Ability™ Developer Portal
Try Sandbox for free
Get a month of free access to ABB Ability™ Platform to learn and experiment!
API Playground
Play with ABB Ability™ Platform APIs (no time limits)

# Hardware Setup

ABB Ability™ Edge software runs on hardware with TPM 1.2 or TMP 2.0 support. At this time, the Edge does not support fTPM. If the hardware has TPM support, review the following section for an overview of the install and setup process.

The ABB Ability™ Edge has been tested internally with some models of hardware. Common hardware used for Edge deployments will be added to this list over time.

# Installing Edge on Generic Hardware

Note: The supported hash for all TPM2.0 devices is SHA256 or higher.

The following section will step through the basic process to install an Edge on any hardware. Before installing the operating system, the following should be reviewed:

  • Identify the resources available on the hardware.
  • Identify the version of TPM on the hardware.
  • Determine how to manage the TPM settings and data.

# Hardware Resources

Every computer has a combination of the following components.

  • CPU cores
  • Memory
  • Disks
  • NIC ports
  • USB ports
  • Support for Video
  • Support for other types of network access (Cellular, etc.)
  • Support for other types of I/O

The most cost efficient Edge deployments will have only what is needed.

# Identify the TPM Hardware

ABB Ability™ Edge software has specific software installs for TPM 1.2 and TPM 2.0 hardware. The correct software must be installed for the Edge to operate as designed.

# Identify the TPM Management Interface

The TPM management interface is typically in the BIOS for the hardware. Each manufacturer will have a slightly different setup. For each unique type of hardware, the following must be determined:

# How to Activate/Deactivate the TPM Hardware

Each manufacturer may have a different default setting. Some may have it disabled by default, others enabled. Some may support fTPM and when fTMP is enabled, it may block TPM 2.0 functionality. There is no single way to do this. In the end, verify that TPM is enabled and confirm the version before installing the operating system.

# Determine How to Clear the TPM

After an Edge takes ownership of the TPM, you cannot provision a new Edge on the hardware until the TPM is cleared. This is typically done in the BIOS and each system can have a different one. Some systems may require the PC to be powered off to clear the TPM. Others may just need a reboot. If the system is re-purposed to install another Edge, the TPM will need to be cleared to re-setup the Edge. The TPM should be cleared before the first OS installation.

# Install the Operating System

Once the TPM is enabled and cleared, the hardware is ready to load the Operating System. Production environments should use Ubuntu Server as recommended. However, for development purposes, the Desktop version of the operating system should also work. The following links have the basic install steps.

During the install process, be sure to include any specific hardware drivers or software not included in the Ubuntu media. Any special hostname and network configurations should also be addressed at this time.

As an example, perhaps the hardware has a special cellular radio and SIM card. Any software required to enable that hardware should be installed at this time. Additionally, it is also important that network is configured before the Edge is installed so that it can pick the ethernet port connected to the WAN during installation and setup the correct firewall and other device hardening configurations.

# Install the Edge

Each release of the ABB Ability™ Platform also has a release of the ABB Ability™ Edge software. After the hardware is running Ubuntu, use the following procedure to install the correct software for the version of the ABB Ability™ Platform instance the ABB Ability™ Edge will communicate with. Use the following link for the latest installation information.

# Secure Edge Connectivity to the Ability Platform

Ability Platform can only accept connections from devices with a valid X.509 certificates issued by Ability PKI Trusted Authority in the production environment. For development and test purposes prior to the production, Ability PKI offers test and pre-production environments.

# Ability PKI

Ability Public Key Infrastructure offers services including Certificate enrollment, renewal, revocation etc. Ability Edge provides configuration place holders to be updated by the developers depending upon the purpose (dev/test/production), when updated Ability Edge autonomously enroll itself with the Ability PKI based on the configuration. The certificates rooted in the Ability ROOT CA are used for authentication of the devices connecting to the Ability Platform. To learn more about Ability PKI, refer to the PKI Overview.

# Next Steps

The ABB Ability™ Edge should be up and running. Additional development and testing can continue from here.

Last updated: 12/15/2022, 5:45:53 AM

Device Certificate Enrollment

Feedback