Skip to main content Link Menu Expand (external link) Document Search Copy Copied

Amazon Sidewalk manufacturing setup and workflow

This section describes how Amazon Sidewalk manufacturing works. You’ll learn the setup required before taking your devices to factory to production, and how you can use this information to bulk provision your Sidewalk devices.

Topics

Setup for Amazon Sidewalk manufacturing

To prepare your Sidewalk-enabled products for production, you’ll need the following hardware to generate the device key pairs on it. For more information, see Setting up the host.

  • A computer, also known as line PC, used for provisioning,
  • A device under test (DUT) to which the line PC is connected to,
  • A debugging interface, such as JLink, provided with the DUT, and
  • The HSM issued by Amazon Sidewalk Team for your Sidewalk products.

Mass production flow for Amazon Sidewalk

The mass production flow follows the steps described below to issue Sidewalk certificates and upload the corresponding record into Sidewalk cloud services. The CM is expected to implement the Line PC script.

  1. Factory Diagnostic Firmware is flashed into DUT and generates a set of public-private key pairs for the device. There is a key pair for each supported elliptic curves (EC) : ED25519 and P256R1 to authenticate the encryption keys.
  2. Line PC script communicates with Factory Diagnostic Firmware and passes the generated Sidewalk certificate signing request (CSR) to the Sidewalk Signing Tool to generate the device certificates. The HSM signs the device certificate with the DAK private key.
  3. Sidewalk Signing Tool constructs the full Sidewalk Certificate Chain which includes the newly created device certificates and outputs a Sidewalk control log.
  4. Line PC script passes the certificate chain to Factory Diagnostic Firmware, which writes it to the device. After that, the device can be flashed with production firmware.
  5. Line PC script saves the control logs generated by the Sidewalk Signing Tool in CM’s database or internal storage.
  6. CM collects and uploads the control logs that contain the Sidewalk Certificate Chain and the device related information via EDI system or SFTP endpoint.

How Amazon Sidewalk manufacturing works

This flowchart shows how bulk provisioning works.

Bulk Provisioning Flow

The following procedure illustrates the different steps in the manufacturing process.

  1. Create an AWS IoT device profile

    When your devices are ready for mass production, you can use an existing device profile or Create a device profile to enable factory support for your device production.

  2. Enable factory support

    The Amazon Sidewalk team can link your APID to your device profile. We will update your device profile with the production DAK, and provision it along with the Sidewalk certificate chain onto the HSM key you provide, for using AWS IoT Core for Amazon Sidewalk and bulk provisioning your Sidewalk devices. Contact Amazon Sidewalk support for more details and shipping instructions of sending your HSM to the Amazon Sidewalk team for provisioning.

  3. Send HSM key to contract manufacturer (CM)

    After HSM provisioning is complete, we will return the HSM to you, and provide the DAK PIN via encrypted email for your HSM access. You can then send the HSM to your contract manufacturer to enable them to start the manufacturing process for your Sidewalk devices.

  4. Manufacture devices and send control logs and serial numbers

    The CM manufactures the devices for production, generates control logs, and ingests the logs to into Amazon’s device provisioning system via EDI or SFTP. The Amazon’s system will process the uploaded log, validate its content and send a notification to the CM.

    The CM also provides you a CSV file that contains a list of manufactured devices and their Sidewalk manufacturing serial numbers (SMSNs). The following code shows a sample control log. It contains the serial number of the device, the APID, and the public device certificates. See the Amazon Sidewalk Specification, section 4.3.2 Sidewalk Manufacturing Serial Number (SMSN) for more details.

    {
   "controlLogs": [
   {
      "version": "4-0-1",
      "device": {
         "serialNumber": "d4c4975ef82728e1e56333b657515a136166afd956aa69745c3efe243660fafe",
         "productIdentifier": {
            "advertisedProductId": "abCD"
         },
         "sidewalkData": {
            "SidewalkED25519CertificateChain": "...",
            "SidewalkP256R1CertificateChain": "..."
         }
      }
   }]
}

  5. Bulk provision to onboard your Sidewalk devices in AWS IoT

    You can bulk provision your Sidewalk devices by creating and using import tasks to onboard a large number of your devices to AWS IoT Core for Amazon Sidewalk. Follow steps on Provisioning Sidewalk devices using import tasks.

Back to top

©2023 Amazon.com, Inc. or its affiliates (collectively, “Amazon”). All Rights Reserved.