Sun Microsystems V2.0 Deploying and running a host application, What is protected?, Limitations

Page 20

ant deploy

for each Sun SPOT.

What is protected?

Applications and customized libraries are always verified and unless the digital signature can be successfully verified using the trusted public key, the application will not be executed. Extra security is provided for over-the-air deployment. In this case, all updates to the configuration page are verified before the page is updated. This prevents a number of possible attacks, for example a change to the trusted public key, or a denial of service where bad startup parameters are flashed.

Generating a new key-pair

If you wish to generate a new key-pair – for example, if you believe your security has been compromised – just delete the existing sdk.key file. The next time you deploy an application or a library to a Sun SPOT a new key will be automatically created. Again, if you are using a customized library, you will need to update the signature on the library by executing

ant flashlibrary

Limitations

This security scheme has some current limitations. In particular:

There is no protection against an attacker who has physical access to the Sun SPOT device.

The SDK key pair is stored in clear text on the host, and so there is no protection against an attacker with access to the host computer’s file system.

Deploying and running a host application

Example

The directory Demos/CodeSamples/SunSpotHostApplicationTemplate contains a simple host

application. Copy this directory and its contents to a new directory to build a host application.

To run the copied host application, first start the base station as outlined in the section Using the Basestation. Run the example on your host by using these commands:

ant host-compile ant host-run

If the application works correctly, you should see (besides other output)

Base station initialized

Normally, the base station will be detected automatically. If you wish to specify the port to be used (for example, if automatic detection fails, or if you have two base stations connected) then you can either indicate this on the command line, by adding the switch “-Dport=COM3”, or within your host application code:

System.setProperty("SERIAL_PORT", "COM3");

If your application doesn’t require a basestation you may add the following switch to the command line:

ant host-run –Dbasestation.not.required=true

20

Page 19 Page 21
Image 20
Page 19 Page 21
Contents Page Page Contents Http protocol support Introduction Building and deploying Sun Spot applications Deploying and running a sample applicationBuild Successful Total time 3 seconds \MyApplication Ant -Dport=COM2 info Total time 4 seconds \MyApplication Total time 0 seconds \MyApplication Deploying a pre-existing jar Incorporating utility classes into your applicationOther user properties Manifest and resourcesExcluding files from the compilation Overview Using the BasestationBuilt-in properties Set up Introduction Base Station configurationRemote operation Connect a Sun Spot base station Using short names for SPOTs Managing keys and sharing Sun SPOTsTake suitable actions during over-the-air downloads BackgroundChanging the owner of a Sun Spot Sharing Sun SPOTsWhat is protected? Deploying and running a host applicationGenerating a new key-pair LimitationsConfiguring network features Your own host applicationIncorporating pre-existing jars into your host application Mesh routingLogging Hardware configurations and USB powerTrace route Page Thread priorities Overview of an applicationThreads Device Interface Sun Spot device librariesSun Spot device library Persistent properties Accessing flash memory Overriding the Ieee addressUsart Radio communication library Program Radiogram protocol Client end Server endYou can open server radiogram connections in a similar way Broadcasting Radio properties Turning the receiver off and on Shallow Sleep Conserving power using deep sleep modeMonitoring radio activity Activating deep sleep mode Deep SleepUSB inhibits deep sleep Preconditions for deep sleepingDeep sleep behaviour of the standard drivers Device Condition to permit deep sleepWriting a device driver Configuring the http protocol Http protocol supportConfiguring projects in an IDE Socket Proxy GUI modeDebugging Classpath configurationJavadoc/source configuration Ant selectapplication Configuring NetBeans as a debug client Configuring Eclipse as a debug clientUsing library suites Advanced topicsWith adderlib as your current directory, execute the command Use the command Using the spot client SpotSerialPortException other exception in serial port comms Property name Meaning ReferencePersistent system properties Contents of the arm directory Contents of the lib directoryMemory usage Start address Space UseContents of the bin directory preverify.exe Contents of the upgrade directory Contents of the tests directory
Top Page Image Contents