"Productionising" the FX30s


#1

Hi, we want to sell the FX30s to customers and it needs to go through a production process to set it up with our legato app etc.

  1. What is the recommended way of loading the legato app, updating the FW and otherwise configuring the device in a production environment? i.e. it ideally needs to be automated out the box (including setting up passwords, keys etc)
  2. Does it need to happen over the USB cable (which will be enumerated every time) or can it happen over the serial cable?
  3. What is the recommended way to secure the device from tampering/uploading different applications etc.

One of the methods I can image is installing a basic app that connects to airvantage which tells it what to install. However this would consume a lot of data. Could this be achieved via the IP connection of the USB cable?

Thanks,

Karl


#2

@karlkuhn,

There are a number of way you can achieve this.

  • Build the entire system (apps, configuration, etc) into a single file and upgrade the unit with swiflash.
  • Take the generic unit, load the application and then run a script to configure it i.e. change the root password, turn all of the interfaces off you want to, etc.
  • Re what is the recommended way to secure a device, you can make it as secure or insecure as you want. The bare minimum would be to change the root password as mentioned above, after this you can secure it any number of ways from using secure file storage areas to completely disabling the ability to upload new applications.

Essentially everything ill really need to be done over the USB Ethernet initially yes. Would not recommend doing it OTA in a production environment, too slow and unreliable.

Regards

Matt


#3

Thanks @mlw , that is some useful information.I will look into it.

So presumably (if I remember correctly) all FX30s enumerate as 192.168.2.2 or was it 192.168.2.1. So I can use that as the starting point for the process. i.e SSH to it using the known default password… cp in the required files and execute a script which does all the necessary config.

Sounds about right? Presumably this would be the process for updating the FW as well.


#4

The unit gives itself the IP address 192.168.2.2, the host PC is given 192.168.2.1.

Updating firmware etc is covered in the legato documentation.

https://docs.legato.io/latest/toolsTarget.html

Regards

Matt