SlideShare a Scribd company logo

ELC 2016 - I2C hacking demystified

I
Igor Stoppa
1 of 45
Download to read offline
I2C Hacking Demystified ELC North America 2016 Open IoT Summit 2016 Igor Stoppa
Creating, debugging and operating a custom I2C peripheral.
All product and company names are trademarksTM or registered® trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them. Disclaimer Third Parties
Overview •Typical applications •Introduction to the I2C bus •Custom slaves - why and how •Master •Debugging methodology and tools •Example: steering a 4WD drone. •Ideas for advanced bus configurations •Recap •Q/A
Typical Applications ● Interfacing with relatively slow peripherals. Ex: sensors, mechanical actuators. ● Controlling “fast” peripherals, that use other channels for exchanging data. Ex: codecs. ● In a PC, linux usually interacts over I2C with: ○ temperature and battery voltage meters; ○ fan speed controllers; ○ audio codecs. ● Multiple bus controllers, each at different speeds.
Overview •Typical applications •Introduction to the I2C bus •Custom slaves - why and how •Master •Debugging methodology and tools •Example: steering a 4WD drone. •Ideas for advanced bus configurations •Recap •Q/A
Introduction to the I2C Bus ● Serial bus: http://www.i2c-bus.org/ http://www.robot-electronics.co.uk/i2c-tutorial ● Only 2 lines: Serial CLock and Serial DAta (plus ground). ● 4 speeds: 100kHz, 400kHz, 1MHz, 3.2MHz. ● Typically, 1 master device and 1 or more slaves. ● Communications are always initiated by a master device. ● Multiple masters can co-exist on the same bus (multi-master). ● Open-Drain: both SDA and SCL need pull-up resistors. ● Typically 7-bit addressing, but also 10 bit is supported. ● Logical protocol: actual voltage levels are not specified and depend on individual implementations (Ex: 1.8V, 3.3V, 5.0V).
SCL - Serial CLock SDA - Serial DAta ACK Stop Bit Start Bit R/W Bit
Example of bus configuration SDA SCL Master SDA SCL Slave 1 SDA SCL Slave 2 PullUp PullUp Vdd1 Bi-Directional Level Shifter PullUp PullUp Vdd2 SDA1 SCL1 V1 SDA2 SCL2 V2 SDA SCL Slave 3 Open Drain Control Gate Source
Overview •Typical applications •Introduction to the I2C bus •Custom slaves - why and how •Master •Debugging methodology and tools •Example: steering a 4WD drone. •Ideas for advanced bus configurations •Recap •Q/A
Custom Slaves Why creating a custom I2C slave? ● Desired sensor/actuator unavailable with I2C interface. ● Less unique addresses available than slaves needed. ● Desired custom functionality on the slave: ○ Semi-autonomous reactions to stimuli. ○ Filtering/preprocessing input data. ○ Power optimization: custom “sensor hub” does the housekeeping while the main processor is idle. ○ Realtime response to inputs. ○ [your imagination here]
How to design a custom I2C slave? ● Define requirements (see previous slide). ● Choose microcontroller or microprocessor. ● Choose Scheduler or Operating System (if any). ● Define communication sub-protocol: ○ Define parameters and commands to be exchanged. ○ Organize them into “registers” and choose a free address. Custom Slaves
Overview •Typical applications •Introduction to the I2C bus •Custom slaves - why and how •Master •Debugging methodology and tools •Example: steering a 4WD drone. •Ideas for advanced bus configurations •Recap •Q/A
Key design criteria: ● Weight/Dimensions. ● Required computational power and average latency. ○ PC-like device ○ Embedded device, typically headless. ● Preferred programming language: interpreted vs compiled. ● Availability of busses/gpios for driving the slave(s): ○ GPIOs only: bitbang the protocol ○ I2C: user-space application vs kernel driver. ○ No GPIOs/I2C interfaces available: USB to I2C adapter. Design of the I2C Master
Overview •Typical applications •Introduction to the I2C bus •Custom slaves - why and how •Master •Debugging methodology and tools •Example: steering a 4WD drone. •Ideas for advanced bus configurations •Recap •Q/A
● Take direct control of the bus with an ad-hoc device. Examples: ○ Bus Pirate (useful also for other busses) ○ USB to I2C Master adapter, also based on the FTDI FT232R chip. ○ Custom device (could be a separate project). ● Snoop the bus with a logic analyzer or a scope/advanced meter. Examples: ○ sigrok/pulseview with compatible logic analyzer ○ 2-channels standalone scope/meter ● Use slave-specific In Circuit Debugger/In Circuit Emulator: Example: ○ AVR Dragon for AVR chips (Arduino UNO, Nano, Mini, MiniPro) Debugging: Divide and Conquer.
Bus Pirate ● Primarily for development purposes. ● Can both sniff the bus and drive it. ● Console interface over serial (ttyACM) port, including macros, or programmatic access for several programming languages. ● Built-in pullup resistors and voltage sources (5V / 3.3V) ● Supports many other protocols. http://dangerousprototypes.com/docs/Bus_Pirate https://en.wikipedia.org/wiki/Bus_Pirate
USB to I2C adapter ● Small footprint. ● Suitable for permanent installations. ● No need for special connections on the host: it can be used to interface with a typical PC. ● Variant available that is also SPI-capable. ● No console interface, only serial binary protocol. ● Requires protocol wrapper. http://www.robot-electronics.co.uk/htm/usb_i2c_tech.htm
sigrok/pulseview ● De-facto standard for PC-driven measurements on linux (but available on other OSes too). ● Support for vast range of logic analyzers, scopes and meters. ● Various protocol decoders, including I2C. ● Useful for visualizing the logical signals and debugging protocol errors. ● Even very low end, inexpensive HW can provide a whole new dimension to debugging. https://sigrok.org https://sigrok.org/wiki/PulseView https://sigrok.org/wiki/Supported_hardware
Overview •Typical applications •Introduction to the I2C bus •Custom slaves - why and how •Master •Debugging methodology and tools •Example: steering a 4WD drone. •Improvement Ideas •Recap •Q/A
Bus configuration SDA SCL Master @5V SDA SCL Slave 1 @5V PullUp PullUp 5V Bi-Directional Level Shifter PullUp PullUp 3.3V SDA1 SCL1 V1 SDA2 SCL2 V2 SDA SCL Master @3.3V SDA SCL Slave 2 @5V Configuration with Alternative Master @3.3V
How to design a custom I2C slave? ● Define requirements. ● Choose microcontroller or microprocessor. ● Choose Scheduler or Operating System (if any). ● Define communication sub-protocol: ○ Define parameters and commands to be exchanged. ○ Organize them into “registers” and choose a free address. Custom Slaves
Example: Steering a 4WD Drone The I2C slave: ● Controls the amount of torque applied to each wheel. ● Controls the direction each wheel spins. ● Measures the rotation speed of each wheel through an optical encoder (Odometer). ● Exposes the parameters above to the I2C Master. Wheel Slave uC Odometer Motor x4 I2C Bus Master
How to design a custom I2C slave? ● Define requirements (see previous slide). ● Choose microcontroller or microprocessor. ● Choose Scheduler or Operating System (if any). ● Define communication sub-protocol: ○ Define parameters and commands to be exchanged. ○ Organize them into “registers” and choose a free address. Custom Slaves
Selecting the Slave: Arduino Mini Pro (AVR328P) ● Enough pins/functions to provide for each wheel: ○ 1 PWM output with independent configuration of the duty-cycle. ○ 2 GPIOs for selecting: Forward, Reverse, Idle, Lock ○ 1 GPIO for registering odometer input as IRQ. ● I2C HW block for interrupt-driven i2c exchanges. ● Dedicated pins for SPI-based programming. ● Small footprint. ● Low Cost. ● The clone represented in the picture has layout optimized for DIL socket mounting. https://www.arduino.cc/en/Main/ArduinoBoardProMini
Slave-specific ICD: AVR Dragon ● Supports various programming modes, included SPI programming, through AVRDude. ● Doesn’t interfere with normal AVR operations, so it can be left plugged into the system. ● After enabling debugWire interface, it allows configuring HW/SW breakpoints, by a dedicated backend for gdb/ddd. http://www.atmel.com/webdoc/avrdragon/ http://www.nongnu.org/avrdude/ http://www.larsen-b.com/Article/315.html
How to design a custom I2C slave? ● Define requirements (see previous slide). ● Choose microcontroller or microprocessor. ● Choose Scheduler or Operating System (if any). ● Define communication sub-protocol: ○ Define parameters and commands to be exchanged. ○ Organize them into “registers” and choose a free address. Custom Slaves
Selecting the OS: ChibiOS ● RTOS: preemption, tasks, semaphores, dynamic system tic, etc. ● Small footprint: link only used code/data. ● Distinction between RTOS and BSP through HAL. ● GPLv3 for non-commercial use. ● Actively developed, but already mature. However it had limited BSP support for AVR, lack of: ● interrupts driver for AVR GPIOs (added). ● I2C support for AVR slave mode (custom). http://www.chibios.org/dokuwiki/doku.php https://github.com/igor-stoppa/ChibiOS/tree/car/
How to design a custom I2C slave? ● Define requirements (see previous slide). ● Choose microcontroller or microprocessor. ● Choose Scheduler or Operating System (if any). ● Define communication sub-protocol: ○ Define parameters and commands to be exchanged. ○ Organize them into “registers” and choose a free address. Custom Slaves
For each wheel: ● Duty Cycle of the PWM signal used to drive it - 1 byte. 0xFF = max torque / 0x00 = no torque. ● Direction of rotation - 1 byte. 0x00 = idle / 0x01 = reverse / 0x02 = forward / 0x03 = locked ● Average period in between slots of the optical encoder - 2 bytes. Writing anything resets the measurement. Communication Parameters - 1
● Parameter Index - 1 nibble: ○ 0 = Duty Cycle ○ 1 = Direction ○ 2 = Average Period ● Wheel indexes - 1 nibble: ○ 0 = Left Rear ○ 1 = Right Rear ○ 2 = Right Front ○ 3 = Left Front ○ 4 = All Communication Parameters - 2
How to design a custom I2C slave? ● Define requirements (see previous slide). ● Choose microcontroller or microprocessor. ● Choose Scheduler or Operating System (if any). ● Define communication sub-protocol: ○ Define parameters and commands to be exchanged. ○ Organize them into “registers” and choose a free address. Custom Slaves
Register format: 0xαβ ● α = Parameter Index ● β = Wheel Index Address: 0x10 Bus Pirate format: [ = start bit ] = end bit r = read byte address times 2, for R/W bit Sub-Protocol: registers Example - in Bus Pirate Format: [ i2c_addr reg_addr=(parm,wheel) reg_value] [0x20 0x20 0x02] Left Rear Forward [0x20 0x21 0x01] Right Rear Backward [0x20 0x22 0x01] Right Front Backward [0x20 0x23 0x02] Left Front Forward [0x20 0x14 0xFF] Wheels set to max torque The car spins clockwise.
Key design criteria: ● Weight/Dimensions: must fit on the drone. ● Required computational power and average latency ○ Embedded device, it can provide enough computational power. ● Availability of busses/gpios for driving the slave(s): ○ Native I2C available on most candidates ○ user-space application is sufficient: no requirement for extremely low latency, might change later on ● Preferred programming language: interpreted vs compiled. Design of the I2C Master
● x86-64 ● Built-in connectivity: ○ Wifi ○ Bluetooth ○ OTG - Ethernet over USB ○ Serial Console ● I2C available through add-on breakout board, normally @3. 3V, here hacked @5V Master: Intel Edison
5V Mod for Sparkfun I2C Breakout Can accept 5V Removed Pull-UP resistors Disconnected internal voltage regulators Purpose: make the I2C breakout open drain, 5V compatible
Official Edison distro (based on Poky/OE) https: //software.intel.com/en-us/iot/hardware/edison/downloads Ubilinux (Debian port) http://www.emutexlabs.com/ubilinux Ostro Project https://download.ostroproject.org/builds/ostro-os/latest/images/edison/ OS: Linux Flavors
From Bus Pirate to Python Example - Python with libmraa: #!/usr/bin/python import mraa x = mraa.I2c(1) # Select the correct I2C bus x.address(0x10) # The library does the shift x.writeReg(0x20, 0x02) # Left Rear Forward x.writeReg(0x21, 0x01) # Right Rear Forward x.writeReg(0x22, 0x01) # Right Front Forward x.writeReg(0x23, 0x02) # Left Front Forward x.writeReg(0x14, 0xFF) # Wheels: max torque The car spins clockwise. Example - in Bus Pirate Format: [ i2c_addr reg_addr=(parm,wheel) reg_value] [0x20 0x20 0x02] Left Rear Forward [0x20 0x21 0x01] Right Rear Backward [0x20 0x22 0x01] Right Front Backward [0x20 0x23 0x02] Left Front Forward [0x20 0x14 0xFF] Wheels: max torque The car spins clockwise. Note: Bus Pirate simply dumps data on the bus, so the address 0x10 must be shifted left because of the R/W bit.
Alternative Master: BeagleBone Black ● Cortex A8 ● Built-in connectivity: ○ Ethernet ○ Ethernet-over-USB ○ Serial Console ● I2C available through standard connector, open drain, compatible with @3.3V https://beagleboard.org/black
From Bus Pirate to C Example - C with i2c library: #!/usr/bin/python import mraa x = mraa.I2c(1) # Select the correct I2C bus x.address(0x10) # The library does the shift x.writeReg(0x20, 0x02) # Left Rear Forward x.writeReg(0x21, 0x01) # Right Rear Forward x.writeReg(0x22, 0x01) # Right Front Forward x.writeReg(0x23, 0x02) # Left Front Forward x.writeReg(0x14, 0xFF) # Wheels: max torque The car spins clockwise. Example - in Bus Pirate Format: [ i2c_addr reg_addr=(parm,wheel) reg_value] [0x20 0x20 0x02] Left Rear Forward [0x20 0x21 0x01] Right Rear Backward [0x20 0x22 0x01] Right Front Backward [0x20 0x23 0x02] Left Front Forward [0x20 0x14 0xFF] Wheels: max torque The car spins clockwise. Note: Bus Pirate simply dumps data on the bus, so the address 0x10 must be shifted left because of the R/W bit.
Overview •Typical applications •Introduction to the I2C bus •Custom slaves - why and how •Master •Debugging methodology and tools •Example: steering a 4WD drone. •Ideas for advanced bus configurations •Recap •Q/A
● Add multi-master support ○ The current implementation is efficient wrt Slave time because it is event-driven and there is action happens only as result of an IRQ firing (no polling). ○ The Master, however, is polling the slave and polling is never a particularly good idea: ■ poll too often and it will overload the system ■ poll too seldom and important events might escape the window-of-opportunity ● Add arbitrary capability to R/W memory areas over I2C ○ live debugging of the I2C Slave. ○ Useful for memory mapped peripherals. ○ Could be used in conjunction with the memory map & linker scripting. Ideas for improvement
Overview •Typical applications •Introduction to the I2C bus •Custom slaves - why and how •Master •Debugging methodology and tools •Example: steering a 4WD drone. •Ideas for advanced bus configurations •Recap •Q/A
Questions?
Thank you!

Recommended

ATmega 16
ATmega 16ATmega 16
ATmega 16Rahul Singh
 
Do you know what your digital pins are "really" saying
Do you know what your digital pins are "really" sayingDo you know what your digital pins are "really" saying
Do you know what your digital pins are "really" sayingLeroy Levin
 
Pic full note
Pic full notePic full note
Pic full noteMount zion college of engineering for Women
 
PIC Microcontroller
PIC MicrocontrollerPIC Microcontroller
PIC MicrocontrollerDivya Bansal
 
PIC 16F877 micro controller by Gaurav raikar
PIC 16F877 micro controller by Gaurav raikarPIC 16F877 micro controller by Gaurav raikar
PIC 16F877 micro controller by Gaurav raikarGauravRaikar3
 
CodeWarrior, Linux; OrCad and Hyperlynx; QMS Tools
CodeWarrior, Linux; OrCad and Hyperlynx; QMS ToolsCodeWarrior, Linux; OrCad and Hyperlynx; QMS Tools
CodeWarrior, Linux; OrCad and Hyperlynx; QMS Toolsdjerrybellott
 
FRDM-KL46Z_Hands-On_Presentation_v02
FRDM-KL46Z_Hands-On_Presentation_v02FRDM-KL46Z_Hands-On_Presentation_v02
FRDM-KL46Z_Hands-On_Presentation_v02Libor GECNUK
 
Atmega 32
Atmega 32Atmega 32
Atmega 32LITS IT Ltd,LASRC.SPACE,SAWDAGOR BD,FREELANCE BD,iREV,BD LAW ACADEMY,SMART AVI,HEA,HFSAC LTD.
 

Recommended

ATmega 16
ATmega 16ATmega 16
ATmega 16Rahul Singh
 
Do you know what your digital pins are "really" saying
Do you know what your digital pins are "really" sayingDo you know what your digital pins are "really" saying
Do you know what your digital pins are "really" sayingLeroy Levin
 
Pic full note
Pic full notePic full note
Pic full noteMount zion college of engineering for Women
 
PIC Microcontroller
PIC MicrocontrollerPIC Microcontroller
PIC MicrocontrollerDivya Bansal
 
PIC 16F877 micro controller by Gaurav raikar
PIC 16F877 micro controller by Gaurav raikarPIC 16F877 micro controller by Gaurav raikar
PIC 16F877 micro controller by Gaurav raikarGauravRaikar3
 
CodeWarrior, Linux; OrCad and Hyperlynx; QMS Tools
CodeWarrior, Linux; OrCad and Hyperlynx; QMS ToolsCodeWarrior, Linux; OrCad and Hyperlynx; QMS Tools
CodeWarrior, Linux; OrCad and Hyperlynx; QMS Toolsdjerrybellott
 
FRDM-KL46Z_Hands-On_Presentation_v02
FRDM-KL46Z_Hands-On_Presentation_v02FRDM-KL46Z_Hands-On_Presentation_v02
FRDM-KL46Z_Hands-On_Presentation_v02Libor GECNUK
 
Atmega 32
Atmega 32Atmega 32
Atmega 32LITS IT Ltd,LASRC.SPACE,SAWDAGOR BD,FREELANCE BD,iREV,BD LAW ACADEMY,SMART AVI,HEA,HFSAC LTD.
 
A tmega16A Microcontroller Data Sheet
A tmega16A Microcontroller Data SheetA tmega16A Microcontroller Data Sheet
A tmega16A Microcontroller Data SheetMicrotech Solutions
 
Avr introduction
Avr introductionAvr introduction
Avr introductionAnant Shrivastava
 
Atmega32
Atmega32Atmega32
Atmega32Phong Hồ Quang Phong
 
Introduction to pic microcontroller
Introduction to pic microcontrollerIntroduction to pic microcontroller
Introduction to pic microcontrollerSiva Kumar
 
Lpc1769 68 67_66_65_64
Lpc1769 68 67_66_65_64Lpc1769 68 67_66_65_64
Lpc1769 68 67_66_65_64trowftd
 
8051-microcontroller
8051-microcontroller8051-microcontroller
8051-microcontrollerjhcid
 
Advance Microcontroller AVR
Advance Microcontroller AVRAdvance Microcontroller AVR
Advance Microcontroller AVRDaksh Raj Chopra
 
Features of ATMEL microcontrollers
Features of ATMEL microcontrollersFeatures of ATMEL microcontrollers
Features of ATMEL microcontrollersSuraj Shandilya
 
Applications of 8051 microcontrollers
Applications of 8051 microcontrollersApplications of 8051 microcontrollers
Applications of 8051 microcontrollersDr.YNM
 
Atmel and pic microcontroller
Atmel and pic microcontrollerAtmel and pic microcontroller
Atmel and pic microcontrollerTearsome Llantada
 
Microcontroller project111
Microcontroller project111Microcontroller project111
Microcontroller project111Dinesh Devireddy
 
Introduction to msp430
Introduction to msp430Introduction to msp430
Introduction to msp430Harsha herle
 
FRDM-KL46Z_Hands-On_Lab0123_v02
FRDM-KL46Z_Hands-On_Lab0123_v02FRDM-KL46Z_Hands-On_Lab0123_v02
FRDM-KL46Z_Hands-On_Lab0123_v02Libor GECNUK
 
Embedded systems design @ defcon 2015
Embedded systems design @ defcon 2015Embedded systems design @ defcon 2015
Embedded systems design @ defcon 2015Rodrigo Almeida
 
Intel galileo gen 2
Intel galileo gen 2Intel galileo gen 2
Intel galileo gen 2srknec
 
Tutorial on avr atmega8 microcontroller, architecture and its applications
Tutorial on avr atmega8 microcontroller, architecture and its applicationsTutorial on avr atmega8 microcontroller, architecture and its applications
Tutorial on avr atmega8 microcontroller, architecture and its applicationsEdgefxkits & Solutions
 
Embedded systems development Defcon 19
Embedded systems development Defcon 19Embedded systems development Defcon 19
Embedded systems development Defcon 19Rodrigo Almeida
 
dsPIC33FJ06GSXXX DSCs
dsPIC33FJ06GSXXX DSCsdsPIC33FJ06GSXXX DSCs
dsPIC33FJ06GSXXX DSCsPremier Farnell
 
Atmega16 Microconntroller Data sheet
Atmega16 Microconntroller Data sheetAtmega16 Microconntroller Data sheet
Atmega16 Microconntroller Data sheetMicrotech Solutions
 
Swine Flu (H1 N1) Yusuf Yasin Kumbul
Swine Flu (H1 N1) Yusuf Yasin KumbulSwine Flu (H1 N1) Yusuf Yasin Kumbul
Swine Flu (H1 N1) Yusuf Yasin KumbulYusuf Yasin Kumbul
 
Open_IoT_Summit-Europe-2016-Building_an_IoT-class_Device_0
Open_IoT_Summit-Europe-2016-Building_an_IoT-class_Device_0Open_IoT_Summit-Europe-2016-Building_an_IoT-class_Device_0
Open_IoT_Summit-Europe-2016-Building_an_IoT-class_Device_0Igor Stoppa
 
Mobile application development
Mobile application developmentMobile application development
Mobile application developmentSameera Rukshan
 

More Related Content

What's hot

A tmega16A Microcontroller Data Sheet
A tmega16A Microcontroller Data SheetA tmega16A Microcontroller Data Sheet
A tmega16A Microcontroller Data SheetMicrotech Solutions
 
Introduction to pic microcontroller
Introduction to pic microcontrollerIntroduction to pic microcontroller
Introduction to pic microcontrollerSiva Kumar
 
Lpc1769 68 67_66_65_64
Lpc1769 68 67_66_65_64Lpc1769 68 67_66_65_64
Lpc1769 68 67_66_65_64trowftd
 
8051-microcontroller
8051-microcontroller8051-microcontroller
8051-microcontrollerjhcid
 
Advance Microcontroller AVR
Advance Microcontroller AVRAdvance Microcontroller AVR
Advance Microcontroller AVRDaksh Raj Chopra
 
Features of ATMEL microcontrollers
Features of ATMEL microcontrollersFeatures of ATMEL microcontrollers
Features of ATMEL microcontrollersSuraj Shandilya
 
Applications of 8051 microcontrollers
Applications of 8051 microcontrollersApplications of 8051 microcontrollers
Applications of 8051 microcontrollersDr.YNM
 
Atmel and pic microcontroller
Atmel and pic microcontrollerAtmel and pic microcontroller
Atmel and pic microcontrollerTearsome Llantada
 
Microcontroller project111
Microcontroller project111Microcontroller project111
Microcontroller project111Dinesh Devireddy
 
Introduction to msp430
Introduction to msp430Introduction to msp430
Introduction to msp430Harsha herle
 
FRDM-KL46Z_Hands-On_Lab0123_v02
FRDM-KL46Z_Hands-On_Lab0123_v02FRDM-KL46Z_Hands-On_Lab0123_v02
FRDM-KL46Z_Hands-On_Lab0123_v02Libor GECNUK
 
Embedded systems design @ defcon 2015
Embedded systems design @ defcon 2015Embedded systems design @ defcon 2015
Embedded systems design @ defcon 2015Rodrigo Almeida
 
Intel galileo gen 2
Intel galileo gen 2Intel galileo gen 2
Intel galileo gen 2srknec
 
Tutorial on avr atmega8 microcontroller, architecture and its applications
Tutorial on avr atmega8 microcontroller, architecture and its applicationsTutorial on avr atmega8 microcontroller, architecture and its applications
Tutorial on avr atmega8 microcontroller, architecture and its applicationsEdgefxkits & Solutions
 
Embedded systems development Defcon 19
Embedded systems development Defcon 19Embedded systems development Defcon 19
Embedded systems development Defcon 19Rodrigo Almeida
 
Atmega16 Microconntroller Data sheet
Atmega16 Microconntroller Data sheetAtmega16 Microconntroller Data sheet
Atmega16 Microconntroller Data sheetMicrotech Solutions
 

What's hot (19)

A tmega16A Microcontroller Data Sheet
A tmega16A Microcontroller Data SheetA tmega16A Microcontroller Data Sheet
A tmega16A Microcontroller Data Sheet
 
Avr introduction
Avr introductionAvr introduction
Avr introduction
 
Atmega32
Atmega32Atmega32
Atmega32
 
Introduction to pic microcontroller
Introduction to pic microcontrollerIntroduction to pic microcontroller
Introduction to pic microcontroller
 
Lpc1769 68 67_66_65_64
Lpc1769 68 67_66_65_64Lpc1769 68 67_66_65_64
Lpc1769 68 67_66_65_64
 
8051-microcontroller
8051-microcontroller8051-microcontroller
8051-microcontroller
 
Advance Microcontroller AVR
Advance Microcontroller AVRAdvance Microcontroller AVR
Advance Microcontroller AVR
 
Features of ATMEL microcontrollers
Features of ATMEL microcontrollersFeatures of ATMEL microcontrollers
Features of ATMEL microcontrollers
 
Applications of 8051 microcontrollers
Applications of 8051 microcontrollersApplications of 8051 microcontrollers
Applications of 8051 microcontrollers
 
Atmel and pic microcontroller
Atmel and pic microcontrollerAtmel and pic microcontroller
Atmel and pic microcontroller
 
Microcontroller project111
Microcontroller project111Microcontroller project111
Microcontroller project111
 
Introduction to msp430
Introduction to msp430Introduction to msp430
Introduction to msp430
 
FRDM-KL46Z_Hands-On_Lab0123_v02
FRDM-KL46Z_Hands-On_Lab0123_v02FRDM-KL46Z_Hands-On_Lab0123_v02
FRDM-KL46Z_Hands-On_Lab0123_v02
 
Embedded systems design @ defcon 2015
Embedded systems design @ defcon 2015Embedded systems design @ defcon 2015
Embedded systems design @ defcon 2015
 
Intel galileo gen 2
Intel galileo gen 2Intel galileo gen 2
Intel galileo gen 2
 
Tutorial on avr atmega8 microcontroller, architecture and its applications
Tutorial on avr atmega8 microcontroller, architecture and its applicationsTutorial on avr atmega8 microcontroller, architecture and its applications
Tutorial on avr atmega8 microcontroller, architecture and its applications
 
Embedded systems development Defcon 19
Embedded systems development Defcon 19Embedded systems development Defcon 19
Embedded systems development Defcon 19
 
dsPIC33FJ06GSXXX DSCs
dsPIC33FJ06GSXXX DSCsdsPIC33FJ06GSXXX DSCs
dsPIC33FJ06GSXXX DSCs
 
Atmega16 Microconntroller Data sheet
Atmega16 Microconntroller Data sheetAtmega16 Microconntroller Data sheet
Atmega16 Microconntroller Data sheet
 

Viewers also liked

Swine Flu (H1 N1) Yusuf Yasin Kumbul
Swine Flu (H1 N1) Yusuf Yasin KumbulSwine Flu (H1 N1) Yusuf Yasin Kumbul
Swine Flu (H1 N1) Yusuf Yasin KumbulYusuf Yasin Kumbul
 
Open_IoT_Summit-Europe-2016-Building_an_IoT-class_Device_0
Open_IoT_Summit-Europe-2016-Building_an_IoT-class_Device_0Open_IoT_Summit-Europe-2016-Building_an_IoT-class_Device_0
Open_IoT_Summit-Europe-2016-Building_an_IoT-class_Device_0Igor Stoppa
 
Mobile application development
Mobile application developmentMobile application development
Mobile application developmentSameera Rukshan
 
Inicios de la fotografia digital
Inicios de la fotografia digitalInicios de la fotografia digital
Inicios de la fotografia digitalfamilia
 
International Management Of Disaster
International Management Of DisasterInternational Management Of Disaster
International Management Of Disasterumarawkum
 
CAMBRIDGE AS HISTORY REVISION - AGE OF UNCERTAINTY: 2.1 THE PEACE SETTLEMENTS...
CAMBRIDGE AS HISTORY REVISION - AGE OF UNCERTAINTY: 2.1 THE PEACE SETTLEMENTS...CAMBRIDGE AS HISTORY REVISION - AGE OF UNCERTAINTY: 2.1 THE PEACE SETTLEMENTS...
CAMBRIDGE AS HISTORY REVISION - AGE OF UNCERTAINTY: 2.1 THE PEACE SETTLEMENTS...George Dumitrache
 
Estatura abaixo alvo genético diagnóstico clínico laboratorial instrumental e...
Estatura abaixo alvo genético diagnóstico clínico laboratorial instrumental e...Estatura abaixo alvo genético diagnóstico clínico laboratorial instrumental e...
Estatura abaixo alvo genético diagnóstico clínico laboratorial instrumental e...Van Der Häägen Brazil
 
CLIA Compliance
CLIA ComplianceCLIA Compliance
CLIA ComplianceNFMBAHCM
 
Quality Of Life of Elderly in India
Quality Of Life of Elderly in IndiaQuality Of Life of Elderly in India
Quality Of Life of Elderly in Indiaiosrjce
 
Disaster management ppt
Disaster management pptDisaster management ppt
Disaster management pptMeely Panda
 

Viewers also liked (19)

Swine Flu (H1 N1) Yusuf Yasin Kumbul
Swine Flu (H1 N1) Yusuf Yasin KumbulSwine Flu (H1 N1) Yusuf Yasin Kumbul
Swine Flu (H1 N1) Yusuf Yasin Kumbul
 
Open_IoT_Summit-Europe-2016-Building_an_IoT-class_Device_0
Open_IoT_Summit-Europe-2016-Building_an_IoT-class_Device_0Open_IoT_Summit-Europe-2016-Building_an_IoT-class_Device_0
Open_IoT_Summit-Europe-2016-Building_an_IoT-class_Device_0
 
Mobile application development
Mobile application developmentMobile application development
Mobile application development
 
paaaaaaa
paaaaaaapaaaaaaa
paaaaaaa
 
Inicios de la fotografia digital
Inicios de la fotografia digitalInicios de la fotografia digital
Inicios de la fotografia digital
 
International Management Of Disaster
International Management Of DisasterInternational Management Of Disaster
International Management Of Disaster
 
CAMBRIDGE AS HISTORY REVISION - AGE OF UNCERTAINTY: 2.1 THE PEACE SETTLEMENTS...
CAMBRIDGE AS HISTORY REVISION - AGE OF UNCERTAINTY: 2.1 THE PEACE SETTLEMENTS...CAMBRIDGE AS HISTORY REVISION - AGE OF UNCERTAINTY: 2.1 THE PEACE SETTLEMENTS...
CAMBRIDGE AS HISTORY REVISION - AGE OF UNCERTAINTY: 2.1 THE PEACE SETTLEMENTS...
 
Cv aline moraes
Cv aline moraesCv aline moraes
Cv aline moraes
 
Estatura abaixo alvo genético diagnóstico clínico laboratorial instrumental e...
Estatura abaixo alvo genético diagnóstico clínico laboratorial instrumental e...Estatura abaixo alvo genético diagnóstico clínico laboratorial instrumental e...
Estatura abaixo alvo genético diagnóstico clínico laboratorial instrumental e...
 
Ilustración neogranadina
Ilustración neogranadinaIlustración neogranadina
Ilustración neogranadina
 
Nacp iv ppt
Nacp iv pptNacp iv ppt
Nacp iv ppt
 
CLIA Compliance
CLIA ComplianceCLIA Compliance
CLIA Compliance
 
Diabetes Melitus Tipo II
Diabetes Melitus Tipo IIDiabetes Melitus Tipo II
Diabetes Melitus Tipo II
 
Quality Of Life of Elderly in India
Quality Of Life of Elderly in IndiaQuality Of Life of Elderly in India
Quality Of Life of Elderly in India
 
Receptores tipo toll y obesidad
Receptores tipo toll y obesidadReceptores tipo toll y obesidad
Receptores tipo toll y obesidad
 
Disaster management ppt
Disaster management pptDisaster management ppt
Disaster management ppt
 
English word stress
English word stressEnglish word stress
English word stress
 
Strychnine nux vomica
Strychnine nux vomicaStrychnine nux vomica
Strychnine nux vomica
 
SAAD C.V
SAAD C.VSAAD C.V
SAAD C.V
 

Similar to ELC 2016 - I2C hacking demystified

Multipilot pres-ufficiale def
Multipilot pres-ufficiale defMultipilot pres-ufficiale def
Multipilot pres-ufficiale defRoberto Navoni
 
Microcontroller from basic_to_advanced
Microcontroller from basic_to_advancedMicrocontroller from basic_to_advanced
Microcontroller from basic_to_advancedImran Sheikh
 
Overview of Microcontroller and ATMega32 microcontroller
Overview of Microcontroller and ATMega32 microcontrollerOverview of Microcontroller and ATMega32 microcontroller
Overview of Microcontroller and ATMega32 microcontrollerRup Chowdhury
 
Open_IoT_Summit-Europe-2016-Building_a_Drone_from_scratch
Open_IoT_Summit-Europe-2016-Building_a_Drone_from_scratchOpen_IoT_Summit-Europe-2016-Building_a_Drone_from_scratch
Open_IoT_Summit-Europe-2016-Building_a_Drone_from_scratchIgor Stoppa
 
Introduction to intel galileo board gen2
Introduction to intel galileo board gen2Introduction to intel galileo board gen2
Introduction to intel galileo board gen2Harshit Srivastava
 
Introduction to Embedded C++.pptx
Introduction to Embedded C++.pptxIntroduction to Embedded C++.pptx
Introduction to Embedded C++.pptxMohamedSaied316569
 
Seminar topic.on embeded system
Seminar topic.on embeded systemSeminar topic.on embeded system
Seminar topic.on embeded systemSachinMaithani1
 
Mirko Damiani - An Embedded soft real time distributed system in Go
Mirko Damiani - An Embedded soft real time distributed system in GoMirko Damiani - An Embedded soft real time distributed system in Go
Mirko Damiani - An Embedded soft real time distributed system in Golinuxlab_conf
 
Industrial training report of embedded system and robotics
Industrial training report of embedded system and roboticsIndustrial training report of embedded system and robotics
Industrial training report of embedded system and roboticsPallavi Bharti
 
PIC-MICROCONTROLLER TUTORIALS FOR BEGINNERS
PIC-MICROCONTROLLER TUTORIALS FOR BEGINNERSPIC-MICROCONTROLLER TUTORIALS FOR BEGINNERS
PIC-MICROCONTROLLER TUTORIALS FOR BEGINNERSVISHNU KP
 
CV Damien Boissat 2016
CV Damien Boissat 2016CV Damien Boissat 2016
CV Damien Boissat 2016Damien Boissat
 
I2C And SPI Part-23
I2C And SPI Part-23I2C And SPI Part-23
I2C And SPI Part-23Techvilla
 
AN INTEGRATED FOUR-PORT DC-DC CONVERTER-CEI0080
AN INTEGRATED FOUR-PORT DC-DC CONVERTER-CEI0080AN INTEGRATED FOUR-PORT DC-DC CONVERTER-CEI0080
AN INTEGRATED FOUR-PORT DC-DC CONVERTER-CEI0080Vivek Venugopal
 

Similar to ELC 2016 - I2C hacking demystified (20)

Multipilot pres-ufficiale def
Multipilot pres-ufficiale defMultipilot pres-ufficiale def
Multipilot pres-ufficiale def
 
Microcontroller from basic_to_advanced
Microcontroller from basic_to_advancedMicrocontroller from basic_to_advanced
Microcontroller from basic_to_advanced
 
Overview of Microcontroller and ATMega32 microcontroller
Overview of Microcontroller and ATMega32 microcontrollerOverview of Microcontroller and ATMega32 microcontroller
Overview of Microcontroller and ATMega32 microcontroller
 
Micro-controllers (PIC) based Application Development
Micro-controllers (PIC) based Application DevelopmentMicro-controllers (PIC) based Application Development
Micro-controllers (PIC) based Application Development
 
2014 ii c08t-sbc pic para ecg
2014 ii c08t-sbc pic para ecg 2014 ii c08t-sbc pic para ecg
2014 ii c08t-sbc pic para ecg
 
Open_IoT_Summit-Europe-2016-Building_a_Drone_from_scratch
Open_IoT_Summit-Europe-2016-Building_a_Drone_from_scratchOpen_IoT_Summit-Europe-2016-Building_a_Drone_from_scratch
Open_IoT_Summit-Europe-2016-Building_a_Drone_from_scratch
 
Introduction to intel galileo board gen2
Introduction to intel galileo board gen2Introduction to intel galileo board gen2
Introduction to intel galileo board gen2
 
nios.ppt
nios.pptnios.ppt
nios.ppt
 
Introduction to Embedded C++.pptx
Introduction to Embedded C++.pptxIntroduction to Embedded C++.pptx
Introduction to Embedded C++.pptx
 
Seminar topic.on embeded system
Seminar topic.on embeded systemSeminar topic.on embeded system
Seminar topic.on embeded system
 
xstream_network
xstream_networkxstream_network
xstream_network
 
Mirko Damiani - An Embedded soft real time distributed system in Go
Mirko Damiani - An Embedded soft real time distributed system in GoMirko Damiani - An Embedded soft real time distributed system in Go
Mirko Damiani - An Embedded soft real time distributed system in Go
 
Parth xyz
Parth xyzParth xyz
Parth xyz
 
Industrial training report of embedded system and robotics
Industrial training report of embedded system and roboticsIndustrial training report of embedded system and robotics
Industrial training report of embedded system and robotics
 
Ii avr-basics(1)
Ii avr-basics(1)Ii avr-basics(1)
Ii avr-basics(1)
 
TMS320C5x
TMS320C5xTMS320C5x
TMS320C5x
 
PIC-MICROCONTROLLER TUTORIALS FOR BEGINNERS
PIC-MICROCONTROLLER TUTORIALS FOR BEGINNERSPIC-MICROCONTROLLER TUTORIALS FOR BEGINNERS
PIC-MICROCONTROLLER TUTORIALS FOR BEGINNERS
 
CV Damien Boissat 2016
CV Damien Boissat 2016CV Damien Boissat 2016
CV Damien Boissat 2016
 
I2C And SPI Part-23
I2C And SPI Part-23I2C And SPI Part-23
I2C And SPI Part-23
 
AN INTEGRATED FOUR-PORT DC-DC CONVERTER-CEI0080
AN INTEGRATED FOUR-PORT DC-DC CONVERTER-CEI0080AN INTEGRATED FOUR-PORT DC-DC CONVERTER-CEI0080
AN INTEGRATED FOUR-PORT DC-DC CONVERTER-CEI0080
 

ELC 2016 - I2C hacking demystified

  • 1. I2C Hacking Demystified ELC North America 2016 Open IoT Summit 2016 Igor Stoppa
  • 2. Creating, debugging and operating a custom I2C peripheral.
  • 3. All product and company names are trademarksTM or registered® trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them. Disclaimer Third Parties
  • 4. Overview •Typical applications •Introduction to the I2C bus •Custom slaves - why and how •Master •Debugging methodology and tools •Example: steering a 4WD drone. •Ideas for advanced bus configurations •Recap •Q/A
  • 5. Typical Applications ● Interfacing with relatively slow peripherals. Ex: sensors, mechanical actuators. ● Controlling “fast” peripherals, that use other channels for exchanging data. Ex: codecs. ● In a PC, linux usually interacts over I2C with: ○ temperature and battery voltage meters; ○ fan speed controllers; ○ audio codecs. ● Multiple bus controllers, each at different speeds.
  • 6. Overview •Typical applications •Introduction to the I2C bus •Custom slaves - why and how •Master •Debugging methodology and tools •Example: steering a 4WD drone. •Ideas for advanced bus configurations •Recap •Q/A
  • 7. Introduction to the I2C Bus ● Serial bus: http://www.i2c-bus.org/ http://www.robot-electronics.co.uk/i2c-tutorial ● Only 2 lines: Serial CLock and Serial DAta (plus ground). ● 4 speeds: 100kHz, 400kHz, 1MHz, 3.2MHz. ● Typically, 1 master device and 1 or more slaves. ● Communications are always initiated by a master device. ● Multiple masters can co-exist on the same bus (multi-master). ● Open-Drain: both SDA and SCL need pull-up resistors. ● Typically 7-bit addressing, but also 10 bit is supported. ● Logical protocol: actual voltage levels are not specified and depend on individual implementations (Ex: 1.8V, 3.3V, 5.0V).
  • 8. SCL - Serial CLock SDA - Serial DAta ACK Stop Bit Start Bit R/W Bit
  • 9. Example of bus configuration SDA SCL Master SDA SCL Slave 1 SDA SCL Slave 2 PullUp PullUp Vdd1 Bi-Directional Level Shifter PullUp PullUp Vdd2 SDA1 SCL1 V1 SDA2 SCL2 V2 SDA SCL Slave 3 Open Drain Control Gate Source
  • 10. Overview •Typical applications •Introduction to the I2C bus •Custom slaves - why and how •Master •Debugging methodology and tools •Example: steering a 4WD drone. •Ideas for advanced bus configurations •Recap •Q/A
  • 11. Custom Slaves Why creating a custom I2C slave? ● Desired sensor/actuator unavailable with I2C interface. ● Less unique addresses available than slaves needed. ● Desired custom functionality on the slave: ○ Semi-autonomous reactions to stimuli. ○ Filtering/preprocessing input data. ○ Power optimization: custom “sensor hub” does the housekeeping while the main processor is idle. ○ Realtime response to inputs. ○ [your imagination here]
  • 12. How to design a custom I2C slave? ● Define requirements (see previous slide). ● Choose microcontroller or microprocessor. ● Choose Scheduler or Operating System (if any). ● Define communication sub-protocol: ○ Define parameters and commands to be exchanged. ○ Organize them into “registers” and choose a free address. Custom Slaves
  • 13. Overview •Typical applications •Introduction to the I2C bus •Custom slaves - why and how •Master •Debugging methodology and tools •Example: steering a 4WD drone. •Ideas for advanced bus configurations •Recap •Q/A
  • 14. Key design criteria: ● Weight/Dimensions. ● Required computational power and average latency. ○ PC-like device ○ Embedded device, typically headless. ● Preferred programming language: interpreted vs compiled. ● Availability of busses/gpios for driving the slave(s): ○ GPIOs only: bitbang the protocol ○ I2C: user-space application vs kernel driver. ○ No GPIOs/I2C interfaces available: USB to I2C adapter. Design of the I2C Master
  • 15. Overview •Typical applications •Introduction to the I2C bus •Custom slaves - why and how •Master •Debugging methodology and tools •Example: steering a 4WD drone. •Ideas for advanced bus configurations •Recap •Q/A
  • 16. ● Take direct control of the bus with an ad-hoc device. Examples: ○ Bus Pirate (useful also for other busses) ○ USB to I2C Master adapter, also based on the FTDI FT232R chip. ○ Custom device (could be a separate project). ● Snoop the bus with a logic analyzer or a scope/advanced meter. Examples: ○ sigrok/pulseview with compatible logic analyzer ○ 2-channels standalone scope/meter ● Use slave-specific In Circuit Debugger/In Circuit Emulator: Example: ○ AVR Dragon for AVR chips (Arduino UNO, Nano, Mini, MiniPro) Debugging: Divide and Conquer.
  • 17. Bus Pirate ● Primarily for development purposes. ● Can both sniff the bus and drive it. ● Console interface over serial (ttyACM) port, including macros, or programmatic access for several programming languages. ● Built-in pullup resistors and voltage sources (5V / 3.3V) ● Supports many other protocols. http://dangerousprototypes.com/docs/Bus_Pirate https://en.wikipedia.org/wiki/Bus_Pirate
  • 18. USB to I2C adapter ● Small footprint. ● Suitable for permanent installations. ● No need for special connections on the host: it can be used to interface with a typical PC. ● Variant available that is also SPI-capable. ● No console interface, only serial binary protocol. ● Requires protocol wrapper. http://www.robot-electronics.co.uk/htm/usb_i2c_tech.htm
  • 19. sigrok/pulseview ● De-facto standard for PC-driven measurements on linux (but available on other OSes too). ● Support for vast range of logic analyzers, scopes and meters. ● Various protocol decoders, including I2C. ● Useful for visualizing the logical signals and debugging protocol errors. ● Even very low end, inexpensive HW can provide a whole new dimension to debugging. https://sigrok.org https://sigrok.org/wiki/PulseView https://sigrok.org/wiki/Supported_hardware
  • 20. Overview •Typical applications •Introduction to the I2C bus •Custom slaves - why and how •Master •Debugging methodology and tools •Example: steering a 4WD drone. •Improvement Ideas •Recap •Q/A
  • 21. Bus configuration SDA SCL Master @5V SDA SCL Slave 1 @5V PullUp PullUp 5V Bi-Directional Level Shifter PullUp PullUp 3.3V SDA1 SCL1 V1 SDA2 SCL2 V2 SDA SCL Master @3.3V SDA SCL Slave 2 @5V Configuration with Alternative Master @3.3V
  • 22. How to design a custom I2C slave? ● Define requirements. ● Choose microcontroller or microprocessor. ● Choose Scheduler or Operating System (if any). ● Define communication sub-protocol: ○ Define parameters and commands to be exchanged. ○ Organize them into “registers” and choose a free address. Custom Slaves
  • 23. Example: Steering a 4WD Drone The I2C slave: ● Controls the amount of torque applied to each wheel. ● Controls the direction each wheel spins. ● Measures the rotation speed of each wheel through an optical encoder (Odometer). ● Exposes the parameters above to the I2C Master. Wheel Slave uC Odometer Motor x4 I2C Bus Master
  • 24. How to design a custom I2C slave? ● Define requirements (see previous slide). ● Choose microcontroller or microprocessor. ● Choose Scheduler or Operating System (if any). ● Define communication sub-protocol: ○ Define parameters and commands to be exchanged. ○ Organize them into “registers” and choose a free address. Custom Slaves
  • 25. Selecting the Slave: Arduino Mini Pro (AVR328P) ● Enough pins/functions to provide for each wheel: ○ 1 PWM output with independent configuration of the duty-cycle. ○ 2 GPIOs for selecting: Forward, Reverse, Idle, Lock ○ 1 GPIO for registering odometer input as IRQ. ● I2C HW block for interrupt-driven i2c exchanges. ● Dedicated pins for SPI-based programming. ● Small footprint. ● Low Cost. ● The clone represented in the picture has layout optimized for DIL socket mounting. https://www.arduino.cc/en/Main/ArduinoBoardProMini
  • 26. Slave-specific ICD: AVR Dragon ● Supports various programming modes, included SPI programming, through AVRDude. ● Doesn’t interfere with normal AVR operations, so it can be left plugged into the system. ● After enabling debugWire interface, it allows configuring HW/SW breakpoints, by a dedicated backend for gdb/ddd. http://www.atmel.com/webdoc/avrdragon/ http://www.nongnu.org/avrdude/ http://www.larsen-b.com/Article/315.html
  • 27. How to design a custom I2C slave? ● Define requirements (see previous slide). ● Choose microcontroller or microprocessor. ● Choose Scheduler or Operating System (if any). ● Define communication sub-protocol: ○ Define parameters and commands to be exchanged. ○ Organize them into “registers” and choose a free address. Custom Slaves
  • 28. Selecting the OS: ChibiOS ● RTOS: preemption, tasks, semaphores, dynamic system tic, etc. ● Small footprint: link only used code/data. ● Distinction between RTOS and BSP through HAL. ● GPLv3 for non-commercial use. ● Actively developed, but already mature. However it had limited BSP support for AVR, lack of: ● interrupts driver for AVR GPIOs (added). ● I2C support for AVR slave mode (custom). http://www.chibios.org/dokuwiki/doku.php https://github.com/igor-stoppa/ChibiOS/tree/car/
  • 29. How to design a custom I2C slave? ● Define requirements (see previous slide). ● Choose microcontroller or microprocessor. ● Choose Scheduler or Operating System (if any). ● Define communication sub-protocol: ○ Define parameters and commands to be exchanged. ○ Organize them into “registers” and choose a free address. Custom Slaves
  • 30. For each wheel: ● Duty Cycle of the PWM signal used to drive it - 1 byte. 0xFF = max torque / 0x00 = no torque. ● Direction of rotation - 1 byte. 0x00 = idle / 0x01 = reverse / 0x02 = forward / 0x03 = locked ● Average period in between slots of the optical encoder - 2 bytes. Writing anything resets the measurement. Communication Parameters - 1
  • 31. ● Parameter Index - 1 nibble: ○ 0 = Duty Cycle ○ 1 = Direction ○ 2 = Average Period ● Wheel indexes - 1 nibble: ○ 0 = Left Rear ○ 1 = Right Rear ○ 2 = Right Front ○ 3 = Left Front ○ 4 = All Communication Parameters - 2
  • 32. How to design a custom I2C slave? ● Define requirements (see previous slide). ● Choose microcontroller or microprocessor. ● Choose Scheduler or Operating System (if any). ● Define communication sub-protocol: ○ Define parameters and commands to be exchanged. ○ Organize them into “registers” and choose a free address. Custom Slaves
  • 33. Register format: 0xαβ ● α = Parameter Index ● β = Wheel Index Address: 0x10 Bus Pirate format: [ = start bit ] = end bit r = read byte address times 2, for R/W bit Sub-Protocol: registers Example - in Bus Pirate Format: [ i2c_addr reg_addr=(parm,wheel) reg_value] [0x20 0x20 0x02] Left Rear Forward [0x20 0x21 0x01] Right Rear Backward [0x20 0x22 0x01] Right Front Backward [0x20 0x23 0x02] Left Front Forward [0x20 0x14 0xFF] Wheels set to max torque The car spins clockwise.
  • 34. Key design criteria: ● Weight/Dimensions: must fit on the drone. ● Required computational power and average latency ○ Embedded device, it can provide enough computational power. ● Availability of busses/gpios for driving the slave(s): ○ Native I2C available on most candidates ○ user-space application is sufficient: no requirement for extremely low latency, might change later on ● Preferred programming language: interpreted vs compiled. Design of the I2C Master
  • 35. ● x86-64 ● Built-in connectivity: ○ Wifi ○ Bluetooth ○ OTG - Ethernet over USB ○ Serial Console ● I2C available through add-on breakout board, normally @3. 3V, here hacked @5V Master: Intel Edison
  • 36. 5V Mod for Sparkfun I2C Breakout Can accept 5V Removed Pull-UP resistors Disconnected internal voltage regulators Purpose: make the I2C breakout open drain, 5V compatible
  • 37. Official Edison distro (based on Poky/OE) https: //software.intel.com/en-us/iot/hardware/edison/downloads Ubilinux (Debian port) http://www.emutexlabs.com/ubilinux Ostro Project https://download.ostroproject.org/builds/ostro-os/latest/images/edison/ OS: Linux Flavors
  • 38. From Bus Pirate to Python Example - Python with libmraa: #!/usr/bin/python import mraa x = mraa.I2c(1) # Select the correct I2C bus x.address(0x10) # The library does the shift x.writeReg(0x20, 0x02) # Left Rear Forward x.writeReg(0x21, 0x01) # Right Rear Forward x.writeReg(0x22, 0x01) # Right Front Forward x.writeReg(0x23, 0x02) # Left Front Forward x.writeReg(0x14, 0xFF) # Wheels: max torque The car spins clockwise. Example - in Bus Pirate Format: [ i2c_addr reg_addr=(parm,wheel) reg_value] [0x20 0x20 0x02] Left Rear Forward [0x20 0x21 0x01] Right Rear Backward [0x20 0x22 0x01] Right Front Backward [0x20 0x23 0x02] Left Front Forward [0x20 0x14 0xFF] Wheels: max torque The car spins clockwise. Note: Bus Pirate simply dumps data on the bus, so the address 0x10 must be shifted left because of the R/W bit.
  • 39. Alternative Master: BeagleBone Black ● Cortex A8 ● Built-in connectivity: ○ Ethernet ○ Ethernet-over-USB ○ Serial Console ● I2C available through standard connector, open drain, compatible with @3.3V https://beagleboard.org/black
  • 40. From Bus Pirate to C Example - C with i2c library: #!/usr/bin/python import mraa x = mraa.I2c(1) # Select the correct I2C bus x.address(0x10) # The library does the shift x.writeReg(0x20, 0x02) # Left Rear Forward x.writeReg(0x21, 0x01) # Right Rear Forward x.writeReg(0x22, 0x01) # Right Front Forward x.writeReg(0x23, 0x02) # Left Front Forward x.writeReg(0x14, 0xFF) # Wheels: max torque The car spins clockwise. Example - in Bus Pirate Format: [ i2c_addr reg_addr=(parm,wheel) reg_value] [0x20 0x20 0x02] Left Rear Forward [0x20 0x21 0x01] Right Rear Backward [0x20 0x22 0x01] Right Front Backward [0x20 0x23 0x02] Left Front Forward [0x20 0x14 0xFF] Wheels: max torque The car spins clockwise. Note: Bus Pirate simply dumps data on the bus, so the address 0x10 must be shifted left because of the R/W bit.
  • 41. Overview •Typical applications •Introduction to the I2C bus •Custom slaves - why and how •Master •Debugging methodology and tools •Example: steering a 4WD drone. •Ideas for advanced bus configurations •Recap •Q/A
  • 42. ● Add multi-master support ○ The current implementation is efficient wrt Slave time because it is event-driven and there is action happens only as result of an IRQ firing (no polling). ○ The Master, however, is polling the slave and polling is never a particularly good idea: ■ poll too often and it will overload the system ■ poll too seldom and important events might escape the window-of-opportunity ● Add arbitrary capability to R/W memory areas over I2C ○ live debugging of the I2C Slave. ○ Useful for memory mapped peripherals. ○ Could be used in conjunction with the memory map & linker scripting. Ideas for improvement
  • 43. Overview •Typical applications •Introduction to the I2C bus •Custom slaves - why and how •Master •Debugging methodology and tools •Example: steering a 4WD drone. •Ideas for advanced bus configurations •Recap •Q/A