Cryptoucan™ firmware CD
With abbreviations like CI/CD or buzzwords such as “devops” everywhere, we sat down and thought how we could leverage technologies like that for Cryptoucan™ development. It has turned out, we will probably use it – at least somehow – for most of the firmware and supporting software build processes. Read on to see how we started building our firmware this way.
CD stands for continuous delivery – and for us that means the ability to rapidly deploy firmware updates to all of our development and testing devices. As Cryptoucan™ is an offline device – i.e. it is not directly connected to any network as it communicates with the host system via USB[1] – we mainly need to build firmware images and deploy them to a shared folder on our internal storage.
As you already know[2], we are using a very specific chip with enhanced security features. It has many advantages for our design but it comes with a small drawback that we cannot compile the firmware using off-the-shelf compiler tool-chain. We need to use the tool-chain provided by the manufacturer of the chip[3].
In our version control system[4], we usually have quite a few new revisions every day. Some bring just a small tweaks yet some can bring huge code refactoring as we are nearing the completion of the final PCB[5] design that will be ready for mass production. As you can see in Picture 1 – our goal is to automate the compile and build process, ensure each build gets tested and if the tests pass, the final tagged firmware release is uploaded to our repository.
Picture 1: Our envisioned Cryptoucan™ continuous delivery pipeline.
Here at Trustica, we are using git[6] version control system with GitLab[7] as its web management interface. This setup serves us well for quite some time as it is nicely supported on all major operating systems and it is a really powerful tool combination for rapid application development[8].
The continuous delivery can be either plugged into this setup externally with for example Jenkins[9] or there is an officially supported gitlab-ci[10] module which supports the whole continuous integration / continuous delivery paradigm.
As can be seen in Picture 2 below, we have already implemented a crude pipeline where the firmware gets built using docker image of a supported Ubuntu[11] LTS[12] version and the compiler tool-chain provided by the chip manufacturer.
Picture 2: Successful build and upload of our firmware (without tests for now).
There is still a lot of work to do but even with this simple setup, we can quickly produce fresh builds of our firmware with the latest fixes and enhancements and test them immediately in the lab.
Thank you for following the Cryptoucan™ development with us and stay tuned to see more of it next week!
References
1. Wikipedia contributors. (2018, November 5). USB. In Wikipedia, The Free Encyclopedia. Retrieved 21:33, November 7, 2018, from https://en.wikipedia.org/w/index.php?title=USB&oldid=867473871
2. https://trustica.cz/en/2018/06/21/cryptoucan-development-a-look-under-the-hood/
3. Texas Instruments – http://www.ti.com/
4. Wikipedia contributors. (2018, October 20). Version control. In Wikipedia, The Free Encyclopedia. Retrieved 21:36, November 7, 2018, from https://en.wikipedia.org/w/index.php?title=Version_control&oldid=864866478
5. Wikipedia contributors. (2018, November 2). Printed circuit board. In Wikipedia, The Free Encyclopedia. Retrieved 21:37, November 7, 2018, from https://en.wikipedia.org/w/index.php?title=Printed_circuit_board&oldid=866894985
8. Wikipedia contributors. (2018, August 14). Rapid application development. In Wikipedia, The Free Encyclopedia. Retrieved 21:38, November 7, 2018, from https://en.wikipedia.org/w/index.php?title=Rapid_application_development&oldid=854860916
10. https://docs.gitlab.com/ee/ci/
12. Wikipedia contributors. (2018, October 12). Long-term support. In Wikipedia, The Free Encyclopedia. Retrieved 21:40, November 7, 2018, from https://en.wikipedia.org/w/index.php?title=Long-term_support&oldid=863730245