{"id":379,"date":"2023-07-20T13:49:15","date_gmt":"2023-07-20T17:49:15","guid":{"rendered":"https:\/\/mooney.gatech.edu\/security\/?page_id=379"},"modified":"2024-10-23T12:20:36","modified_gmt":"2024-10-23T16:20:36","slug":"native","status":"publish","type":"page","link":"https:\/\/mooney.gatech.edu\/security\/gridtrust\/native\/","title":{"rendered":"GridTrust Native Device Setup"},"content":{"rendered":"\r\n<h1><span style=\"font-size: 24pt;\">GridTrust Native Device Setup<\/span><\/h1>\r\n<p><a href=\"http:\/\/mooney.gatech.edu\/security\/wp-content\/uploads\/2023\/07\/gridtrust_native.png\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone  wp-image-454\" src=\"http:\/\/mooney.gatech.edu\/security\/wp-content\/uploads\/2023\/07\/gridtrust_native.png\" alt=\"\" width=\"504\" height=\"468\" srcset=\"https:\/\/mooney.gatech.edu\/security\/wp-content\/uploads\/2023\/07\/gridtrust_native.png 1547w, https:\/\/mooney.gatech.edu\/security\/wp-content\/uploads\/2023\/07\/gridtrust_native-300x279.png 300w, https:\/\/mooney.gatech.edu\/security\/wp-content\/uploads\/2023\/07\/gridtrust_native-1024x951.png 1024w, https:\/\/mooney.gatech.edu\/security\/wp-content\/uploads\/2023\/07\/gridtrust_native-768x713.png 768w, https:\/\/mooney.gatech.edu\/security\/wp-content\/uploads\/2023\/07\/gridtrust_native-1536x1427.png 1536w\" sizes=\"auto, (max-width: 504px) 100vw, 504px\" \/><\/a><\/p>\r\n<p>The GridTrust Native Device is an industrial temperature sensor. Representative updates (in the form of text files) for the device include changing the format for reporting temperatures.<\/p>\r\n<p>The native device is connected to the computer via USB. The connection to the computer is USB-A, whereas the connection to the native device is USB-B.<\/p>\r\n<p>The native device setup communicates with the server (via a networking switch, connected to the laptop with ethernet).<\/p>\r\n<p>The PUF board is connected to the computer via USB. The connection to the computer is USB-A, whereas the connection to the PUF board is USB-C.<\/p>\r\n<p>&nbsp;<\/p>\r\n<h2><strong>Source Code<\/strong><\/h2>\r\n<p><a href=\"https:\/\/github.com\/allahverdia\/GridTrust\">Github Link<\/a><\/p>\r\n<h2><strong>Devices Utilized<\/strong><\/h2>\r\n<p>The Device demo is comprised of multiple COTS components:<\/p>\r\n<ul>\r\n<li style=\"list-style-type: none;\">\r\n<ul>\r\n<li><a href=\"https:\/\/www.arduino.cc\/en\/Guide\/ArduinoUno\">Arduino Uno<\/a><\/li>\r\n<li><a href=\"https:\/\/www.ti.com\/product\/LM95172-Q1\">LM95172 Temperature Sensor<\/a><\/li>\r\n<li><a href=\"https:\/\/www.nxp.com\/design\/software\/development-software\/mcuxpresso-software-and-tools-\/lpcxpresso-boards\/lpcxpresso55s69-development-board:LPC55S69-EVK\">NXP LPCXpresso55S69 (PUF)<\/a><\/li>\r\n<li>Dell Optiplex 7000<\/li>\r\n<\/ul>\r\n<\/li>\r\n<\/ul>\r\n<h2><strong>Setup<\/strong><\/h2>\r\n<p>The Dell computer interfaces with the GridTrust Server and maintains communications with the PUF board and the Arduino. The Arduino in turn performs serial communications with the temperature sensor.\u00a0<\/p>\r\n<ol>\r\n<li>Install Rust\r\n<ul>\r\n<li><a href=\"https:\/\/www.rust-lang.org\/tools\/install\">https:\/\/www.rust-lang.org\/tools\/install<\/a><\/li>\r\n<\/ul>\r\n<\/li>\r\n<li>Install OpenSSL\r\n<ul>\r\n<li><span style=\"font-family: 'courier new', courier, monospace; font-size: 10pt;\">sudo dnf -y install openssl openssl-devel<\/span><\/li>\r\n<\/ul>\r\n<\/li>\r\n<li>Create a new Rust project\u00a0\r\n<ol>\r\n<li><span style=\"font-family: 'courier new', courier, monospace; font-size: 10pt;\">cargo new native<\/span><\/li>\r\n<li>Replace files in <span style=\"font-family: 'courier new', courier, monospace; font-size: 10pt;\">\/client\/code\/src<\/span>\u00a0 with Github <span style=\"font-family: 'courier new', courier, monospace; font-size: 10pt;\">native\/code\/src<\/span> files<\/li>\r\n<li>Replace <span style=\"font-family: 'courier new', courier, monospace; font-size: 10pt;\">\/client\/code\/Cargo.toml <\/span>with Github <span style=\"font-size: 10pt; font-family: 'courier new', courier, monospace;\">native\/code\/Cargo.toml<\/span><\/li>\r\n<li><span style=\"font-family: 'courier new', courier, monospace; font-size: 10pt;\">cargo build<\/span><\/li>\r\n<\/ol>\r\n<\/li>\r\n<li>The native device file structure is relative to the Rust project root directory (the directory containing <span style=\"font-family: 'courier new', courier, monospace; font-size: 10pt;\">Cargo.toml<\/span>):\r\n<ul>\r\n<li><span style=\"font-family: 'courier new', courier, monospace; font-size: 10pt;\">.\/local_updates\/<\/span> directory\u00a0\r\n<ul>\r\n<li><span style=\"font-family: 'courier new', courier, monospace; font-size: 10pt;\">.\/local_updates\/util_sign64.txt<\/span> is the utility signature in base 64 format (from server setup)<\/li>\r\n<li><span style=\"font-family: 'courier new', courier, monospace; font-size: 10pt;\">.\/local_updates\/vendor_sign64.txt<\/span> is the vendor signature in base 64 format (from server setup)<\/li>\r\n<\/ul>\r\n<\/li>\r\n<li><span style=\"font-family: 'courier new', courier, monospace; font-size: 10pt;\">.\/local_updates\/update64.txt<\/span> is the update file in base 64 format<\/li>\r\n<li><span style=\"font-family: 'courier new', courier, monospace; font-size: 10pt;\">.\/updater\/<\/span> directory\r\n<ul>\r\n<li><span style=\"font-family: 'courier new', courier, monospace; font-size: 10pt;\">.\/updater\/utility.pub.pem<\/span> is the utility public key file generated during the server setup<\/li>\r\n<li><span style=\"font-family: 'courier new', courier, monospace; font-size: 10pt;\">.\/updater\/vendor.pub.pem<\/span> is the vendor public key file generated during the server setup<\/li>\r\n<li><span style=\"font-family: 'courier new', courier, monospace; font-size: 10pt;\">.\/updater\/gridtrust.pfx<\/span> is the <span style=\"font-family: 'courier new', courier, monospace; font-size: 10pt;\">.pfx<\/span> file generated during the server setup<\/li>\r\n<li><span style=\"font-family: 'courier new', courier, monospace; font-size: 10pt;\">.\/updater\/ca2.crt<\/span> is the <span style=\"font-size: 10pt; font-family: 'courier new', courier, monospace;\">.crt<\/span> file generated during the server setup, the same certificate file Nginx uses. During the server setup, it was generated as <span style=\"font-family: 'courier new', courier, monospace; font-size: 10pt;\">ca.crt<\/span>, but can be renamed to <span style=\"font-family: 'courier new', courier, monospace; font-size: 10pt;\">ca2.crt<\/span><\/li>\r\n<li><span style=\"font-family: 'courier new', courier, monospace; font-size: 10pt;\">.\/base64.sh<\/span> is the shell script called by the Rust code during the decoding and verification of intermediate signature and update files<\/li>\r\n<\/ul>\r\n<\/li>\r\n<\/ul>\r\n<\/li>\r\n<li>Configure the native device computer to trust the server certificate:\r\n<ul>\r\n<li>Copy<span style=\"font-family: 'courier new', courier, monospace; font-size: 10pt;\"> .\/updater\/ca2.crt<\/span> to <span style=\"font-family: 'courier new', courier, monospace; font-size: 10pt;\">\/etc\/pki\/ca-trust\/source\/anchors\/ca2.crt<\/span><\/li>\r\n<li>Run the command <span style=\"font-family: 'courier new', courier, monospace; font-size: 10pt;\">sudo update-ca-trust<\/span><\/li>\r\n<\/ul>\r\n<\/li>\r\n<li>Ensure that <span style=\"font-family: 'courier new', courier, monospace; font-size: 10pt;\">base64.sh<\/span> is executable: <span style=\"font-family: 'courier new', courier, monospace; font-size: 10pt;\">chmod +x base64.sh<\/span><\/li>\r\n<\/ol>\r\n<p>If a native device is configured with incorrect signatures or certificates, then authentication will fail.\u00a0<\/p>\r\n\r\n\r\n","protected":false},"excerpt":{"rendered":"<p>GridTrust Native Device Setup The GridTrust Native Device is an industrial temperature sensor. Representative updates (in the form of text files) for the device include changing the format for reporting temperatures. The native device is connected to the computer via USB. The connection to the computer is USB-A, whereas the connection to the native device &hellip; <\/p>\n<p class=\"link-more\"><a href=\"https:\/\/mooney.gatech.edu\/security\/gridtrust\/native\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;GridTrust Native Device Setup&#8221;<\/span><\/a><\/p>\n","protected":false},"author":5,"featured_media":0,"parent":351,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"folder":[12],"class_list":["post-379","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/mooney.gatech.edu\/security\/wp-json\/wp\/v2\/pages\/379","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mooney.gatech.edu\/security\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/mooney.gatech.edu\/security\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/mooney.gatech.edu\/security\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/mooney.gatech.edu\/security\/wp-json\/wp\/v2\/comments?post=379"}],"version-history":[{"count":27,"href":"https:\/\/mooney.gatech.edu\/security\/wp-json\/wp\/v2\/pages\/379\/revisions"}],"predecessor-version":[{"id":651,"href":"https:\/\/mooney.gatech.edu\/security\/wp-json\/wp\/v2\/pages\/379\/revisions\/651"}],"up":[{"embeddable":true,"href":"https:\/\/mooney.gatech.edu\/security\/wp-json\/wp\/v2\/pages\/351"}],"wp:attachment":[{"href":"https:\/\/mooney.gatech.edu\/security\/wp-json\/wp\/v2\/media?parent=379"}],"wp:term":[{"taxonomy":"folder","embeddable":true,"href":"https:\/\/mooney.gatech.edu\/security\/wp-json\/wp\/v2\/folder?post=379"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}