SSV MLS/160A System Reference Manual Download Page 11 | Manualshive

Page: 11 / 21

SSV MLS/160A System Reference Manual Download Page 11

MLS/160A – System Reference

D o c u m e n t R e v i s i o n 1 . 1

11

4.2

Secure Device Update (SDU)

The secure device update function allows the secure remote update of the MLS/160A’s
firmware. Therefore it uses the

A/B boot concept

(please see

chapter 4.1

).

To run a secure device update the

SDU app

must be installed on the remote station, e.g.

the remote maintenance gateway RMG/941. The SDU app contains an

SDU agent

, which

connects with the

SDU device driver

of the MLS/160A.

Figure 5:

Diagram of the Secure Device Update

Update Process

The update process follows these steps:

•

Invalidating

the inactive slot by setting its magic number from "RIOT" to "0000".

•

Writing the new header and firmware excluding the magic number into the inactive
slot. The slot remains invalid because its magic number is still "0000".

•

Verifying the written slot by an SHA256 HMAC (Keyed-Hash Message Authentica-
tion Code).
If the

HMAC is valid

, the magic number is set back to "RIOT" and the slot is valid

again and ready to boot.
If the

HMAC is invalid

, the magic number is not changed and the slot remains inva-

lid.

•

Resetting the MLS/160A and checking if the slots are valid. If both slots are valid,
the slot with the higher version number is used, which should be the updated one.

Please refer to

chapter 5.3

for a detailed description of the update process.

«
...
9
10
11
12
13
...
»

Summary of Contents for MLS/160A

Page 1: ...160A Soft Sensor System Reference SSV Software Systems GmbH D nenweg 5 D 30419 Hannover Phone 49 0 511 40 000 0 Fax 49 0 511 40 000 40 E mail sales ssv embedded de Document Revision 1 1 Date 2020 11...

Page 2: ...3 INTERFACES 7 3 1 JTAG Debug J1 7 3 2 Primary RS485 Screw Terminal J2 8 3 3 Power Connector J4 8 3 4 Power Status LED D1 8 4 OPERATING SYSTEM 9 4 1 A B Boot Concept 10 4 2 Secure Device Update SDU 1...

Page 3: ...squeezed or dam aged in any way when you set up the device Do NOT turn on the power supply while connecting any cables especially the pow er cables This could cause damaged device components First con...

Page 4: ...MLS 160A System Reference 4 Document Revision 1 1 1 3 Block Diagram Figure 1 Block diagram MLS 160A 1 4 Nameplate Figure 2 Nameplate MLS 160A...

Page 5: ...ution signed 16 bit integer Environmental Sensor Bosch BME280 Humidity Operating range 0 100 rel humidity Pressure Operating range 300 1100 hPa Temperature Operating range 40 85 C Software Operating s...

Page 6: ...MLS 160A System Reference 6 Document Revision 1 1 2 OVERVIEW Figure 3 Overview MLS 160A...

Page 7: ...n please refer to STM32 datasheet 5 TDI Test Data In 6 TXD1 Debug Port TXD1 Pin 7 TMS Test Mode Select 8 RXD1 Debug Port RXD1 Pin 9 TCK Test Clock 10 GND Ground 11 Reserved Do not use 12 Reserved Do n...

Page 8: ...ite 2 GND Ground Brown Table 5 Pinout power connector CAUTION Providing the MLS 160A with a higher voltage than the regular 12 24 VDC 10 could cause damaged device components Do NOT turn on the power...

Page 9: ...es All this makes it an ideal OS for the MLS 160A and opens up versatile options for own de velopments as well as benefiting from community driven enhancements In order to build an application or libr...

Page 10: ...them may store the MLS 160A s firmware Figure 4 Division of the MCU Flash memory Header Each boot slot has a header containing following information as 32 bit unsigned integer uint32 magic_number hea...

Page 11: ...teps Invalidating the inactive slot by setting its magic number from RIOT to 0000 Writing the new header and firmware excluding the magic number into the inactive slot The slot remains invalid because...

Page 12: ...itches to the MEASURING state Invalid datagrams will be ignored MEASURING The sensors of the MLS 160A are cyclically polled with the configured sample rate The measuring data is sent within a measurin...

Page 13: ...CCX Z GYRX Z TEMP HUM These enable bits define which measurement values of the sensors are used At least one value must be activated otherwise the configuration is invalid and will be ignored SAMPLE R...

Page 14: ...cter M 0x4D is the identifier of the measuring datagram READING ACCX Z READING GYRX Z Measured value of the BMI160 sensor as 16 bit unsigned integer uint16 in little endian format READING TEMP READING...

Page 15: ...rence Document Revision 1 1 15 Update During the update process several datagrams are sent between the remote station and the MLS 160A Figure 7 shows the update process in a diagram Figure 7 Diagram o...

Page 16: ...OFFSET These 4 bytes define the offset of the firmware binary file in bytes little endian MAXCL These 2 bytes define the maximum chunk length of the firmware binary file in bytes little endian in this...

Page 17: ...completely requestHMAC In this case the MLS 160A sends a verification datagram of 1 byte length with the ASCII character V 0x56 to the remote station Length in Bytes 1 0x56 V Table 14 Verification da...

Page 18: ...mote station Length in Bytes 1 0x59 Y Table 16 Okay datagram from the MLS 160A denyUpdate If the HMAC is invalid the magic number of the updated slot is not changed and the slot remains invalid The ML...

Page 19: ...MLS 160A System Reference Document Revision 1 1 19 6 MECHANICAL DIMENSIONS All length dimensions have a tolerance of 0 5 mm Figure 8 Mechanical dimensions of MLS 160A...

Page 20: ...like shown in figure 9 Figure 9 Wiring diagram for the connection of the MLS 160A to an RMG 941 Wire color Pin MLS 160A Pin RMG 941 White 1 Vin 24 VDC A3 Vin 24 VDC Brown 2 GNDin A4 Ground Green 3 48...

Page 21: ...evision Date Remarks Name Review 1 0 2020 06 15 First version WBU SSC 1 1 2020 11 18 Added chapter 7 WBU SSC The content of this document can change any time without announcement There is taken over n...

Reviews:

No comments

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands