ASF-Nabd/ASF_01_sys_sw_arch
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 2 Wiki Activity
Files
c6311103495dba585d9a3712ec71b7f36755e615
ASF_01_sys_sw_arch/System Design/Creating Gap Analysis and Solutions Documentation/Factory Provisioning Workflow.md
mahmamdouh 0daead7821 analysis
2026-01-25 17:17:08 +01:00

2.6 KiB
Raw Blame History

Factory Provisioning Workflow

Overview

The factory provisioning workflow is the process of preparing a "blank" ESP32-S3 module for use in the field. This process must be secure, automated, and repeatable to ensure every device has a unique identity and the correct security settings.

The Workflow Steps

Phase 1: Hardware Preparation & Initial Flash

  1. Connect Device: The blank module is placed in a programming fixture.
  2. Flash Bootloader & Partition Table: The basic structure of the flash memory is defined.
  3. Flash Factory Firmware: A minimal "testing" firmware is loaded to verify hardware functionality (GPIOs, Sensors, Wi-Fi).

Phase 2: Security & Identity Injection

  1. Generate Unique Keys: The provisioning PC generates a unique private key and a Certificate Signing Request (CSR) for the device.
  2. Sign Certificate: The CSR is sent to the company's Certificate Authority (CA), which returns a signed X.509 certificate.
  3. Inject Identity: The unique certificate and private key are written to the device's NVS (Encrypted) or eFuse area.
  4. Burn eFuses:
    • Enable Flash Encryption.
    • Enable Secure Boot.
    • Set the Secure Boot Public Key Hash.
    • Disable JTAG (to prevent physical debugging/hacking).

Phase 3: Final Application Loading

  1. Flash Production Firmware: The full ASF application is loaded into the ota_0 partition.
  2. Verify Integrity: The system performs a full boot-up test to ensure it can decrypt the flash and verify the secure boot signature.

Phase 4: Cloud Registration

  1. Register Serial Number: The device's unique ID (MAC address or Serial) and its public certificate are uploaded to the Cloud/MQTT Broker's "Allowed Devices" list.
  2. Labeling: A QR code is printed and attached to the device, containing its Serial Number and Provisioning Date.

Workflow Diagram (Conceptual)

[ Blank Device ] 
      |
      v
[ 1. Hardware Test ] ----(Fail)----> [ Reject/Repair ]
      |
      v
[ 2. Identity Injection ] <---(From CA)--- [ Unique Certs ]
      |
      v
[ 3. Security Locking ] (Flash Encrypt, Secure Boot)
      |
      v
[ 4. Final App Flash ]
      |
      v
[ 5. Cloud Sync ] ----> [ Ready for Shipment ]

Tools Required

  • esptool.py: For flashing and eFuse operations.
  • esp_secure_cert_tool: For managing certificates on ESP32.
  • Custom Provisioning Script: A Python script to coordinate the CA communication and the flashing process.
  • Provisioning PC: A secure computer with access to the company's private CA.