Renesas RA AWS MQTT User Manual

Application Note
Renesas RA Family

RA AWS MQTT/TLS Cloud Connectivity Solution

Introduction

This application note describes IoT Cloud connectivity solution in general, provides a brief introduction to IoT
Cloud providers like Amazon Web Services (AWS), and covers the FSP MQTT/TLS module and its features.
The application example provided in the package uses AWS IoT Core. The detailed steps in this document
show first-time AWS IoT Core users how to configure the AWS IoT Core platform to run this application
example.

This application note enables developers to effectively use the FSP MQTT/TLS modules in end-product
design. Upon completion of this guide, developers will be able to add the “AWS MQTT Client”, “Mbed TLS”,
“Secure sockets on WiFi” using Silex Wi-Fi modules; and “secure sockets on FreeRTOS plus TCP” using
Ethernet interface, configure them correctly for the target application, and write code using the included
application example code as a reference for efficient starting point.

References to detailed API descriptions, and other application projects that demonstrate more advanced
uses of the module, are in the FSP User’s Manual (available at: https://renesas.github.io/fsp/
as a valuable resource in creating more complex designs.

This MQTT/TLS AWS Cloud Connectivity solution is supported on the EK-RA6M3 (Both Ethernet and Wi-Fi )
and EK-RA6M4 (Wi-Fi support only) kits.

), which serves

Applies to:

• RA6M4 MCU Group

• RA6M3 MCU Group

• RA6M2 MCU Group

• RA6M1 MCU Group

Required Resources

To build and run the MQTT/TLS application example, the following resources are needed.

Development tools and software

2

• e

studio ISDE v20.10.0 or later (renesas.com/us/en/software-tool/e-studio)

• Flexible Software Package ( FSP) 2.2.0 or later (renesas.com/us/en/software-tool/flexible-software-

package-fsp)

• SEGGER J-Link® USB driver (renesas.com/synergy/jlinksynergy).

• SEGGER RTT Viewer V 6.95a (https://www.segger.com/products/debug-probes/j-link/tools/rtt-viewer/)

• SEGGER SWO Viewer (https://www.segger.com/products/debug-probes/j-link/tools/j-link-swo-viewer/)

Hardware

• Renesas RA™ EK-RA6M3 kit (renesas.com/ra/ek-ra6m3

• Renesas RA™ EK-RA6M4 kit (renesas.com/ra/ek-ra6m4).

• Renesas Silex PmodTM based Wi-Fi Module (renesas.com/wi-fi-pmod).

Note: The Silex PmodTM module is not included in the EK-RA6M3 or EK-RA6M4 kit and must be

ordered separately.

®

• PC running Windows

Edge, Mozilla Firefox, or Safari).

• Micro USB cables (included as part of the kit)

10; and an installed web browser (Google Chrome, Internet Explorer, Microsoft

).

R11AN0453EU0105 Rev.1.05 Page 1 of 1
Feb.11.21

Renesas RA Family RA AWS MQTT/TLS Cloud Connectivity Solution

Prerequisites and Intended Audience

This application note assumes that the user is adept in operating the Renesas e2 studio ISDE with Flexible
Software Package (FSP). If not, we recommend they read and follow procedures in the FSP User Manual
sections for ‘Starting Development’ including ‘Debug the Blinky Project’. Doing so enables familiarization with

2

studio and FSP and validates proper debug connection to the target board. In addition, this application

e
note assumes prior knowledge of MQTT/TLS and its communication protocols.

The intended audience is users who want to develop applications with MQTT/TLS modules using Renesas

™

RA6 MCU Series.

RA

2

Note: If you are a first time user of e

on your system in order to run the Blinky Project and to get familiar with the e

studio and FSP, we highly recommend you install e2 studio and FSP

2

studio and FSP

development environment before proceeding to the next sections.

Prerequisites

1. Access to online documentation available in the Cloud Connectivity References section.

2. Access to latest documentation for identified Renesas Flexible Software Package.

3. Prior knowledge of operating e

2

studio and built-in (or standalone) RA Configurator.

4. Access to associated hardware documentation such as User Manu als , Schematics, and so forth.

Using this Application Note

Section 1 of this document covers the General Overview of the Cloud Connectivity, AWS IOT Core, MQTT
and TLS Protocols and Device certificates and Keys used in the Cloud Connectivity.

Sections 2 to 5 cover the usage of FSP configurator to add the MQTT Client, Secure Sockets, Integrated
TLS client and MQTT components to the project.

Section 6.1 and 6.2 co ver Clou d con nec tivi t y Applic ati on Project architecture, its sof tware components
overview.

Section 6.3 covers the step by step procedure to recreate the bundled Application Project using the FSP
Configurator.

Note: For a quick validation using the provided application project, you can skip the above sections a nd go

to section 6.5 for instructions on importing, building and running the Application project on the EK
board. Users are still required to provide necessary user credentials for the application as described
in sections 6.4, 6.5, and 6.6 before validatio n can be d one using the steps described in the section

6.7.
Section 6.4 covers the Cloud side configuration required to run the Application Project.
Section 6.5 covers the importing, building, and running the Application Project on the EK board.
Section 6.6 covers the User specific credentials to run the application.
Section 6.7 covers the validation of the Application Project from Board and from the Cloud.

R11AN0453EU0105 Rev.1.05 Page 2 of 2
Feb.11.21

Renesas RA Family RA AWS MQTT/TLS Cloud Connectivity Solution

Contents

1. Introduction to Components for Cloud Connectivity ................................................................. 4

1.1 General Overview .................................................................................................................................... 4

1.2 Cloud Service Provider ............................................................................................................................ 4

1.3 AWS IoT Core ......................................................................................................................................... 5

1.4 MQTT Protocol Overview ........................................................................................................................ 5

1.5 TLS Protocol Overview ............................................................................................................................ 5

1.6 Device Certificates, CA, and Keys .......................................................................................................... 6

2. AWS MQTT Client with RA FSP .............................................................................................. 6

3. Secure Sockets Implementation .............................................................................................. 8

4. Mbed TLS ................................................................................................................................ 9

5. MQTT Module APIs Usage .................................................................................................... 10

6. Cloud Connectivity Application Example ................................................................................ 10

6.1 Overview ................................................................................................................................................ 10

6.2 MQTT/TLS Application SW Architecture Overview ............................................................................... 12

6.3 Creating the Application Project using the FSP Configurator ............................................................... 13

6.4 MQTT/TLS Configuration ...................................................................................................................... 21

6.4.1 IoT Cloud Configuration (AWS) ........................................................................................................... 25

6.4.2 Creating a Device on AWS IoT Core................................................................................................... 26

6.4.3 Generating Device Certificate and Keys ............................................................................................. 32

6.4.4 Creating a Policy for a Device ............................................................................................................. 36

6.4.5 Connecting the Certificate to the Policy .............................................................................................. 38

6.5 Running the MQTT/TLS Application Example ...................................................................................... 40

6.5.1 Importing, Building and Loading the Project ....................................................................................... 40

6.5.2 Loading the Executable Binary into the Target MCU .......................................................................... 41

6.5.3 Powering up the Board ........................................................................................................................ 41

6.6 Connecting to AWS IoT ......................................................................................................................... 42

6.6.1 Wi-Fi Credentials ................................................................................................................................. 42

6.6.2 AWS IoT Credentials ........................................................................................................................... 42

6.7 Verifying the Application Pr oj ect ............................................................................................................ 43

7. MQTT/TLS Module Next Steps .............................................................................................. 45

8. Cloud Connectivity References .............................................................................................. 45

9. Known Issues ........................................................................................................................ 46

Revision History ............................................................................................................................ 48

R11AN0453EU0105 Rev.1.05 Page 3 of 3
Feb.11.21

Renesas RA Family RA AWS MQTT/TLS Cloud Connectivity Solution

1. Introduction to Components for Cloud Connectivity

1.1 General Overview

The Internet-of-Things (IoT) is a global infrastructure for the information society, enabling advanced services
by interconnecting (physical and virtual) things based on existing and evolving int e roper ab le inf ormation and
communication technologies. The ‘things’ in this definition are objects in the physical world (physical objects)
or information world (virtual) that can be identified and integrated into communication networks. In the
context of the IoT, a ‘device’ is a piece of equipment with the mandatory capabilities of communication and
the optional capabilities of sensing, actuation, data capture, data storage and data processing [1].
Communication is often performed with providers of network-hosted services, infrastructure, and business
applications to process/analyze the generated data and manage the devices. Such providers are called
Cloud Service Providers. While there are many manufacturers for devices and cloud service providers, for
the context of this application note, the device is a Renesas RA Microcontroller (MCU) connecting to services
provided by Amazon Web Services (AWS) for IoT.

1.2 Cloud Se r vice P r ovider

AWS IoT is a platform that enables users to connect devices to AWS Services and other devices, secure
data and interactions, process and act upon device data, and enable applications to interact with devices
even when they are offline. As a Cloud Service Provider, AWS IoT provides the ability to:

• Connect and manage devices.

• Secure device connections and data .

• Process and act upon device data.

• Read and set device state at any time.

The following Figure 1 summarizes the features provided by AWS IoT [2]

Figure 1. AWS IoT Features, Service Components, and Data Flow Diagram

A key feature provided by AWS is the AWS IoT Software Development Kit (SDK) written in C to allow
devices such as sensors, actuators, embedded micro-controllers, or smart appliances; to connect,
authenticate, and exchange messages with AWS IoT using the MQTT, HTTP, or WebSocket’s protocols.

This application note focuses on configuring and using the AWS IoT Device SDK and the included MQTT
protocol available through the Renesas Flexible Software Package (FSP) for Renesas RA MCUs.

R11AN0453EU0105 Rev.1.05 Page 4 of 4
Feb.11.21

Renesas RA Family RA AWS MQTT/TLS Cloud Connectivity Solution

Secure Crypto Hardw are A c c elerati on

Supported

Key Format Supported

AES, ECC, RSA

Hash

SHA-256

Cipher

AES

Public Key Cryptography

ECC, ECDSA, RSA

Message Authentication Code (MAC)

HKDF

1.3 AWS IoT Core

AWS IoT Core is a managed cloud service that lets connected devices easily and securely interact with
cloud applications and other devices. AWS IoT Core can support billions of devices and trillions of
messages. It can process and route messages to AWS endpoints and to other devices reliably and securely.
With AWS IoT Core, customer applications can keep track of all devices, all the time, even when they are
not connected [3].

AWS IoT Core addresses security concerns for the infrastructure by implementing mutual authentication and
encryption. AWS IoT Core provides automated configuration and authentication upon a device’s first
connection to AWS IoT Core, as well as end-to-end encryption throughout all points of connection, so that
data is never exchanged between devices and AWS IoT Core without proven identity [3].

This application note focuses on complementing the security needs of AWS IoT Core through installing a
proven identity for the RA MCU by storing a X.509 certificate and asymmetric cryptography keys in Privacy
Enhanced Mail (PEM) format in the on-board flash. The RA MCU has on-chip security features, such as Key
Wrapping, to protect the private key associated with the public key and the certificate associated with the

1

device
Cryptography Engine (SCE) and API available through the FSP. The SCE is used to accelerate symmetric
encryption/decryption of data between the connected device and AWS IoT, allowing the ARM Cortex-M
processor to perform other application specific computations.

. Additionally, RA MCUs can also generate asymmetric keys using features of the Secure

1.4 MQTT Protoc ol Overview

Message Queuing Telemetry Transport (MQTT) is featured in this application note as it is a lightwe ig h t
communication protocol specifically designed to tolerate intermittent connections, minimize the code footprint
on devices, and reduce network bandwidth requirements. MQTT uses a publish/subscribe architecture which
is designed to be open and easy to implement, with up to thousands of remote clients capable of being
supported by a single server. These characteristics make MQTT ideal for use in constrained environments
where network bandwidth is low or where there is high latency and with remote devices that might have
limited processing capabilities and memory [4]. The RA MCU device in this application note implements a

MQTT Client which communicates with AWS IoT and exchanges example telemetry information, such as
MCU temperature, and MCU GPIO status.

1.5 TLS Pr otoc ol Overview

The primary goal of the Transport Layer Security (TLS) protocol is to provide privacy and data integrity
between two communicating applications [5] or endpoints. AWS IoT mandates use of secure
communication. Consequentially, all traffic to and from AWS IoT is sent securely using TLS [6]. TLS protocol
version 1.2 or later is used to ensure the confidentiality of the application protocols supported by AWS IoT. A
variety of TLS Cipher Suites are supported [7] . This application note configures the RA Flexible Software
Package for the MCU based device to provide the following capabilities and AWS IoT negotiates the
appropriate TLS Cipher Suite configuration to maximize security.

Table 1. TLS Capabilities in RA FSP

On top of these above supported features, Mbed Crypto middleware also supports a variety of features
which can be enabled through the RA Configurator. Refer to the FSP UM section for the Crypto Middleware
(rm_psa_crypto).

1

This application note does not focus on using Key Wrapping for securely storing the private key for devices

deployed in a production environment.

R11AN0453EU0105 Rev.1.05 Page 5 of 5
Feb.11.21

Renesas RA Family RA AWS MQTT/TLS Cloud Connectivity Solution

1.6 Device Certificates, CA, and Keys

Device certificates, Certificate Authorities, and Asymmetric Key Pairs create the foundation for trust needed
for a secure environment. The background information on these commonly used components in AWS is as
follows:

A digital certificate is a document in a known format that provides information about the identity of a device.
X.509 is a standard that includes the format definition for public-key certificate, attribute certificate, certificate
revocation list (CRL) and attribute certificate revocation list (ACRL) [8]. X.509 defined certificate formats
(X.509 Certificate) are commonly used on the internet and in AWS IoT for authenticating a remote
entity/endpoint, that is, a Client and/or Server . In this appl ic ati on note , an X.509 certificate and asymmetric
cryptography key pair (public and private keys) are generated from AWS IoT and installed (during binary
compilation) into the RA MCU device running the MQTT Client to establish a known identity. In addition, a
root Certification Authority (CA) certificate is also downloaded and used by the device to authenticate the
connection to the AWS IoT gateway.

Certification authority (CA) certificates are certificates that are issued by a CA to itself or to a second CA for

2

the purpose of creating a defined relationship between the two CAs

. The root CA certificate allows devices
to verify that they're communicating with AWS IoT Core and not another server impersonating AWS IoT
Core.

The public and private keys downloaded from AWS IoT use RSA algorithms for encryption, decryption,

3

signing and verification

. These key pairs, and certificates are used together in the TLS process to:

1. Verify device identity.

2. Exchange symmetric keys, for algorithms such as AES, for encrypting and decrypting data transfers

between endpoints.

2. AWS MQTT Client with RA FSP

The AWS MQTT library included in RA FSP can connect to either AWS MQTT or to any third party MQTT
broker such as Mosquitto [9]. The complete documentation for the library can be found on the AWS IoT
Device SDK C: MQTT website [10]. Primary features supported by the library are:

• MQTT connections over TLS to an AWS IoT Endpoint or Mosquitto server or any MQTT broker.

• Non-secure MQTT connections to Mosquitto servers.4

The AWS MQTT Client can be directly imported into a Thread Stack and is configured through the RA
Configuration Perspective. To add the AWS MQTT Client to a new thread, open the Configuration.xml with
the RA Configuration. While ensuring that the correct thread is selected on the left, use the tab for Stacks >

New Stack > Search and search for the keyword AWS MQTT Client.

Figure 2. AWS MQTT Client Module Selection

2

The root CA certificate provided by AWS IoT is signed by Digital Guardian.

3

Public Key length used is 2048 bits.

4

Recommended for local server testing and not for production/deployment.

R11AN0453EU0105 Rev.1.05 Page 6 of 6
Feb.11.21

Renesas RA Family RA AWS MQTT/TLS Cloud Connectivity Solution

Adding the AWS MQTT Client Stack results in the default configuration with some unmet dependencies, as
shown below.

Figure 3. AWS MQTT Client Stack View

While the AWS MQTT Client stack shown contains a lot of dependencies and configurable properties, most
default settings can be used as-is. The following changes are needed to meet all unmet dependencies
(marked in red) for the AWS MQTT Client stack added to a new project (as shown above):

1. Enable Mutex and Recursive Mutex usage support as needed by IoT SDK and FreeRTOS in the created

Thread properties.

2. Optionally, adjust the AWS IoT Common properties for ‘IoT Thread Stack Size’ and ‘IoT Network Receive

Task Stack Size’.

Upon completion of the two steps above, the AWS MQTT Client is ready to accept a Secure Socket
Implementation, which has dependencies on using a TLS Session and an underlying TCP/IP
implementation.

Additional documentation on the AWS MQTT Client is available in the FSP User’s Manual under RA Flexible
Software Package Documentation > API Reference > Modules > AWS MQTT.

R11AN0453EU0105 Rev.1.05 Page 7 of 7
Feb.11.21

Renesas RA Family RA AWS MQTT/TLS Cloud Connectivity Solution

3. Secure Sockets Implementation

The AWS Secure Sockets module provides an API that is based on the widely used BSD Sockets. While the
RA FSP contains a Secure Socket Implementation for both Wi-Fi and Ethernet, this application and app note
focuses on the use of an external Silex SX-ULPGN Pmod Wi-Fi module and on-board Ethernet.

Secure Sockets can be added to the Thread Stack by clicking on Add Secure Sockets Implementation >

New > Secure Sockets on WiFi or Secure Sockets on FreeRTOS Plus TCP (for Ethernet).

Figure 4. Adding Secure Socket to the MQTT Client Module

Upon addition, the needed stack is complete and has unmet dependencies for the dependent modules. In
this case, the flash file system for the persistent storage is needed. This can be added by clicking on Add
AWS PKCS11 PAL > New > AWS PKCS11 PAL on LittleFS.

The added stack has unmet configuration for the sub-components, highlighted in red in the next Figure 5 that
should be addressed.

Figure 5. Expanded Secure Socket Module

R11AN0453EU0105 Rev.1.05 Page 8 of 8
Feb.11.21

Renesas RA Family RA AWS MQTT/TLS Cloud Connectivity Solution

Satisfying most unmet dependencies as identified by the RA Configurator is recommended, however, some
are optional. For example, in the Wi-Fi application project, it uses one socket/UART for communication with
the Silex Wi-Fi Pmod. As a result, the property for Number of supported sockets instances should be set
to 1. This property is found by under Common Properties for Wi-Fi on-chip Silex Driver.

Note: To support multiple socket instances on this Wi-Fi module, a second UART on the Module needs to

be enabled. For the purpose of this Application Note, one socket is enough.

Figure 6. Socket Instances Selection

Remaining unmet dependencies which need to be addressed are related to the TLS stack discussed next.
Additional documentation on the AWS MQTT Client is available in the FSP User’s Manual under RA Flexible

Software Package Documentation > API Reference > Modules > AWS Secure Sockets.

4. Mbed TLS

mbed TLS is ARM's implementation of the TLS protocols as well as the cryptographic primitives required by
those implementations. mbed TLS is also solely used for its cryptographic features even if the TLS/SSL
portions are not used.

Secure Socket TLS Support uses FreeRTOS+TLS which eventually uses mbed TLS. Use of mbed TLS
requires configuration and operation of Mbed Crypto module which in turn operates the SCE on the MCU.

The following underlying mandatory changes are needed to a project using the Secure Sockets on
FreeRTOS+TLS module:

1. Use FreeRTOS heap implementation scheme 4 (first fit algorithm with coalescence algorithm) or scheme

5 (first fit algorithm with coalescence algorithm with heap spanning over multiple non adjacent/non­contiguous memory regions) [11].

2. Enable support for dynamic memory allocation in FreeRTOS.

3. Enable mbed TLS platform memory allocation layer.

4. Enable the mbed TLS generic threading Layer that handles default locks and mutexes for the user and

abstracts the threading layer to use an alternate thread-library.

5. Enable Elliptic Curve Diffie Helleman library.

6. Change FreeRTOS Total Heap Size to a value greater than 0x1500.
Additional documentation on the AWS MQTT Client is available in the FSP User’s Manual under RA Flexible

Software Package Documentation > API Reference > Modules > Crypto Middleware (rm_psa_crypto).

R11AN0453EU0105 Rev.1.05 Page 9 of 9
Feb.11.21

Renesas RA Family RA AWS MQTT/TLS Cloud Connectivity Solution

API

Description

IotMqtt_Connect

Establish a new MQTT connection.

IotMqtt_Init

One-time initialization function for the MQTT library.

IotMqtt_IsSubscribed

Check if an MQTT connection has a subscription for a topic
filter.

IotMqtt_OperationType

Returns a string that describes an IotMqttOperationType_t.

IotMqtt_Publish

Publishes a message to the given topic name and receive an
asynchronous notification when the publish completes

IotMqtt_ReceiveCallback

Network receive callback for the MQTT library.

IotMqtt_strerror

Returns a string that describes an IotMqttError_t.

IotMqtt_Subscribe

Subscribes to the given array of topic filters and receive an
asynchronous notification when the subscribe completes.

IotMqtt_TimedSubscribe

Subscribes to the given array of topic filters with a timeout.

IotMqtt_TimedUnsubscribe

Unsubscribes from a given array of topic filters with a timeout.

IotMqtt_Unsubscribe

Unsubscribes from the given array of topic filters and receive
an asynchronous notification when the unsubscribe completes.

IotMqtt_Wait

Waits for an operation to complete.

IotMqtt_Disconnect

Closes an MQTT connection

5. MQTT Module APIs Usage

The AWS MQTT Client is documented online [12]. The following table lists APIs provided by AWS MQTT
Client that are used as a part of the Application Example.

Table 2. MQT T Module APIs

6. Cloud Connectivity Application Example

6.1 Overview

This application project demonstrates the usage of APIs available through the Renesas FSP-integrated
modules for Amazon IoT SDK C, mbed TLS module, Amazon FreeRTOS and HAL Drivers operating on
Renesas RA MCUs. Network connectivity is established using Ethernet or the Silex Pmod Wi-Fi Module. The
application running on a Renesas Evaluation Kit also serves as a reference system for the operation of
MQTT Client, mbed TLS/Crypto, Wi-Fi Module configuration, Ethernet configuration, using the FSP
configurator. The application may be used as a starting point for inspiring other customized Cloud-based
solutions using Renesas RA MCUs. In addition, it marginally demonstrates the operation and setup of cloud
services available through the cloud service provider.

The upcoming sub-sections show step-by-step creation of a device and security credentials policies as
required by the AWS IOT on the cloud side to communicate with the end devices. The example,
accompanying this documentation, demonstrates Subscribe and Publish messaging between and MQTT
Client and MQTT Broker, periodic publication of temperature data, asynchronous publication of “User Push
Button” event from the MCU to the Cloud. The device is also subscribed to receive actuation events (LED
ON/OFF) from the Cloud, thereby showing two-way control.

R11AN0453EU0105 Rev.1.05 Page 10 of 10
Feb.11.21

Renesas RA Family RA AWS MQTT/TLS Cloud Connectivity Solution

Figure 7. Application Projects High-level Overview for Wi-Fi and Ethernet

Figure 8. MQTT Publish/Subscribe to/from AWS IoT Core

R11AN0453EU0105 Rev.1.05 Page 11 of 11
Feb.11.21

Renesas RA Family RA AWS MQTT/TLS Cloud Connectivity Solution

No.

Filename

Purpose

1

src/application_thread_entry.c

Contains data structures functions and main thread
used in Cloud Connectivity application.

2

src/common_utils.h

Contains macros, data structures, and functions
commonly used across the project.

3

src/hal_entry.c

Unused file automatically generated by FSP. This
file is used for non-RTOS based projects.

4

src/itm_write.c

Re-routes logging information to Cortex-M
Instrumentation Trace Macrocell.

5

src/mqtt_interface.c

Contains data structures and functions used in mqtt
interface for Cloud Connectivity.

6

src/mqtt_interface.h

Accompanying header for exposing functionality
provided by mqtt_interface.c.

7

src/SEGGER_RTT/SEGGER_RTT.c

Implementation of SEGGER real-time transfer

8

src/SEGGER_RTT/SEGGER_RTT.h

9

src/SEGGER_RTT/SEGGER_RTT_Conf.h

10

src/SEGGER_RTT/SEGGER_RTT_printf.c

11

src/usr_config.h

To customize the user configuration to run the
application.

12

src/usr_hal.c

Contains data structures and functions used for the
associated utilities.

13

src/usr_hal.h

Accompanying header for exposing functionality
provided by usr_hal.c.

14

src/usr_wifi.c

Contains data structures and functions used to
Application Project.

15

src/usr_wifi.h

Accompanying header for exposing functionality
based Application Project.

16

src/usr_app.h

Accompanying header file for the
application_thread.

17

src/usr_network.c

Contains data structures and functions used to
Module. This file is for the Ethernet specific usage.

19

src/usr_network.h

Accompanying header for exposing functionality
Ethernet specific usage.

6.2 MQTT/TLS Application SW Architecture Overview

The following files from this application project serve as a reference

Table 3. Fi les Used in Application Project

(RTT) which allows real-time communication on
targets which support debugger memory accesses
while the CPU is running.

Hardware Abstraction Layer initialization and

operate the Wi-Fi module. This file For WiFi based

provided by usr_wifi.c. This file For WiFi

operate the FreeRTOS TCP/IP and Ethernet

provided by usr_network.c. This file is for the

R11AN0453EU0105 Rev.1.05 Page 12 of 12
Feb.11.21

Renesas RA Family RA AWS MQTT/TLS Cloud Connectivity Solution

Step

Intermediate Steps

1

Project Creation:

File → New → C/C ++ Pr oject

2

Project Template:

Templates for New RA C/C++ Project →
Renesas RA C/C++ Project → Next

3

e2 studio - Project Configuration (RA

Project Name (Name for the Project)
Note: Input your desired name for the project -> Next

4

Device Selection →

FSP Version: 2.2.0

Board: EK-RA6M3

Device: R7FA6M3AH3CFC

Language: C

Figure 9. Application Example Implementation Details

Note: For Ethernet application example implementation in the Figure 9. “Wi-Fi scan and connect block” is

not applicable.

6.3 Crea ti ng the Application Project using the FSP Configurator

Complete steps to create the Project from the start using the e2 studio and FSP configurator. The table below
shows the step-by-step process in creating the Project. It is assumed that the user is familiar with the

2

studio and FSP configurator. Launch the installed e2 studio for the FSP.

e

Table 4. Step-by-step Details for Creating the Application Project for Ethernet and Wi-Fi (EK-RA6M3)

C Executable Project) →

R11AN0453EU0105 Rev.1.05 Page 13 of 13
Feb.11.21

Renesas RA Family RA AWS MQTT/TLS Cloud Connectivity Solution

Step

Intermediate Steps

5

Select Tools

Toolchain: GNU ARM Embedded (Default)

Toolchain version: (9.2.1.20191025)

Debugger: J-Link ARM
Next→

6

Build Artifact and RTOS Selection
Artifact Selection: Executable

RTOS Selection : FreeRTOS → Next

Project Template

Project Template Selection: FreeRTOS – Minimal – Static
Allocation → Finish

7

Stacks Tab (Part of the FSP
Configurator)→

Threads → New Thread

8

Config Thread Properties→

Symbol: application_thread

Name: Application Thread

Stack size: 8192 Bytes

Priority: 3

Thread Context: NULL

Memory Allocation: Static

9

Generic RTOS configs under thread (Additional configuration on top of the Default Config
provided by FSP)

Common → General

Use Mutex: Enabled

Use Recursive Mutexes: Enabled

Max Task Name Len: 32

Common → Memory Allocation

Support Dynamic Allocation: Enabled

Total Heap Size: 0x20000

10
Add the Heap Implementation in HAL/Common

New Stack →

FreeRTOS → Memory Management→ Heap 4

11

Adding the MQTT Client Module to the Thread

Note: Now the Newly created thread (Application thread) is ready to add new Stack (Here the MQTT
New Stack →

FreeRTOS → Libraries → AWS MQTT Client

12

Configuring the “AWS IoT Common” Module (Additional configuration on top of the Default
Config provided by FSP)

Properties → Common →

Platform Name: "AWS Cloud Connectivity".

Note: Few of the sections in this table are specific to Wi-Fi and Ethernet Implementation. Other

sections are common to both Wi-Fi and Ethernet. They are listed here for quick reference.

Common to both Wi-Fi and Ethernet :

Step number : 1-12, 14,15

Specific to Ethernet:

Step number : 13b,19,20,21

Specific to Wi-Fi:

Step number : 13a,16,17,18,23

13

Adding the Secure Socket Implementation. Implementation is available for 1) Wi-Fi (“Secure
Socket on WiFi”) or 2) Ethernet (“Secure Socket on FreeRTOS Plus TCP”).

13a

If your Application is with Wi-Fi
Implementation →

New → “Secure Socket on WiFi”

13b

If your Application is with Ethernet, add

New → “Secure Socket on FreeRTOS Plus TCP”

14

Adding Persistent storage support for AWS PKCS11 and resolve the error in the configurator
by selecting the Heap size in the BSP Tab

Add AWS PKCS11 PAL module →

New → AWS PKCS11 PAL on LittleFS

BSP Tab → RA Common→

Heap size : 0x1000

Client is added)

Module, add Secure Sockets for Wi-Fi

Secure Sockets for Ethernet
Implementation →

Note: For Ethernet application Total Heap Size: 0x40000

R11AN0453EU0105 Rev.1.05 Page 14 of 14
Feb.11.21

Renesas RA Family RA AWS MQTT/TLS Cloud Connectivity Solution

Step

Intermediate Steps

15

Some dependency related to TLS Support are needed to be resolved to remove the error in the
FSP configurator by modifying the “Mbed Crypto” Property Settings.

Common → Platform →

MBEDTLS_PLATFORM_MEMORY : Define

Common → General →

MBEDTLS_THREADING_C : Define

Common → General →

MBEDTLS_THREADING_ALT : Define

Common → Public Key Cryptography
(PKC)→

ECC → MBEDTLS_ECDH_C : Define

16

Resolve the dependency for the Wi-Fi on-chip Silex Driver using “r_sci_uart” Module.

Configuring the Wi-Fi on-chip Silex Driver using r_sci_uart

Common →

Number of supported Socket instances: 1

Module Reset Port: 08

Module Reset Pin: 00

17

UART Driver r_sci_uart configuration

Note: This is only applicable for Wi-Fi application project.

Common →

FIFO Support: Enable

DTC Support: Enable

Flow control Support: Disable

Module Driver →

General → Channel: 9 (For PMOD 1)

Baud → Baud Rate: 115200

Flow Control →
Flow Control → Pin control: Disabled

Flow Control → RTS Port: Disabled

Flow Control → RTS Pin: Disabled

Interrupts→

Interrupts →
Transmit Data Empty Interrupt Priority: Priority 5

Interrupts →

Interrupts →
Error Interrupt Priority: Priority 5

18

Add DTC driver to complete the DTC Driver support for th e UART.

Add DTC driver for Transmission →

New → Transfer Driver on r_dtc

Add DTC driver for Reception →

New → Transfer Driver on r_dtc

19

FreeRTOS + TCP Configuration

same, except few of the default configuration needs to be changed

Common →

DHCP callback function → Enable

Note: This is only applicable for Wi-Fi application project.

Note: For Multiple socket connection using this Wi-Fi Module, 2 UARTS needs to be used. Even
though the Wi-Fi Module provides 2 UARTs (For Multiple Sockets) The Pmod connector only exposes
1 UART connectivity.
Therefore, in this case, if the requirement is to use in the multi socket mode, proper wiring needs to be
taken care to route the UART connection the Wi-Fi Module.
Note: In case of MQTT Connectivity example project, the connections can be managed with 1 Socket
connection only, and hence the socket instance is chosen as 1.

UART driver needs to be configured based on the data transmission and receive requirements
such as speed, FIFO, DTC support, Flow control, handling of UART interrupts etc.

CTS/RTS Selection: RTS(CTS is disabled)

Receive Interrupt Priority: Priority 5

Transmit End Interrupt Priority: Priority 5

Note: This is only applicable for Wi-Fi application project.

Note: This is only applicable for Ethernet application project. Most of the Default settings remain the

R11AN0453EU0105 Rev.1.05 Page 15 of 15
Feb.11.21