After three short years of use, Roni Bandini’s Samsung washing machine started to act erratically, and several technicians looked at it without really fixing the problem. Bandini then decided to take matters into his own hands and replaced its brains with a MKR WiFi 1010 board, along with four relays and a trio of buttons.
This new system can control the motor and valves to progress through a wash cycle. It also takes advantage of the Arduino’s WiFi abilities to integrate with Telegram, sending a message to the entire family when the laundry is done.
Future goals for the project include varying the motor speed and making it reverse, but so far it’s a brilliant way to keep a large hunk of metal and plastic out of the junkyard. Code is available on GitHub, and print files for the enclosure are up on Thingiverse.
We’re excited to announce the launch of the Arduino Oplà Kit, the first open programmable IoT platform that allows you to add smart connectivity to the devices around your home or workplace and build custom IoT devices.
The Oplà IoT Kit contains all the hardware necessary to create eight connected applications, access to an online platform with assembly instructions, and a 12-month subscription to the Arduino Create Maker Plan. This kit is perfect for beginners with basic DIY experience, while more advanced users can leverage it to customize and hack their smart applications and devices, with full control of their data and processes.
Eight out-of-the-box projects to connect your home or workplace
The projects included in the Oplà IoT Kit enable users to turn everyday appliances into smart appliances, which can be controlled remotely on a mobile phone:
Personal Weather Station — Record and monitor local weather conditions
Home Security Alarm — Detect motion and trigger warnings
Solar System Tracker — Retrieve data from planets and moons in the solar system
Inventory Control — Track goods in and out
Smart Garden — Monitor and manage the environment for your plants
Thermostat Control — Smart control for heating and cooling systems
Thinking About You — Send messages between the kit and the Arduino IoT Cloud
Create, connect, control. The Internet of Things has never been so easy!
No soldering is required with the Oplà IoT Kit, which is based on a MKR IoT carrier with an OLED color display, on-board environmental sensors and capacitive touch buttons. The kit also includes a MKR WiFi 1010 board, a circular plastic enclosure and supporting accessories, such as two cables, a motion sensor, a moisture sensor, and a USB cable.
To build applications, users can rely on the Oplà online platform. Each project includes goals, an intro to the components, step-by-step instructions with illustrations and videos to guide you through assembling the product and building the code.
Finally, the kit acts as the physical interface of the Arduino IoT Cloud and comes with a 12-month subscription to the Arduino Create Maker Plan, offering unlimited compilation time and extended access to all the features of the Arduino IoT Cloud.
“When creating the Oplà IoT Kit, we wanted to design a platform that would allow anyone to gain a complete experience of what the Internet of Things has to offer around the home or workplace and I really believe we have achieved this. It is a great kit for users to build custom devices and enjoy being creative, no matter your level of experience,” says Arduino CEO Fabio Violante. “With this launch, we take yet another step towards lowering the barrier to entry for IoT development and cannot wait to see the projects created by users embracing connected devices both in their homes and at work.”
The open-source library ArduinoBearSSL for implementing TLS protocol on Arduino boards;
A hardware secure element (Microchip ATECCX08A) to guarantee authenticity and confidentiality during communication;
A device certificate provisioning process to allow client authentication during MQTT sessions.
In the past, it has been challenging to create a complete SSL/TLS library implementation on embedded (constrained) devices with very limited resources.
An Arduino MKR WiFi 1010, for instance, only has 32KB of RAM while the standard SSL/TLS protocol implementations were designed for more powerful devices with ~256MB of RAM.
As of today, a lot of embedded devices still do not properly implement the full SSL/TLS stack and fail to implement good security because they misuse or strip functionalities from the library, e.g. we found out that a lot of off-brand boards use code that does not actually validate the server’s certificate, making them an easy target for server impersonation and man-in-the-middle attacks.
Security is paramount to us, and we do not want to make compromises in this regard when it comes to our offering in both hardware and software. We are therefore always looking at “safe by default” settings and implementations.
Particularly in the IoT era, operating without specific security measures in place puts customers and their data at risk.
This is why we wanted to make sure the security standards adopted nowadays in high-performance settings are ported to microcontrollers (MCUs) and embedded devices.
Back in 2017, while looking at different SSL/TLS libraries supporting TLS 1.2 and modern cryptography (something that could work with very little RAM/ROM footprint, have no OS dependency, and be compatible with the embedded C world), we decided to give BearSSL a try.
BearSSL: What is it?
BearSSL provides an implementation of the SSL/TLS protocol (RFC 5246) written in C and developed by Thomas Pornin.
Optimized for constrained devices, BearSSL aims at small code footprint and low RAM usage. As per its guiding rules, it tries to find a reasonable trade-off between several partly conflicting goals:
Security: defaults should be robust and using patently insecure algorithms or protocols should be made difficult in the API, or simply not possible;
Interoperability with existing SSL/TLS servers;
Allowing lightweight algorithms for CPU-challenged platforms;
Be extensible with strong and efficient implementations on big systems where code footprint is less important.
BearSSL and Arduino
Our development team picked it as an excellent starting point for us to make BearSSL fit in our Arduino boards focusing on both security and performance.
The firmware developers team worked hard on porting BearSSL to Arduino bundling it together as a very nice and open-source library: ArduinoBearSSL.
Because the computational effort of performing a crypto algorithm is high, we decided to offload part of this task to hardware, using a secure element (we often call it a “cypto chip”). Its advantages are:
Making the computation of cryptography operations faster;
You are not forced to use all the available RAM of your device for these demanding tasks;
Allows storing private keys securely (more on this later);
It provides a true random number generator (TRNG).
How does the TLS protocol work?
TLS uses both asymmetric and symmetric encryption. Asymmetric encryption is used during the TLS handshake between the client and the server to exchange the shared session key for communication encryption. The algorithms commonly used in this phase are based on Rivest-Shamir-Adleman (RSA) or Diffie-Hellman algorithms.
TLS 1.2 Handshake flow
After the TLS handshake, the client and the server both have a session key for symmetric encryption (e.g. algorithms AES 128 or AES 256).
The TLS protocol is an important part of our IoT Cloud security model because it guarantees an encrypted communication between the IoT devices and our servers.
The secure element
In order to save memory and improve security, our development team has chosen to introduce a hardware secure element to offload part of the cryptography algorithms computational load, as well as to generate, store, and manage certificates. For this reason, on the Arduino MKR family, Arduino Nano 33 IoT and Arduino Uno WiFi Rev2, you will find the secure element ATECC508A or ATECC608A manufactured by Microchip.
How do we use the secure element?
A secure element is an advanced hardware component able to perform cryptographic functions, we have decided to implement it on our boards to guarantee two fundamental security properties in the IoT communication:
Authenticity: You can trust who you are communicating with;
Confidentiality: You can be sure the communication is private.
Moreover, the secure element is used during the provisioning process to configure the Arduino board for Arduino IoT Cloud. In order to connect to the Arduino IoT Cloud MQTT broker, our boards don’t use a standard credentials authentication (username/password pair). We rather opted for implementing a higher-level authentication, known as client certificate authentication.
How does the Arduino provisioning work?
The whole process is possible thanks to an API, which exposes an endpoint a client can interact with.
As you can see in the diagram below, first the Client requests to register a new device on Arduino IoT Cloud via the API, to which the server (API) returns a UUID (Universally Unique IDentifier). At this point, the user can upload the sketch Provisioning.ino to the target board.This code is responsible for multiple tasks:
Generating a private key using the ATECCX08A, and store it in a secure slot that can be only read by the secure element;
Generating a CSR (Certificate Signing Request) using the device UUID as Common Name (CN) and the generated private key to sign it;
Storing the certificate signed by Arduino acting as the authority.
After the CSR generation, the user sends it via the API to the server and the server returns a certificate signed by Arduino. This certificate is stored, in a compressed format, in a slot of the secure element (usually in slot 10) and it is used to authenticate the device to the Arduino IoT Cloud.
Researchers at UNIST in South Korea have developed a novel system for smart device input using touch-sensitive fingernails, called Nailz.
As noted in the team’s paper, fingernails have long been augmented for cosmetic purposes and are extremely accessible, making them a perfect unobtrusive input platform.
144 thumb/finger gestures were identified for the setup, with 29 selected as being most practical. This method was then tested with a 94.3 percent accuracy. Fingernails were augmented using flexible PCB material, along with an MPR121 capacitive sensing chip, and an accelerometer was also used to detect wrist movement. Input data for this experiment was obtained by an Arduino MKR WiFi 1010 and sent to a PC for further processing.
Learning to play an an instrument well takes a lot of time, which many people don’t have. To address this, Franco Molina — who enjoys MIDI controllers and writing music, but describes himself as being terrible at playing the keyboard — created the Synthfonio.
Molina’s DIY device is vaguely reminiscent of a guitar, with a series of keys on the neck that indicate the chords and key signatures, and another set roughly positioned where you’d strum a guitar to play the notes.
The Synthfonio is assembled from laser-cut MDF sections, and utilizes a MKR WiFi 1010 to take care of I/O and MIDI functions. A second microcontroller in the form of an ATmega328 on a breadboard is used to produce actual synth sounds, though most Arduinos would be suitable either function.
The Synthfonio features 2 sets of keys, one to define chords and key signatures, and another one to actually play the notes. Whatever chord is pressed in the instruments neck keys, will define the pitch of the keys on the instrument handle. Similar to a guitar, violin, and other string instruments; with the added advance that the Synthfonio is a smart device that can deduce the chords being played from a single set of notes. This way, for example, the musician can use the handle keys to play chords, melodies, and arpeggios in the key of A, just by pressing the A key on the neck. In the same way, pressing the A key on the neck in conjunction with the C key (minor third of A) will activate an A minor tonality for the handle keys.
This can allow any player to execute a 4-chord melody, accompaniment, or even improvisation; with no more than one or two fingers in position.