Embedded Systems Academy

Embedded Systems Academy (EmSA), a leading provider of embedded software solutions for CAN
based industrial networks, is pleased to announce the release of its Micro CANopen libraries as
Open-CMSIS-Pack following the Common Microcontroller Software Interface Standard (CMSIS) by
Arm. This new integration enables developers to easily implement CANopen communication
protocols in their embedded systems.

Until now, these Micro CANopen libraries were already available as part of selected NXP
MCUXpresso Software Development Kits (SDKs). Along with NXP’s recent release of support for MS
Visual Studio Code, SDKs and third-party libraries are moving to Open-CMSIS-Packs, ensuring
compatibility with a wider range of development tools and microcontrollers. For more information on NXP’s step towards VS Code and Open-CMSIS-Packs, follow this link.

The Micro CANopen libraries from EmSA offer a minimalistic implementation of the CANopen and
CANopen FD communication protocols for I/O devices and basic managers/controllers. They are
designed to simplify the development process by providing a compact and efficient solution, saving
valuable time and resources for embedded system developers. Through the Open-CMSIS-Pack
format, developers can leverage the libraries seamlessly, further enhancing the efficiency and
reliability of their CANopen-enabled applications.

The published Micro CANopen libraries may be used at no license charge and are adequate to
implement basic I/O devices with a limited number of parameters or a controller with a limited
number of nodes to handle.

“We are excited to bring our Micro CANopen libraries to the Open-CMSIS-Pack ecosystem,” said Olaf
Pfeiffer, CEO of Embedded Systems Academy. “By making our libraries available as Open-CMSIS-
Packs, we aim to empower developers to effortlessly integrate CANopen or CANopen FD support
into their embedded projects.”

Developers can use any tool that supports Open-CMSIS-Packs to access these CANopen libraries such
as NXP MCUXpresso, Visual Studio Code, Arm Keil MDK and IAR Embedded Workbench. The libraries
are compatible with the latest Arm CMSIS releases and initial support covers several popular NXP
LPC and i.MX microcontroller derivatives.

The current beta release features the Micro CANopen release for selected NXP microcontrollers. Future releases will support NXP’s auto-configuration and more derivatives with CAN or CAN FD interfaces.

The current list of available releases is availabe at: www.keil.arm.com/vendors/emsa/packs

Earlier this year, EmSA inherited the CANopen IA product line from ESSolutions. The product line goes back about 20 years and at the time the products were based on the Philip’s XA architecture. The current products are using the NXP LPC11Cxx microcontrollers (ARM Cortex M0). Right from the beginning, EmSA provided the firmware and support software for these products making EmSA a natural candidate to continue this product line after ESSolutions discontinued their operation.

The base product is a small (31.5 x 20mm) 48pin module offering 7 configurable ports with 4 connectors each. Depending on the port number, a port can be configured to be:

• Digital input or output (4 signals)
• Remote access (serial UART, TTL)
• Internal analog input (4 times 8 or 10bit resolution)
• External analog input (4 times 12bit, I2C connected external)
• External analog output (4 times 12bit, I2C connected external)

At EmSA, we now continuously enhance the features of this product line. The latest firmware release V2.2 added remote access support to a host system via a serial TTL channel. This allows the module to be used as a CANopen communication processor in systems that can use a regular serial channel to communicate with the communication processor. A further enhancement added 8bit resolution access to the analog inputs (default use is 10bit resolution) now supporting a variety of CANopen joystick implementations.

An easy entry starter kit is now available, offering basic access to the functionality provided by the CANopen IA M0 module. All 48 pins of the module are made available on standard header rows, all marked with the matching pin names. For quick tests, switches and LEDs can be connected to any of those pins using jumper cables provided.

A CANopen FD version of the module is currently under development and scheduled for release early 2022.

For more information, see:
www.canopenia.com
www.canopenstore.eu

The latest release of the MCUXpresso Software Development Kit from NXP now also includes a free version of the EmSA’s Micro CANopen FD library. The library is available for various microcontrollers of the LPC54xxx and LPC55xxx families. Support for the i.MX RT family will be added later this year.

The CANopen FD libraries are separated by support for devices and managers. The examples implement a generic input and output device as well as a minimal manager and control application. The libraries are fully functional besides a limitation on the number of PDOs and node IDs supported. The licence allows developers to integrate these libraries into commercial projects.

For more details on the CANopen FD libraries in MCUXpresso SDK, watch the introductory video by NXP:

Our youtube playlist “MCUXpresso Middleware course” now features a total of nine videos, including some in-depth tutorial on how to use the CANopen and CANopen FD libraries of the MCUXpresso SDK.

For more information about our CANopen and CANopen FD libraries for NXP, visit our dedicated web page at www.em-sa.com/nxp

A few months back, EmSA’s CANopen and CANopen FD libraries and protocol stacks were integrated into NXP’s MCUXpresso SDK supporting multiple NXP microcontroller families, inlcuding the LPC54xxx family. That MCU family was chosen by PEAK Systemtechnik for a number of industrial input and output devices.

The newly released PCAN-MicroMod FD DR CANopen Digital 1 is the first of their industrial I/O device integrating both CANopen and CANopen FD within the same firmware. All essential settings of the DIN-Rail mountable device are made with turn dials: selection of CANopen or CANopen FD modes, bitrates and node id used.

Typical use cases include future proofing CANopen systems by already choosing CANopen FD capable devices and quickly adding generic I/O devices(s) to custom, embedded CANopen FD networks.

The device passed the official CiA CANopen conformance test. The CANopen FD test is pending.

For more information, see the PEAK product page.

NXP and EmSA are inviting you to the one hour seminar “Accelerate Development of Robust Network Communications with CANopen and CANopen FD” on Tuesday April 21st 2020. This webinar is a hands-on session about customized CANopen (FD) development on NXP MCUs.

In the hands-on part, we take the CANopen (FD) device/slave example included with the NXP MCUXpresso SDK and use the free CANopen Architect Mini software utility to modify and configure the CANopen (FD) communication of the device. Code modifications are made using the MCUXpresso SDK to support the custom generated CANopen (FD) object dictionary entries. Click here to register for this webinar.

The webinar requires some basic CANopen (FD) and MCUXpresso knowledge. See our courses at www.em-sa.com/video to learn the basics about these technologies.

February 24, 2020 – Embedded Systems Academy (EmSA) and NXP® Semiconductors announce the integration of the free-to-use EmSA Micro CANopen libraries into the NXP MCUXpresso Software Development Kit (SDK) for developing with NXP’s microcontrollers (MCU) and crossovers based on Arm® Cortex®-M.

For years, many MCUs have been equipped with the Controller Area Network (CAN) interfaces including CAN FD. These interfaces are optimized for embedded communication and make it easy to transmit and receive single messages.

“To take full advantage of the capabilities of such interfaces, middleware communication protocols are required,” says Olaf Pfeiffer, General Manager of EmSA. “One of the most
popular protocols for embedded CAN applications is CANopen, for which EmSA has delivered its Micro CANopen software for more than 20 years, and remains highly used among embedded developers.”

Free-to-use versions of EmSA’s Micro CANopen library are now fully integrated into the MCUXpresso SDK for a selection of NXP LPC MCUs and i.MX RT crossover MCUs.

“This integration further simplifies the process of prototyping and integrating sophisticated and reliable communication into embedded systems.” said Brendon Slade, director of MCU ecosystem for Edge Processing at NXP Semiconductors. “For most systems, the libraries can be used in production without further licensing.”

One of the first adopters is PEAK-System Technik: Their industrial I/O module PCAN-MicroMod FD is based on NXP’s LPC54000 MCU series and uses a variation o

f EmSA’s Micro CANopen libraries. “Using a proven CANopen (FD) protocol implementation for our I/O devices greatly reduced our development time and opens up additional use-cases for our customers.”, says Uwe Wilhelm, General Manager of PEAK-System Technik.

For more information about the NXP microcontrollers currently supported by EmSA’s free to use CANopen libraries and video tutorials, visit www.em-sa.com/nxp

About MCUXpresso SDK
Available in downloads based on user selections of MCU, evaluation board and optional software components, the MCUXpresso SDK merges customization and quality in a suite of production-grade runtime software. Complete with pre-integrated RTOS middleware, stacks and middleware, reference software, and MISRA-compliant drivers analyzed with Coverity® static analysis tools, it’s the ultimate software framework and reference solution for application development with NXP MCUs and crossover MCUs based on ARM® Cortex®-M cores.

About Embedded Systems Academy
Embedded Systems Academy (EmSA) is an NXP gold partner and has locations in Barsinghausen, Germany and San Jose, California. EmSA provides tools, training and services for planning, implementing, debugging, commissioning and testing of embedded networking technologies including CAN, CAN FD, CANopen, CANopen FD, CiA447, J1939 and others. EmSA’s tutors Olaf Pfeiffer, Christian Keydel and Andrew Ayre published two books about CAN, CANopen and security on CAN systems. They regularly publish related articles and papers for various international conferences.

Contact
Embedded Systems Academy GmbH
Olaf Pfeiffer
info@esacademy.de

Today, Embedded Systems Academy published the first release of a free CANcrypt FD implementation for the NXP LPC54618 microcon-troller. CANcrypt FD is a security middleware, providing authentication and encryption for CAN FD. It uses an 8-byte security record, embedded in the 64-byte data field of CAN FD frames. The cipher to use is configurable – the examples use SPECK-64, XTEA-64 and AES-128.

The base security mechanism in CANcrypt FD is a secure heartbeat that cyclically generates a dynamic, shared key among the grouped devices. The device address / ID has now 8 bits, up from 4. While still only up to 15 devices can actively participate in the key generation, another up to 239 devices can passively update their keys to transmit and receive secure messages.

A new feature is the active initial grouping cycle. Similar to the pairing process, this mode allows the automatic grouping of devices during a first-time power-up of the network. The devices participating in the grouping process generate/negotiate a group key that is then kept in local non-volatile memory.

For more details, see our article No excuses for not securing your CAN FD communication in the current September 2018 CAN Newsletter or download the CANcryptFD NXP LPC54618 example implementation including documentation.

Visit us in Nuremberg for the 28th international exhibition for Electric Automation, Systems and Components, the “sps ipc drives 2017”. The show is open from November 28th to 30th, 2017. Our software and solutions are shown on two displays at the NXP booth and the CiA (CAN in Automation) booth.

Our display at the NXP booth (Hall 10.1, Booth 325) focuses on CAN FD and security. The new features of CAN FD (bigger message frames, higher bit rate) are used to implement a more efficient and secure bootloader based on CANcrypt and AES based authentication and encryption. Join us for an informal lunch & learn session about CAN FD on Tuesday or Wednesday starting at noon (for about 45min) in the NXP on-site meeting room. Seats are limited, please register here to join.

Our display at the CiA booth (Hall 2, Booth 300) focuses on CANopen FD. A multi vendor demo setup shows one of the many new features available with CANopen FD: segmented broadcast. This transfer mode supports sharing data blocks (for example tables with data of drive acceleration ramps) instantly among multiple participants. In the demo, the data exchange is visualized using graphics, which are shared among multiple nodes.

Contact us, if you still need tickets for the event or if you would like to set an appointment to discuss your CAN FD / CANopen FD / CAN security requirements.

Today, the Embedded Systems Academy announces the availability of its secure CANcrypt CAN FD bootloader for the NXP LPC54618 microcontroller. The binary version is available as free download and may be used without limitations. For programming, the FlashMagic software (www.flashmagictool.com) and a PEAK PCAN-USB FD interface (www.peak-system.com) is required.

The security system is based on two symmetric keys, separating the code protection (happening at the manufacturer) from the download process done by a system integrator or service technician. The code file is AES-GCM (128-bit key) protected, offering both encryption and authentication. The local CAN FD connection (between service host and bootloader) is CANcrypt protected (128-bit key, authentication and partial encryption).

On the host side, the update process is fully integrated into the existing FlashMagic software that handles Flash programming for all NXP LPC microcontroller families.

The figure illustrates the components of the system. The bootloader and the initial two keys (code protection, connection) are programmed into the LPC54618 device in a trustworthy manufacturer environment.

For a code update, the manufacturer creates a secure update file based on the first, code protection key. The file is encrypted and can be passed to the service technician through an unsecured channel such as email or web download. FlashMagic includes a minimal CANcrypt configurator, allowing the technician to initiate the code update using the second, CANcrypt connection key.

The secure bootloader does not by default disable the on-chip bootloaders and debug access by SWD to ensure that the default implementation can not accidentally lock a device. However, if all of these recovery methods are disabled, either during production or through a programmed application, then the secure bootloader remains the only method for code updates. In this configuration, once the CANcrypt connection key is lost, no further updates will ever be possible.

In addition to this free binary loader, ESAcademy offers a commercial version including all sources. This version offers more configuration options, such as customizing the CAN-FD bit rates (default is 500kbps/2000kbps) and security methods.

The security experts at MathEmbedded are in the process of reviewing the project. Once completed, we will publish the results here.

Download link: LPC54618_secure_CANFD_bootloader_V100.zip

MD5: 28a896e17a9a57b938337095fbd35372
SHA256: eb6d22e9390e0d1a79f04a81f926bcd98d496dd65f03535298e1ebf050e4729c

Together with NXP, the Embedded Systems Academy implements a secure CAN FD bootloader based on the CANcrypt security protocols. The bootloader will be available to users of the LPC546xx as free download. It is a “secondary bootloader”, meaning that it only provides security for the added bootloading channel, in this case the CAN FD interface. Someone with physical access to the LPC546xx will always be able to use the primary, on-chip bootloader to re-flash the device with any code.

The security system of the bootloader uses two security levels, each based on a symmetric key (default 128bit, up to 1024bit optional).

1. On the CAN FD communication level, the CANcrypt protocol (www.cancrypt.eu) is used to ensure that only an authorized communication partner can activate the bootloader, erase the flash memory and send new code to the LPC546xx. The CANcrypt connection key used for this level is generated by the system builder or integrator that initially assembles the entire system.
2. On the file transfer level, the file containing the new code to be loaded is encrypted using an encryption and authentication method based on a code protection key that gets programmed into the LPC546xx at the same time when the bootloader is installed (typically at manufacturer end-of-line assembly and test).

Figure: Secure bootloader security levels

These two levels ensure a separation of the security features between manufacturer and system integrator/builder or service technician. Only an authorized technician will be able to connect his diagnostic device or software to the bootloader. But at this security level alone it will not be possible to generate authorized firmware, that requires an additional key only known to the manufacturer.

If you want to learn more about this bootloader, register now for the webinar (Thursday, June 29, 5:00 PM – 6:00 PM CEST) on the NXP website at: http://www.nxp.com/support/training-events/online-academy/lpc54000-series-online-training:LPC54000-Series-Online-Training

The version for free download is a binary only and will use a pre-selected cipher algorithms, fixed default configuration for parameters like CAN FD bit rates, CAN IDs and timings and timeouts used. The full source code is available from Embedded Systems Academy, giving users full control over all configurations and cipher algorithms used.