Skip to content

System Settings

Jump to bottom
oscarmicrochip edited this page Aug 23, 2016 · 74 revisions

Get the Secure Insight on Things GUI on your Windows System. Click here for instructions.

Open the AWS Secure Insight application

One of the first step is to configure the system settings: SSID, WIFI password, AWS IoT account credentials,...

Start the Insight desktop Application on your computer.

When the application starts it would open a window like the one shown below.

Populate the following fields:

  • AWS Thing Name: This is the name you assign to your End Node "The Thing".
  • AWS End Point Address: This will provide you're AWS Endpoint Address to the GUI. For example "us-west-2"
  • AWS Access Key ID: Place here the access key provided when you created your AWS Account.
  • AWS Secret Access Key: Place here your secret access key.
  • WiFi SSID: Enter your access point SSID.
  • WiFi Password: Enter your access point password.

Press Create New Thing Button.

If you don't see the Create New Thing Button, you will need to enlarge your window until you see it at the bottom

After you have setup your End Node "The Thing", the following window will appear

The Secure Insight on Things menu that provide the following options

  • Microchip Insight on Things
    • About Insight on Things: Provides the License Information as well as the Application Version
    • Quit: Quit Application
  • View
    • Thing Shadow: Provides control switches and report buttons that will interact with the AWS "Thing" once it's registered and connected to AWS IoT
    • Reload: It enables the capability of reloading the Insight on Things application.
    • Toggle DevTools: It will enable the developer window

Open your AWS Zero Touch Secure Provisioning Kit and assemble it as shown below.

The AWS Zero Touch Secure Development Kit comes with a USB dongle equipped with an ECC508 configured as a Root Certificate Authority (Red Label) and Signer USB dongle (Green Label). For more information about the use of a Root Certificate Authority and a Signer click here.

Connect the Root and Signer USB dongle to your computer.

Connect the G55 setup to your computer using the Target USB Connector, like shown in the figure below.

On the Secure Insight on Things GUI press RE-SCAN CONNECTIONS button. A list of the connected devices should appear as shown in the image below.

If you are using a VM for Windows you will need to manually passthrough the USB control to the VM.

On the top menu go to View and press Toggle DevTools. The Developer window will appear to the right.

Select Console.

Up to this point we have everything we need to start the registration process of our Signer Certificate by using the Bring Your Own Certificate feature of AWS and the registration process of our End Node "The Thing" using the JITR capability of AWS. More information about BYOC and __JITR__can be found here

The empowerment that allows the AWS BYOC and JITR features to function without user intervention within the AWS IoT ecosystem relays on the advantages and capabilities that ECC508A provides. For more information click here

Registering Your Signing Module with AWS as a Certificate Authority using the Bring Your Own Certificate BYOC

Press the REGISTER SIGNER button on the Secure Insight on Things Setup This will do the following:

  • The Signer Module will generate a certificate.
  • The Root Module will sign the Signers Certificate.
  • Registration code will be obtained from AWS.
  • Signer and Verification Certificate will be registered in to AWS.
  • To verify your Signer's Certificate Registration you can access your AWS account, under AWS IoT. You will find that your certificate has been added, as it is shown below.

The process involved during this step can be follow through the Console window in the Secure Insight on Things GUI. More information about the BYOC capability can be found here

Registering Your AWS Thing by using JITR

The next step is to register your AWS device that has been signed by the previous registered CA.

Before we can achieve this, the following steps need to happen

  • Attach a policy to the Certificate
  • Activate the certificate

The above can be done by an AWS Lambda function attached to a rule. If you need to complete these steps, a detailed explanation on how to achieve this can be found here

In order to proceed with this step you need to make sure your FW on your AWS Zero Touch Secure Development Kit is v1.0.6 or above. If your FW is an earlier revision a message will appear in the GUI, like the one shown bellow.

For detailed information on how to update your AWS Zero Touch Secure Development Kit click [here]

Press the PREPARE AWS THING button on the Secure Insight on Things Setup This will do the following:

  • The Thing will generate a certificate

  • The Signer Module will Sign the Thing's certificate

  • A TLS session is stablished using the Thing's ECC508

  • JITR takes place

  • AWS Thing has been registered

  • When the process is done you'll get a message like the one bellow from the GUI console.

  • To verify your AWS Thing Registration through JITR you can access your AWS account, under AWS IoT. You will find that your AWS Thing's certificate has been added, as it is shown below.

The process involved during this step can be follow through the Console window in the Secure Insight on Things GUI. The detail explanation can be obtain [here]

Using Shadow View to interact with AWS Thing

The Shadow View will give you access to control switches and button indicators that interact with the AWS Thing. The kit comes with the OLED1 Display Board which has 3 LEDs and 3 push buttons available for interaction with the user. It also has an OLED display that could show messages (Not supported in current FW and GUI revisions). As reference see image below.

  • If you press Switch LED1 on GUI, LED1 on OLED1 extension board will turn on. (This will happen if AWS Thing has successfully connected and registered on to AWS IoT)
  • If you press push Button 1 on OLED1 Extension, Button 1 on GUI will turn on. (This will happen if AWS Thing has successfully connected and registered on to AWS IoT)

To access this mode

Go to View menu in the Secure Insight on Things GUI.

Press the Thing Shadow option. The following window should appear.

The process involved during this step can be follow through the Console window in the Secure Insight on Things GUI. The detail explanation can be obtain [here]

Troubleshooting

If you are having trouble connecting with AWS IoT and your thing, check to make sure that each of the issues bellow are resolved.

Connection Issue

During your setup of the AWS Zero Touch Development kit a connection issue may happen. If this occurs we have set up the LEDs on the OLED1 display to report different connectivity problems. Refer to the matrix below a for reference.

If any issue related to the matrix above happens, press the Reset button on the kit for it to re-try reconnecting to the AWS IoT server.

Note that in order for the AWS Thing to connect the following steps need to have been completed.

  • Registering Your Signer into AWS by using BYOC
  • Registering Your AWS Thing by using JITR

-If you have done the above successfully and your AWS "Thing" does not appear in your AWS account, press the RESET button on the AWS Zero Touch Secure Provisioning Kit.

Credential Issue

  • The credentials are case sensitive.

Wiki Home

User Guide

Clone this wiki locally