cancel
Showing results for 
Search instead for 
Did you mean: 

Kidnly asking for info, regarding a project

MLavr
Associate

Hello everyone!

First let me introduce myself. I am an IT engineer from a company CREA Plus that is stationed in Ljubljana, Slovenia. I got assigned a project, that uses the STM32F100 chips.

As I have no experience myself and am only getting information from the st.com web page.

To describe the project and wishes:

So, a company that trusted us the project, wants us to securely connect their IoT devices (they use the STM32F100 chip) to an Azure Iot Hub.

There is a lot of documentation about ST and azure, but nothing specific for this chip.

The question we have:

  1. Can we connect STM32F100 securely to the Azure Iot Hub with a x.509 certificate
  2. How does and where would be suggested, for the chips to get the firmware with the certificates?
  3. As I can understand, the chips can be configured to automaticaly connect to the Azure Iot Hub?
  4. STM32F100 does not have a WIFI module, and with that, we are wondering, how can it get access to the internet? Via USB?
  5. As I discovered, STM32F100 does have support for a STSAFE hardware. Can we directly connect the STM32F100 chip to a STSAFE-A100 chip, and use that as the hardware secure place for the certificate store?
  6. Does SMT32F100 support OTA (over the air) update?
  7. Can you suggest a different STM32 model chip, that can do everything described above?

So manny questions I know, but I gotta start somewhere.

With kind regards

Miha Lavri�?

3 REPLIES 3
  1. You'll need a TLS implementation library, like mbedTLS, to do that. Those type of libraries may be too big for some microcontroller flash/SRAM sizes. Exactly which model are you using? For example, STM32F100C4 has only 16KB of flash, which is too small, while STM32F100RC has 256KB of Flash, which is plenty.
  2. You'll have to put the certificate in the firmware as any other binary data, defined as constant data array in C/C++ code. [ Click on Show More to see the post ]
  3. What do you mean automatically? It needs a firmware, a compiled code written by somebody, to run and do whatever is required.
  4. You can use, for example, a GSM modem (for cellular), or ESP8266/ESP32 for WiFi, connected to STM32 by UART interface, and using AT commands to send data.
  5. Using a separate crypto-chip capable of doing TLS is a good idea. You won't be required to implement the TLS in your code, and you can keep the keys/certificates more securely there. So the answer is yes, STM32 can communicate with STSAFE-A100, using the I2C interface.
  6. Yes, you'll have to use some kind of OTA channel and implement a custom bootloader with the required features

MLavr
Associate
  1. Got it!
  2. Is there a "best practice" case, who injects the certificate. Is that done by ST?
  3. So if i understand you correctly, we configure the firmware to connect to our Azure IOT hub, and install it on the chip?
  4. Cant the STM32 chips, who have usb support get their power and internet over USB if its connect via a computer who is connected via ethernet to the outside world? Do we need a seperate module for that? So bassicly can the firmware use the internet of the computer, if its connected to the computer via USB. (sorry for my lack of understanding!)
  5. Got it!
  6. Got it!

Thanks for the answers!

BR

Miha

Piranha
Chief II