators from understanding any captured data traffic. However, a “man in the middle” attack can still use sophisticated methods to intercept and capture data by searching for flaws in the connection. To further secure the IoT communications, the network data should be encrypted.

To encrypt data transmitted between the development board and AWS, the EV15R70A includes a Microchip Technology ATECC608A-MAHCZ-T Security CryptoAuthentication chip. The ATECC608A interfaces to the ATMEGA4808 over an I²C interface and encrypts and decrypts Wi-Fi sensor data. The ATECC608A supports many encryption standards, including AES-128 and SHA-256. It is also used to store the public and private encryption keys used for communicating with AWS.

Each ATECC608A in every EV15R70A development board is pre-programmed with a set of unique public and private keys to encrypt and decrypt data. Detailed operation of the ATECC608A encryption and decryption behavior is available from Microchip Technology only under a non-disclosure agreement. However, the ATMEGA4808 flash firmware included with the kit allows developers to easily encrypt and decrypt data between the development board and AWS, with a little prior knowledge of encryption protocols. This greatly simplifies operation of the IoT endpoint for developers new to encryption.

For IoT endpoints that must be hardened against not just network but also intense physical attacks, the ATECC608A device has built-in security features to protect against physical intrusion. For example:

  • It can detect physical attacks such as decapping the device in an attempt to electronically probe its internal state.
  • It can detect side-channel attacks, such as immersing the device in extreme cold in an attempt to preserve memory contents.
  • It can detect unusual I²C activity such as very fast or very slow clock speeds, as well as non-standard clock waveforms.
  • Internal memory contents are encrypted.
  • Internal circuitry may contain false circuits to circumvent reverse-engineering.

Connecting the EV15R70A to AWS

The EV15R70A’s firmware allows the development board to connect to AWS over a secure Wi-Fi connection. Once a connection to AWS is established, the board can be quickly monitored, configured, and controlled using any web browser connected to the appropriate AWS account.

To begin using the development board with AWS, the developer needs to first connect the board to a computer using a USB cable. The computer will see the board as a USB flash memory drive named CURIOSITY. The developer can then browse the board as they would a typical flash memory device. In root is a file appropriately named CLICK-ME.HTM. Clicking this file opens the device’s start page in the computer’s default web browser (Figure 3).

Image of Microchip EV15R70A connects to a computer over a USB cable (click to enlarge)Figure 3: The EV15R70A connects to a computer over a USB cable and appears like a USB flash memory device. Clicking the file CLICK-ME.HTM brings up a web page in the default web browser that introduces the user to the board and prompts for the board firmware to be updated. (Image source: Microchip Technology)

In the initial screen, the developer is introduced to the board and should make sure it is running the latest firmware. Clicking on, “Get the Latest Firmware” will take care of this. Next, the developer needs to scroll down the web page to a procedure instructing the developer how to configure the board to automatically connect a local Wi-Fi network. When successfully configured and connected, the blue Wi-Fi status LED will light up. When connected to an AWS account, the green Connection Status LED will light up. This provides a visual indication of the board’s status and helps debug connection problems.

Once a secure connection is established to AWS and a cloud application is in operation, the yellow Data Transfer LED will flash each time data is sent between the board and AWS. The board contains light and temperature sensors that are periodically sampled by the ATMEGA4808. The acquired data is sent to AWS to be viewed online.

For a more advanced application, the developer can write firmware to interact with any of the GPIO pins and peripherals. The pulse width modulation (PWM) port can be set to generate a waveform to operate a motor or actuator, and the SPI and UART can be programmed to interact with external devices. Any of these interactions can be monitored and controlled from a web browser connected to the corresponding AWS account.

The EV15R70A has header connectors that are compatible with mikroBUS Click daughter boards that can also be controlled and monitored by AWS. For example, the MikroElektronika MIKROE-1877 is a 3D motion sensor fusion board with a three-axis accelerometer, a gyroscope, and a magnetometer (Figure 4). An on-board motion coprocessor monitors the three sensors and sends data back to the EV45R70A over the mikroBUS Click I²C interface.

Image of MikroElektronika MIKROE-1877 3D motion sensor boardFigure 4: The MikroElektronika MIKROE-1877 is a 3D motion sensor board. It has a three-axis accelerometer, a gyroscope, a magnetometer, and a sensor-fusion coprocessor that connects to the EV45R70A board over a standard mikroBUS Click interface. (Image source: MikroElektronika)

With the MIKROE-1877 3D motion sensor board plugged into the EV45R70A, a developer can write firmware to monitor and store data from it. An AWS application can be configured to monitor the board and log data. When battery-powered, the EV45R70A with the MIKROE-1877 can be used to monitor the behavior of a robot, garage door, or vehicle, and the data viewed from any compatible web browser.

Conclusion

Getting started with IoT or IIoT endpoints with cloud control can have a steep learning curve for developers not familiar with the concepts and the nuances of critical areas such as security. Often the best way to understand these technologies is to learn-as-you-go using hardware designed to do just that. With the Microchip Technology EV45R709A AWS development board, developers can quickly learn the basic concepts of IoT, cloud storage, and cloud control, while at the same time building a useful, secure device for remote monitoring.

Disclaimer: The opinions, beliefs, and viewpoints expressed by the various authors and/or forum participants on this website do not necessarily reflect the opinions, beliefs, and viewpoints of Digi-Key Electronics or official policies of Digi-Key Electronics.

About this author

Bill Giovino

Bill Giovino is an Electronics Engineer with a BSEE from Syracuse University, and is one of the few people to successfully jump from design engineer, to field applications engineer, to technology marketing.

For over 25 years Bill has enjoyed promoting new technologies in front of technical and non-technical audiences alike for many companies including STMicroelectronics, Intel, and Maxim Integrated. While at STMicroelectronics, Bill helped spearhead the company’s early successes in the microcontroller industry. At Infineon Bill orchestrated the company’s first microcontroller design wins in U.S. automotive. As a marketing consultant for his company CPU Technologies, Bill has helped many companies turn underperforming products into success stories.

Bill was an early adopter of the Internet of Things, including putting the first full TCP/IP stack on a microcontroller. Bill is devoted to the message of “Sales Through Education” and the increasing importance of clear, well written communications in promoting products online. He is moderator of the popular LinkedIn Semiconductor Sales & Marketing Group and speaks B2E fluently.

About this publisher

Digi-Key's North American Editors