AWS GreengrassWith Microchip and Amazon Web Services (AWS), you can think globally, and act locally. By running Greengrass on a Microchip device you can link numerous edge nodes to Amazon’s cloud-based web services, for a cost-effective intelligent gateway solution. By using Microchip’s AWS gateway solution, you can concentrate data and services at the edge devices, which reduces unnecessary data relays to the cloud, thereby lowering the overall solution cost. Your Microchip-powered gateway, running AWS Greengrass core, can provide local services whether it’s inside a building, a truck or a home and connects edge node sensors or devices within your environment.
- Lowers AWS data cost
- Local compute functions at the edge
- Provide data resiliency with local repository
- Quicker response to local stimuli
Simplyfying Development with Our Comprehensive KitWith Microchip’s microprocessor (MPU) Greengrass gateway evaluation kit, you can see how easy it is to get your Greengrass gateway started. We walk you through the process of building the gateway software, setting up an AWS cloud account, creating a cloud application, and connecting the gateway to your cloud application. In this evaluation kit we show you how to create a temperature sensor AWS edge node with our PIC32MZ MCU-based platform running AWS FreeRTOS, and have the node register itself to your gateway. The kit will walk you through the creation and test of AWS Lambda functions which will allow data to be processed locally and acted upon (AI) locally without continuously sending data to the cloud.
AWS Greengrass Hardware Security Interface (HSI)When developing Linux-based solutions for the IoT marketplace, securely protecting the device identity, or in other words the private key(s), continues to be a significant attack vector. AWS offers Greengrass Hardware Security Interface (HSI) to address security requirements related to secure key storage for IoT Linux solutions. Greengrass HSI is simply a link from AWS Greengrass core to the PKCS#11 library. When Greengrass HSI is combined to the ATECC608A secure element, the design benefits from very robust and scalable key storage solution which authenticates Greengrass-enabled solutions to the AWS IoT service as well as edge nodes connected to a Greengrass gateway.
Unless you have experienced Linux developers within your organization, proper training and education of software engineers, is a must for a successful MPU implementation. The big advantage in the Linux community is an abundance of qualified engineers and/or consultants who share their expertise with the community.
Microchip’s System On Module (SOM) and System in Package (SiP) options ease the design of a microprocessor (MPU)-based system and can be used for industrial-grade designs. They ensure signal integrity for the high-speed interfaces to DDR memory and, in the case of the SOM, the Ethernet Physical layer (PHY) while complying with Electromagnetic Compatibility (EMC) standards. You can solder the SOM on a motherboard and take it to production or use it as a reference design for your custom hardware, along with the free schematics, Gerber files and complete bill of materials, all available online. Our Linux development code will immediately run on the SOM, allowing you to get to production release even faster.
Before a connection between a host and a client is completed, trust must be established based on a unique, trusted, protected identity. This identity is the private key that will be used to authenticate a cloud service, a gateway or an edge node. Security is only as strong as its weakest link and too often private keys are left accessible in processors memories. An attacker can easily obtain the key, even if it’s encrypted, and impersonate the Linux-based system. To address the issue, AWS Greengrass offers a feature called Greengrass HSI that is an interface to communicate between the Greengrass core and a secure element, like the ATECC608A, using the PKCS#S11 library. With its JIL “high“ rated security grade, the ATECC608a empowered by Greengrass HSI brings the capability to add hardware-based secure key storage to any Linux system. All the cryptographic functions involved with keys remain inside the secure boundaries of the ATEC608A where the private key is generated, stored and protected. Greengrass HSI sends a challenge to the secure element which will answer with a response containing a signature based on the stored private key. The authentication, one of the security pillars, relies now on an adequately protected root of trust. The ATECC608a is also part of the AWS Device Qualification Program supporting AWS Greengrass.