How does it work?
Plug&Trust Click, as its foundation, uses the SE050C, a ready-to-use IoT secure element solution that provides a root of trust at the IC level, and it gives an IoT system state-of-the-art, edge-to-cloud security capability from NXP Semiconductors. It is designed to be used as a part of an IoT system; works as an auxiliary security device attached to a host MCU. It offers enhanced Common Criteria EAL 6+ security certification up to the OS level and supports both RSA and ECC asymmetric cryptographic algorithms with high key length and future proof ECC curves. The latest security measures protect the IC against sophisticated non-invasive and invasive attack scenarios.
The SE050C is a turnkey solution that comes with JavaCard operating system and an applet optimized for IoT security use cases, pre-installed. To support scalability while servicing the broadest range of use cases in IoT applications, the SE050C is available in different pin-to-pin compatible configurations, including versions with support for sensors directly attached to the device, the I2C Controller, or contactless interface.
Plug&Trust Click communicates with MCU using the standard I2C 2-Wire interface, where the host controller represents the Controller and the Click board being the Target. Besides the mandatory connection to the host controller, this Click board™ can optionally be connected to a sensor node or similar element through separate I2C interface pins located on the 1×4 male header labeled as labeled as I2C Master. In this case, the SE050C device is the Controller device, and the sensor node represents the Target.
This Click board™ also offers a choice for the user to select the appropriate I2C communication speed, selected by onboard SMD jumpers labeled as I2C SPEED to a proper position marked as 400Kb and 3.4Mb. Note that all the jumpers must be lined to the same side, or else the Click board™ may become unresponsive. On the other side, the Shutdown pin, labeled as EN and routed to the CS pin of the mikroBUS™ socket, optimizes power consumption and is used for power on/off purposes, while the RST pin has no functionality in I2C Mode. Also, this Click board has an onboard antenna, providing a wireless interface to an external device like a smartphone, connected via a switch labeled as ANTENNA with SE050C allowing the activation of the antenna itself by setting it to the appropriate ON or OFF position.
This Click board™ can be operated only with a 3.3V logic voltage level. The board must perform appropriate logic voltage level conversion before use with MCUs with different logic levels. However, the Click board™ comes equipped with a library containing functions and an example code that can be used, as a reference, for further development.
Specifications
Type
Encryption,IoT security
Applications
Can be used in IoT security use cases such as secure connection to public/private clouds, device-to-device authentication, sensor data protection, and more. ISO14443 CL, I2C Target and Controller mode
On-board modules
SE050C – ready-to-use IoT secure element solution that provides a root of trust at the IC level, and it gives an IoT system state-of-the-art, edge-to-cloud security capability from NXP Semiconductors
Key Features
Ready-to-use IoT secure element solution, Common Criteria EAL 6+ security certification, supports both RSA & ECC asymmetric cryptographic algorithms with high key length and future proof ECC curves, protect against attack scenarios, comes with JavaCard operating system, and more.
Interface
I2C
Feature
No ClickID
Compatibility
mikroBUS™
Click board size
L (57.15 x 25.4 mm)
Input Voltage
3.3V
Pinout diagram
This table shows how the pinout on Plug&Trust Click corresponds to the pinout on the mikroBUS™ socket (the latter shown in the two middle columns).
Onboard settings and indicators
Label | Name | Default | Description |
---|---|---|---|
LD1 | PWR | – | Power LED Indicator |
JP1-JP2 | I2C SPEED | Left | I2C Speed Selection 400Kb/3.4Mb: Left position 400Kb, Right position 3.4Mb |
J1 | I2C Controller | Unpopulated | I2C Controller Connection Header |
SW1 | ANTENNA | Right | Antenna Activation Switch OFF/ON: Left position OFF, Right position ON |
Plug&Trust Click electrical specifications
Description | Min | Typ | Max | Unit |
---|---|---|---|---|
Supply Voltage | 1.62 | – | 3.6 | V |
Antenna Operating Frequency | – | 13.56 | – | MHz |
Operating Temperature Range | -40 | +25 | +105 | °C |
Software Support
We provide a library for the Plug&Trust Click as well as a demo application (example), developed using MikroElektronika compilers. The demo can run on all the main MikroElektronika development boards.
Package can be downloaded/installed directly from NECTO Studio Package Manager(recommended way), downloaded from our LibStock™ or found on mikroE github account.
Also, the user is allowed to use SW support by NXP (Plug & Trust Middleware Mini Package), which can be found on the attached NXP GitHub account. For all additional SW support questions, the customers can submit a ticket to the official NXP Support page.
Library Description
This library contains API for Plug&Trust Click driver.
Key functions:
plugntrust_cfg_setup
– Config Object Initialization function.plugntrust_init
– Initialization function.plugntrust_default_cfg
– Click Default Configuration function.
Examples description
This application is showcasing basic functionality of Plug&Trust Click board™. It gets identify data from device, selects card manager and applet. Then checks free memory, reads all objects and deletes not reserved ones. After that showcases a few of functionality: Generating random data, Creating, reading and deleteing binary objects, Creating AES symmetrical key and cipher with it; In the end it is showcasing funcionality in the endless loop.
The demo application is composed of two sections :
void application_task ( void ) { const uint8_t DATA_LEN = 16; static uint8_t aes_value[ DATA_LEN ] = { 0x40, 0x41, 0x42, 0x43,0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4A, 0x4B,0x4C, 0x4D, 0x4E, 0x4F }; static uint32_t binary_id = 0xBBBBBBBB; static uint32_t aes_id = 0xCCCCCCCC; uint8_t random_data[ DATA_LEN ] = { 0 }; uint8_t read_data[ DATA_LEN ] = { 0 }; uint8_t encrypted_data[ DATA_LEN ] = { 0 }; uint32_t read_len = DATA_LEN; if ( PLUGNTRUST_OK == plugntrust_get_random_numbers( &plugntrust, random_data, DATA_LEN ) ) { log_printf( &logger, " > Generated random data: 0x" ); log_buf_hex( random_data, DATA_LEN ); log_printf( &logger, "rn" ); } else { log_error( &logger, " Random" ); } Delay_ms( 2000 ); if ( PLUGNTRUST_OBJECT_DOESNT_EXIST == plugntrust_check_object_exist( &plugntrust, binary_id ) ) { log_printf( &logger, " Write random data to binary object...rn" ); if ( PLUGNTRUST_OK != plugntrust_write_binary_object( &plugntrust, binary_id, 0, DATA_LEN, random_data ) ) { log_error( &logger, " Write Binary" ); } else { log_info( &logger, " Status OK" ); } } else { log_error( &logger, " Binary object already exist" ); } Delay_ms( 2000 ); if ( PLUGNTRUST_OBJECT_DOES_EXISTS == plugntrust_check_object_exist( &plugntrust, binary_id ) ) { if ( PLUGNTRUST_OK == plugntrust_read_object( &plugntrust, binary_id, 0, 0, read_data, &read_len ) ) { log_printf( &logger, " > Read data from binary object: 0x" ); log_buf_hex( read_data, read_len ); log_printf( &logger, "rn" ); } else { log_error( &logger, " Read binray object" ); } } else { log_error( &logger, " Binary object doesn't exist" ); } Delay_ms( 2000 ); log_printf( &logger, " Create AES key...rn" ); create_128_aes_key( aes_id, aes_value ); Delay_ms( 2000 ); if ( PLUGNTRUST_OK == cipher_data_with_aes_key( aes_id, PLUGNTRUST_P2_ENCRYPT_ONESHOT, read_data, encrypted_data ) ) { log_printf( &logger, " > Encrypted data: 0x" ); log_buf_hex( encrypted_data, DATA_LEN ); log_printf( &logger, "rn" ); } else { log_error( &logger, " Encrypting data" ); } Delay_ms( 2000 ); if ( PLUGNTRUST_OK == cipher_data_with_aes_key( aes_id, PLUGNTRUST_P2_DECRYPT_ONESHOT, encrypted_data, read_data ) ) { log_printf( &logger, " > Decrypted data: 0x" ); log_buf_hex( read_data, DATA_LEN ); log_printf( &logger, "rn" ); } else { log_error( &logger, " Decrypting data" ); } Delay_ms( 2000 ); log_printf( &logger, " Delete Binary and AES object...rn" ); if ( ( PLUGNTRUST_OK != plugntrust_delete_object( &plugntrust, binary_id ) ) || ( PLUGNTRUST_OK != plugntrust_delete_object( &plugntrust, aes_id ) ) ) { log_error( &logger, " Deleting objects" ); } log_printf( &logger, "*****************************************************************************rn" ); Delay_ms( 5000 ); }
The full application code, and ready to use projects can be installed directly from NECTO Studio Package Manager(recommended way), downloaded from our LibStock™ or found on mikroE github account.
Other mikroE Libraries used in the example:
- MikroSDK.Board
- MikroSDK.Log
- Click.PlugnTrust
Additional notes and informations
Depending on the development board you are using, you may need USB UART click, USB UART 2 click or RS232 click to connect to your PC, for development systems with no UART to USB interface available on the board. The terminal available in all MikroElektronika compilers, or any other terminal application of your choice, can be used to read the message.
mikroSDK
This Click board™ is supported with mikroSDK – MikroElektronika Software Development Kit. To ensure proper operation of mikroSDK compliant Click board™ demo applications, mikroSDK should be downloaded from the LibStock and installed for the compiler you are using.
For more information about mikroSDK, visit the official page.