This folder contains an integration example for the Cypress CY8CKIT-064S0S2-4343W kit with Amazon-FreeRTOS & AWS IoT/Lambda.
It is an app with a simple console interface that allows you to generate a fault, heartbeat or trace and once data is available a secure connection is estabilished with the AWS IoT MQTT broker, all available chunks are published, then passed from AWS IoT to Lambda using an IoT rule and eventually posted to Memfault.
The demo app is tested on a CY8CKIT-064S0S2-4343W evaluation board with ModusToolbox 2.3.
In order to be able to do anything with your device it should be provisioned for secure boot as in the document, with one difference - use policy_multi_CM0_CM4_jitp.json, as this is the one actually used by the project to generate a firmware image. If you‘ll specify the default tfm policy, the board won’t be able to boot.
Here's an example of the provisioning steps:
# install the cysecuretools python tools ❯ pip install --update cysecuretools # change to the directory in the amazon-freertos tree where we run the provisioning ❯ cd vendors/cypress/MTB/psoc6/psoc64tfm/security # for our provisioning, we need to copy the device + root certs to specific locations ❯ mkdir -p certificates ❯ cp <path to where you downloaded the certs above>/<device id>-certificate.pem.crt certificates/device_cert.pem ❯ cp <path to where you downloaded the certs above>/AmazonRootCA1.pem certificates/rootCA.pem # init and provision the device (use 're-provision-device' on a previously provisioned board) ❯ cysecuretools --target CY8CKIT-064S0S2-4343W init ❯ cysecuretools --policy ./policy/policy_multi_CM0_CM4_jitp.json --target CY8CKIT-064S0S2-4343W provision-device
In demos/include/aws_clientcredential.h, you'll have to type in:
clientcredentialMQTT_BROKER_ENDPOINT - MQTT broker endpoint retrieved from awscli in the first steps in FreeRTOS document.clientcredentialIOT_THING_NAME - AWS IoT Thing name.clientcredentialMEMFAULT_PROJECT_KEY - Memfault project key, find it in the Memfault dashboard under “Settings”clientcredentialWIFI_SSID - Wifi SSID string.clientcredentialWIFI_PASSWORD - Wifi password.clientcredentialWIFI_SECURITY - Wifi security.You‘ll also have to generate the header file with your AWS IoT Thing certificate & private key. To do that, you’ll have to pass the files generated during Thing register process to tools/certificate_configuration/CertificateConfigurator.html and replace demos/include/aws_clientcredential_keys.h with the resulting file.
Clone the amazon-freertos repository, and add the sources + patch included in this example:
# clone the amazon-freertos repo at a known-working tag git clone https://github.com/aws/amazon-freertos.git -b 202107.00 ❯ cd amazon-freertos # add the memfault sdk- you can clone it directly, as below; # or add it as a submodule to the freertos repository; # or symlink from another location, per your preference ❯ git clone https://github.com/memfault/memfault-firmware-sdk.git \ libraries/3rdparty/memfault-firmware-sdk/ # apply the patch to integrate this example with amazon-freertos ❯ git apply \ libraries/3rdparty/memfault-firmware-sdk/examples/cypress/CY8CKIT-064S0S2-4343W/amazon-freertos.patch
Once the below steps are done, to build, run make build in the example directory:
❯ make -C \ libraries/3rdparty/memfault-firmware-sdk/examples/cypress/CY8CKIT-064S0S2-4343W/ build
To program the board, use make program (it might be necessary to press the “MODE SELECT” (SW3) button to switch the board to programming mode).
In order to be able to use Lambda with IoT, the user has to have permission to create roles and attach role policies. On top of that, we want two more actions to be available for the IAM user: lambda:AddPermission and iam:CreatePolicy. You can do it either using awscli or the IAM Management Console GUI - either way you‘ll have to attach the appropriate permissions policy to the IAM entity you’re using. Next, we need to setup an IoT trust role and policy.
Once that's done, you can use the same configuration here (this example publishes to the same MQTT topic as the Pinnacle 100 example):
Port stores coredumps, which include stack, data & bss sections, in flash memory between __MfltCoredumpsStart and __MfltCoredumpsEnd symbols. Demo implementation provides a 512-byte aligned 128kB region at the end of CM4 flash memory region, just behind the CM4 application signature.
To uniquely identify your firmware type, version & device in your Memfault dashboard, please also make sure to edit memfault_platform_port.c and fill all the related fields in memfault_platform_get_device_info.
Build the application using Build aws_demos Application, or do it directly from shell in the project directory by using make build.
Analogously to flash the device either use aws_demos Program (KitProg3) from ModusToolbox, or make program from shell. In order for it to work, please make sure that the KitProg connection is in CMSIS-DAP mode.
You can use the gdbserver/client integrated into ModusToolbox to debug the application by using aws_demos Debug (KitProg3) or make debug from shell.
Main function is in vendors/cypress/boards/CY8CKIT_064S0S2_4343W/aws_demos/application_code/main.c. MQTT communication for the application is implemented in mqtt_memfault_project/demo/memfault/mqtt_demo_memfault.c.
Demo overview:
CONNECT to MQTT broker is sent.prod/+/+/memfault/chunks topic.There should be two /dev/ttyACM devices available when the board is connected using the KitProg USB - one of them is the console. Connect to it using e.g. screen. Serial parameters are:
Baud rate: 115200 Data: 8 bit Parity: None Stop bits: 1 Flow control: None
The demo app's symbol file is located here:
build/cy/CY8CKIT-064S0S2-4343W/CY8CKIT_064S0S2_4343W/Debug/aws_demos.elf
Upload the symbol file either with the web UI or using the cli.
If you get a TLS error when trying to establish a connection to the IoT MQTT Broker saying that your certificate/key is incorrect, you might need to use a different IoT endpoint - try replacing the default address with: aws iot describe-endpoint --endpoint-type iot:Data-ATS.