TI Sitara™ MCU devices have a strong networking stack and hardware IP support that is already being utilized widely in the industry. Connectivity with external world is a risky proposition if there is no promised security in the network. While the networking capabilities and hardware IPs are gracefully evolving, becoming more efficient and optimized, the security aspect cannot be overlooked. Lack of security can lead to improper functioning of the system or even make the environment prone to Cyber-attacks, for example, MITM, eavesdropping, tampering, or message forgery. This gap can be bridged by having Transport Layer Security (TLS). TLS is a cryptographic protocol that provides secure communication over the internet majorly through encrypting the data that is communicated. TLS ensures that a secure communication channel can be established between two or more entities in the network.
TLS protocol can be divided into two parts:
This document introduces integration of MbedTLS applicable to Sitara MCU devices over the existing LwIP TCP/IP networking stack, adding security at the Transport layer (L4 of the OSI model). Transport layer provides a secure end-to-end communication channel. As a result, all the data passing through the network after Transport Layer (layer 4) can be securely transferred. The MbedTLS project was ported over as an independent library to TI architecture, measure the performance, and ways of optimizing the cryptographic operations via hardware acceleration. The use of MbedTLS in network security examples is also discussed.
The code and examples discussed in this document can be found in TI MCU_PLUS_SDK v09.00 or later for AM243x, AM263x, AM273x, AM64x devices.
Sitara™ is a trademark of Texas Instruments.
All trademarks are the property of their respective owners.
Industry 4.0 is data intense and relies on real time decision making and applications need a mechanism to securely transmit the data across the network. This demonstration is an advancement in the networking and security domains for the TI Sitara MCU devices.
This application note addresses the following:
With high performance multi-core processing power, the TI Sitara MCU device is designed for real time processing and connectivity. The integration of MbedTLS over LwIP aims to further strengthen the networking and connectivity by adding a layer of security. LwIP is a lightweight TCP/ IP stack commonly used in embedded systems. The devices have CPSW and ICSS IPs for networking. The devices with its raw processing power and ability to control signals real time, with support of multi-protocol Ethernet standards, networks can operate at speeds as high as 1 Gbps. They also possess a strong crypto accelerator to offload cryptography from software to hardware, further optimizing the performance of the overall application.