diff --git a/Common/app/greengrass/greengrass_discovery_task.c b/Common/app/greengrass/greengrass_discovery_task.c
new file mode 100644
index 000000000..1c7dd527f
--- /dev/null
+++ b/Common/app/greengrass/greengrass_discovery_task.c
@@ -0,0 +1,742 @@
+/**
+  ******************************************************************************
+  * @file           : greengrass_discovery_task.c
+  * @brief          : Task implementation for AWS Greengrass discovery
+  ******************************************************************************
+  * @attention
+  *
+  * Copyright (c) 2025 STMicroelectronics.
+  * All rights reserved.
+  *
+  * This software is licensed under terms that can be found in the LICENSE file
+  * in the root directory of this software component.
+  * If no LICENSE file comes with this software, it is provided AS-IS.
+  *
+  ******************************************************************************
+  */
+
+#include "greengrass_discovery_task.h"
+
+#include "logging_levels.h"
+#define LOG_LEVEL    LOG_INFO
+#include "logging.h"
+
+/* Standard includes. */
+#include <string.h>
+#include <stdio.h>
+#include <assert.h>
+
+/* Kernel includes. */
+#include "FreeRTOS.h"
+#include "sys_evt.h"
+#include "task.h"
+#include "kvstore.h"
+
+/*coreHTTP includes*/
+#include "core_http_client.h"
+
+/* tls library includes. */
+#include "tls_transport_config.h"
+#include "mbedtls_transport.h"
+
+/* Includes to handle reception errors*/
+#include "mbedtls/net_sockets.h"       // for MBEDTLS_ERR_NET_CONN_RESET
+#include "mbedtls/ssl.h"               // for MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY
+
+/* Include for parameters*/
+#include "kvstore_config.h"
+
+/*cJSON parsing library*/
+#include "core_json.h"
+
+#define HEADER_BUFFER_LENGTH 1024
+#define RESPONSE_BUFFER_LENGTH 2048
+#define TIMEOUT_TRANSPORT_AFTER_FIRST_RCV_MS 200
+#define TIMEOUT_TRANSPORT_FIRST_RCV_MS 5000
+#define DELAY_TRANSPORT_RCV_MS 10
+#define PATH_BUFFER_LENGHT 128
+#define REGION_BUF_SIZE 38
+#define GG_DISCOVERY_URL_SIZE 128
+#define DISCOVERY_PORT  8443
+
+/* Greengrass config queries */
+#define HOST_ADDRESS_JSON_QUERY_STR "GGGroups[0].Cores[0].Connectivity[0].HostAddress" //Use the HostAdrress of the first Connectivity info of the first Cores of the first GGroup
+#define PORT_JSON_QUERY_STR "GGGroups[0].Cores[0].Connectivity[0].PortNumber" //Use the PortNumber of the first Connectivity of the first Cores of the first GGroup
+#define CA_JSON_QUERY_STR "GGGroups[0].CAs[0]" // Use the first CA in CAs of the the first GGGroup
+
+/* Labels for writing GG config in NVM */
+#define GG_ENDPOINT_LABEL "gg_endpoint"
+#define GG_PORT_LABEL "gg_port"
+
+/* ALPN protocols must be a NULL-terminated list of strings. */
+static const char * pcAlpnProtocols[] = { NULL};
+
+
+/* The transport interface send function. */
+static int32_t transportSend(NetworkContext_t *pNetworkContext, const void *pBuffer, size_t bytesToSend)
+{
+	LogDebug( "Http discovery request \n%.*s", bytesToSend, pBuffer );
+    return mbedtls_transport_send(pNetworkContext, pBuffer, bytesToSend);
+}
+
+/* The transport interface receive function. 
+** loop to receive data until having a response */
+static int32_t transportRecv(NetworkContext_t *pNetworkContext, void *pBuffer, size_t bufferSize)
+{
+    int32_t receivedBytes = 0;
+    int32_t totalReceived = 0;
+    int32_t result = 0;
+    TickType_t xTimeout = pdMS_TO_TICKS(TIMEOUT_TRANSPORT_FIRST_RCV_MS);
+    TickType_t xStartTime = xTaskGetTickCount();
+    TickType_t xElapsedTime = 0;
+
+    while (totalReceived < bufferSize )
+    {
+        receivedBytes = mbedtls_transport_recv(pNetworkContext, pBuffer, bufferSize - totalReceived);
+
+        if (receivedBytes < 0)
+        {
+            LogError("mbedtls_transport_recv failed with error code: %d", receivedBytes);
+            result = receivedBytes;
+            break;
+        }
+        else if (receivedBytes == 0)
+        {
+            // No data received, check if timeout has occurred
+            xElapsedTime = xTaskGetTickCount() - xStartTime;
+            if (xElapsedTime >= xTimeout)
+            {
+                result = totalReceived;
+                break; // Exit the loop if the maximum delay has been reached
+            }
+            vTaskDelay(pdMS_TO_TICKS(DELAY_TRANSPORT_RCV_MS)); 
+        }
+        else if (receivedBytes > 0)
+        {
+            xTimeout = pdMS_TO_TICKS(TIMEOUT_TRANSPORT_AFTER_FIRST_RCV_MS);
+            xStartTime = xTaskGetTickCount();
+            totalReceived += receivedBytes;
+            pBuffer = (uint8_t *)pBuffer + receivedBytes;
+            result = totalReceived;
+        }
+    }
+
+    return result;
+}
+
+/**
+ * @brief Extracts the AWS region from the given endpoint and formats a Greengrass endpoint URL.
+ *
+ * This function extracts the region from the provided AWS IoT endpoint and constructs
+ * a Greengrass endpoint URL (GGDisccoveryURL) using the extracted region. The region is dynamically determined
+ * from the endpoint, avoiding hardcoding the region.
+ *
+ * @param[out] GGDisccoveryURL The buffer where the formatted Greengrass endpoint will be stored.
+ *                    This buffer should be pre-allocated and large enough to hold the resulting URL.
+ * @param[in]  endpoint The endpoint string from which the region will be extracted.
+ *                      This should be a valid AWS IoT endpoint in the format "something.iot.<region>.amazonaws.com".
+ *
+ * @return HTTPStatus_t The status of the operation.
+ *                      - HTTPSuccess if the region is successfully extracted and the Greengrass endpoint is formatted.
+ *                      - HTTPInvalidParameter if the region extraction fails.
+ *                      - HTTPInsufficientMemory if memory allocation fails.
+ */
+HTTPStatus_t create_discovery_url_from_endpoint(char * GGDisccoveryURL , const char * endpoint)
+{
+    HTTPStatus_t xHTTPStatus = HTTPSuccess;
+
+    if (endpoint == NULL || GGDisccoveryURL == NULL) {
+        LogError("Endpoint or GGDisccoveryURL cannot be NULL");
+        xHTTPStatus = HTTPInvalidParameter;
+    }
+    else
+    {
+        const char* sep = "-ats.iot.";
+        char * subStr = strstr ( endpoint, sep );
+
+        if (subStr == NULL) {
+            LogError("Separator (%s) not found in endpoint (%s).", sep, endpoint);
+            xHTTPStatus = HTTPInvalidParameter;
+        }
+        else
+        {
+            subStr += strlen(sep); 
+
+            if (strlen(subStr) + strlen("greengrass-ats.iot.") < GG_DISCOVERY_URL_SIZE) {
+                snprintf(GGDisccoveryURL, GG_DISCOVERY_URL_SIZE, "greengrass-ats.iot.%s", subStr);
+            } else
+            {
+                size_t resultingSize = strlen(subStr) + strlen("greengrass-ats.iot.");
+                LogError("Resulting GG URL string would be too long. Max size: %d, Actual size: %zu", GG_DISCOVERY_URL_SIZE, resultingSize);
+                xHTTPStatus = HTTPInsufficientMemory;
+            }
+        }
+    }
+    return xHTTPStatus;
+}
+
+/**
+ * @brief Extracts a value from a JSON response based on a specified JSON path.
+ *
+ * This function searches for a value in the JSON response using a given path and validates
+ * that the extracted value matches the expected JSON type.
+ *
+ * @param[in] pResponse The JSON document as a string.
+ * @param[in] responseLen The length of the JSON document.
+ * @param[in] path The JSON path to the desired value.
+ * @param[out] pValue A pointer to the extracted value as a string.
+ * @param[out] pValueLen The length of the extracted value.
+ * @param[in] expectedType The expected JSON type of the value (e.g., JSONString for CA and HostAddress, JSONNumber for PortNumber).
+ *
+ * @return JSONStatus_t Returns JSONSuccess if the value is successfully extracted and matches the expected type.
+ *                      Returns JSONNotFound if the value is not found or does not match the expected type.
+ *
+ */
+JSONStatus_t extractJsonValue(const char *pResponse, size_t responseLen, const char *path, char **pValue, size_t *pValueLen, JSONTypes_t expectedType)
+{
+    JSONStatus_t jsonStatus;
+    JSONTypes_t valueType;
+    
+    // Validate the JSON document
+    jsonStatus = JSON_Validate(pResponse, responseLen);
+    if (jsonStatus != JSONSuccess)
+    {
+        LogError("Failed to validate JSON response (jsonStatus: %d).", jsonStatus);
+    }
+
+    //Extract the value
+    if (jsonStatus == JSONSuccess)
+    {
+        jsonStatus = JSON_SearchT(pResponse, responseLen, path, strlen(path), pValue, pValueLen, &valueType);
+        if (jsonStatus != JSONSuccess || valueType != expectedType)
+        {
+            LogError("%s not found or type error (jsonStatus: %d, valueType: %d).", path, jsonStatus, valueType);
+        }
+    }
+
+    return jsonStatus;
+}
+
+/**
+ * @brief Parses a JSON response to extract MQTT endpoint, certificate, and port number.
+ *
+ * This function takes a JSON response containing information about Greengrass core device,
+ * parses it to extract the MQTT endpoint, ca certificate, and port number.
+ *
+ * @param[in] pResponse Pointer to the JSON response string.
+ * @param[in] responseLen Length of the JSON response string.
+ * @param[out] pIpAddress Pointer to a char pointer where the extracted endpoint will be stored.
+ * @param[out] pCertificate Pointer to a char pointer where the extracted certificate will be stored.
+ * @param[out] pPort Pointer to a uint16_t where the extracted port number will be stored.
+ *
+ * @return JSONStatus_t Returns JSONSuccess on successful parsing and extraction, or an error code
+ * indicating the type of failure (e.g., parsing error, object not found, memory allocation failure).
+ */
+JSONStatus_t parseGGDiscoveryResponse(const char *pResponse, 
+                                      size_t responseLen,
+                                      char **pIpAddress, 
+                                      size_t *pIpAddressLen,
+                                      char **pCertificate,
+                                      size_t *pCertificateLen,
+                                      uint16_t *pPort)
+{
+    JSONStatus_t jsonStatus = JSONSuccess;
+
+    // Extract HostAddress
+    jsonStatus = extractJsonValue(pResponse, responseLen, HOST_ADDRESS_JSON_QUERY_STR, pIpAddress, pIpAddressLen, JSONString);
+    if (jsonStatus != JSONSuccess)
+    {
+        LogError("Failed to extract HostAddress from JSON response" );
+    }
+
+     // Extract PortNumber
+    if (jsonStatus == JSONSuccess)
+    {
+        const char *portValue;
+        size_t portSize;
+        jsonStatus = extractJsonValue(pResponse, responseLen, PORT_JSON_QUERY_STR, &portValue, &portSize, JSONNumber);
+        if (jsonStatus != JSONSuccess)
+        {
+            LogError("Failed to extract PortNumber from JSON response" );
+        }
+        *pPort = (uint16_t)strtol(portValue, NULL, 10);
+    }
+    
+    // Extract CA
+    if (jsonStatus == JSONSuccess){
+        jsonStatus = extractJsonValue(pResponse, responseLen, CA_JSON_QUERY_STR, pCertificate, pCertificateLen, JSONString);
+        if (jsonStatus != JSONSuccess)
+        {
+            LogError("Failed to extract CA from JSON response" );
+        }
+    }
+    
+    return jsonStatus;
+}
+
+/**
+ * @brief Writes a CA certificate, endpoint, and port into NVM under specified labels.
+ *
+ * This function stores the provided CA certificate, Greengrass endpoint, and port number
+ * into Non-Volatile Memory (NVM) using the given labels.
+ *
+ * @param[in] CaLabel Pointer to the string containing the label under which the certificate will be stored.
+ * @param[in] certificate Pointer to the string containing the CA certificate in PEM format.
+ * @param[in] GGendpoint Pointer to the string containing the Greengrass endpoint.
+ * @param[in] ggPort The port number for the Greengrass connection.
+ *
+ * @return PkiStatus_t Returns PKI_SUCCESS on successful parsing and writing of the certificate,
+ * endpoint, and port, or an error code indicating the type of failure.
+ */
+BaseType_t Write_GG_config_into_NVM(const char *certificate, 
+                                    const char *GGendpoint,
+                                    uint16_t ggPort )
+{
+    BaseType_t xResult = pdTRUE;
+
+    /* Write the gg certificate to NVM */
+    if(xResult == pdTRUE){
+        /* init the cert context */
+        mbedtls_x509_crt xCertContext;
+        mbedtls_x509_crt_init(&xCertContext);
+
+        int ret = mbedtls_x509_crt_parse(&xCertContext, 
+                                        (const unsigned char *)certificate,
+                                        strlen(certificate) + 1);
+        if (ret != 0)
+        {
+            LogError("Failed to parse certificate. mbedtls_x509_crt_parse returned -0x%x", -ret);
+            xResult = pdFALSE;
+        }
+        else{
+
+            PkiStatus_t status = xPkiWriteCertificate(TLS_ROOT_GG_CA_CERT_LABEL, &xCertContext);
+            if (status == PKI_SUCCESS)
+            {
+                LogDebug("Success: CA Certificate loaded to label");
+            }
+            else
+            {
+                LogError("Error: Failed to save certificate to label");
+                xResult = pdFALSE;
+            }
+        }
+        mbedtls_x509_crt_free(&xCertContext);
+    }
+
+    /* Write the gg endpoint to NVM */
+    if (xResult == pdTRUE)
+    {
+        KVStoreKey_t xKey_endpoint = kvStringToKey( GG_ENDPOINT_LABEL );
+
+        xResult = KVStore_setString( xKey_endpoint, GGendpoint );
+        if(xResult == pdTRUE){
+            LogDebug("Success: greengrass endpoint loaded in NVM");
+        }
+        else
+        {
+            LogError("Error: Failed to save gg endpoint to NVM (code %d)", xResult);
+        }
+    }
+
+     /* Write the gg port to NVM */
+    if (xResult == pdTRUE)
+    {
+        KVStoreKey_t xKey_port = kvStringToKey( GG_PORT_LABEL );
+
+        xResult = KVStore_setUInt32( xKey_port, ggPort );
+        if(xResult == pdTRUE){
+            LogDebug("Success: greengrass port loaded in NVM");
+        }
+        else
+        {
+            LogError("Error: Failed to save gg port to NVM (code %d)", xResult);
+        }
+    }
+    
+    /* commit changes to NVM */
+    if ( xResult == pdTRUE )
+    {
+        xResult = KVStore_xCommitChanges();
+       if( xResult == pdTRUE )
+        {
+            LogDebug( "Configuration saved to NVM." );
+        }
+        else
+        {
+            LogError( "Error: Could not save configuration to NVM (code %d).", xResult );
+        }
+    }
+    
+    return xResult;
+}
+
+/**
+ * Replaces all found instances of the passed substring in the passed string.
+ * 
+ * @param orig The string in which to look
+ * @param rep The substring with which to replace the found substrings
+ * @param with The substring to look for
+ *
+ * @return A new string with the search/replacement performed
+ * 
+ * @note The caller of the function should ensure to free the memory
+ * allocated for the returned string.
+ **/
+char *str_replace(const char *orig, const char *rep, const char *with) {
+    char *result = NULL; // the return string
+    BaseType_t xResult = pdTRUE;
+    char *ins;    // the next insert point
+    char *tmp;    // varies
+    int len_rep;  // length of rep (the string to remove)
+    int len_with; // length of with (the string to replace rep with)
+    int len_front; // distance between rep and end of last rep
+    int count;    // number of replacements
+
+    // sanity checks and initialization
+    if (!orig || !rep){
+        LogError("Original string or substring to replace is NULL.");
+        xResult = pdFALSE;
+    }
+        
+    if (xResult == pdTRUE)
+    {
+        len_rep = strlen(rep);
+        if (len_rep == 0){
+            LogError("Substring to replace is empty, cannot proceed.");
+            xResult = pdFALSE;
+        }
+    }
+    
+    if (xResult == pdTRUE)
+    {
+        if (!with){
+            with = "";
+            LogWarn("Replacement substring is NULL, using empty string instead.");
+        }
+            
+        len_with = strlen(with);
+    
+        // count the number of replacements needed
+        ins = orig;
+        for (count = 0; (tmp = strstr(ins, rep)); ++count) {
+            ins = tmp + len_rep;
+        }
+    
+        tmp = result = pvPortMalloc(strlen(orig) + (len_with - len_rep) * count + 1);
+    
+        if (!result){
+            LogError("Memory allocation failed. Required size: %zu", (strlen(orig) + (len_with - len_rep) * count + 1));
+            xResult = pdFALSE;
+        }
+        
+        if(xResult == pdTRUE){
+            // first time through the loop, all the variable are set correctly
+            // from here on,
+            //    tmp points to the end of the result string
+            //    ins points to the next occurrence of rep in orig
+            //    orig points to the remainder of orig after "end of rep"
+            while (count--) {
+                ins = strstr(orig, rep);
+                len_front = ins - orig;
+                tmp = strncpy(tmp, orig, len_front) + len_front;
+                tmp = strcpy(tmp, with) + len_with;
+                orig += len_front + len_rep; // move to next "end of rep"
+            }
+            strcpy(tmp, orig);
+            }
+    }
+    
+    return result;
+}
+
+/**
+ * @brief Formats the parsed certificate.
+ *
+ * This function replaces escaped newlines (\\n) in the certificate with newlines (\n) to ensure proper
+ * formatting.
+ *
+ * @param parsedCertificate Pointer to the buffer containing the parsed certificate.
+ * @return Pointer to a copy of the formatted certificate.
+ * 
+ * @note The caller of the function should ensure to free the memory
+ * allocated for the returned certificate.
+ *
+ */
+char * copyAndFormatCertificateForNVM(const char *parsedCertificate) {
+    
+    char * formatedCertificate = str_replace(parsedCertificate, "\\n", "\n");
+    return formatedCertificate;
+
+}
+
+/* Discovery Task*/
+void vGGDiscoveryTask( void * pvParameters )
+{
+	HTTPStatus_t xHTTPStatus = HTTPSuccess;
+	TlsTransportStatus_t xTlsStatus = TLS_TRANSPORT_CONNECT_FAILURE;
+    size_t uxTempSize = 0;
+
+	NetworkContext_t * pxNetworkContext = NULL;
+    LogInfo("Starting discovery");
+
+    PkiObject_t xPrivateKey = xPkiObjectFromLabel( TLS_KEY_PRV_LABEL );
+    PkiObject_t xClientCertificate = xPkiObjectFromLabel( TLS_CERT_LABEL );
+    PkiObject_t pxRootCaChain[ 1 ] = { xPkiObjectFromLabel( TLS_ROOT_CA_CERT_LABEL ) };
+
+    const char *endpoint = KVStore_getStringHeap( CS_CORE_MQTT_ENDPOINT, &uxTempSize );
+    uint16_t discovery_port = DISCOVERY_PORT;
+
+    GGDiscoveryContext *pGGContext = ( GGDiscoveryContext *) pvParameters;
+
+    /* Extract region from endPoint */
+    char *GGDisccoveryURL = (char *)pvPortMalloc(GG_DISCOVERY_URL_SIZE);
+    if (GGDisccoveryURL == NULL)
+    {
+        LogError( "Failed to allocate memory for GGDisccoveryURL." );
+        xHTTPStatus = HTTPInsufficientMemory;
+    }else
+    {
+        xHTTPStatus = create_discovery_url_from_endpoint(GGDisccoveryURL , endpoint);
+    }
+
+	pxNetworkContext = mbedtls_transport_allocate();
+
+	if( pxNetworkContext == NULL )
+	{
+		LogError( "Failed to allocate mbedtls transport context." );
+		xHTTPStatus = HTTPInsufficientMemory;
+	}
+
+	if( xHTTPStatus == HTTPSuccess )
+	{
+		  xTlsStatus = mbedtls_transport_configure( pxNetworkContext,
+												  pcAlpnProtocols,
+												  &xPrivateKey,
+												  &xClientCertificate,
+												  pxRootCaChain,
+												  1 );
+
+		  if( xTlsStatus != TLS_TRANSPORT_SUCCESS )
+		{
+			LogError( "Failed to configure mbedtls transport." );
+			xHTTPStatus = HTTPInvalidParameter;
+		}
+	}
+
+	xTlsStatus = TLS_TRANSPORT_UNKNOWN_ERROR;
+
+	if( xHTTPStatus == HTTPSuccess )
+	{
+
+		/* Block until the network interface is connected */
+		( void ) xEventGroupWaitBits( xSystemEvents,
+									  EVT_MASK_NET_CONNECTED,
+									  0x00,
+									  pdTRUE,
+									  portMAX_DELAY );
+
+		LogInfo( "Connecting to Greengrass discovery server %s:%d.",
+                                                GGDisccoveryURL, discovery_port );
+
+		xTlsStatus = mbedtls_transport_connect( pxNetworkContext,
+                                                GGDisccoveryURL,
+												discovery_port,
+												0, 0 );
+		if( xTlsStatus == TLS_TRANSPORT_SUCCESS ){
+			LogInfo( "Connected to HTTP server." );
+
+			HTTPRequestInfo_t requestInfo;
+			HTTPRequestHeaders_t requestHeaders;
+			HTTPResponse_t response;
+            uint8_t *responseBuffer = NULL;
+            TransportInterface_t transportInterface;
+            const char *thing_name;
+
+           ( void ) memset( &response, 0, sizeof( response ) );
+
+			/* Allocate memory for the header buffer on the heap. */
+            uint8_t *headerBuffer = ( uint8_t * ) pvPortMalloc( HEADER_BUFFER_LENGTH );
+            if ( headerBuffer == NULL )
+            {
+                LogError( "Failed to allocate memory for header buffer." );
+                xHTTPStatus = HTTPInsufficientMemory;
+            }
+
+            /* Initialize the HTTP request information. */
+            if ( xHTTPStatus == HTTPSuccess )
+            {
+                /* Get thing name from KVStore*/
+                thing_name = KVStore_getStringHeap( CS_CORE_THING_NAME, &uxTempSize );
+                if( thing_name == NULL || uxTempSize == 0 )
+                {
+                    LogError( "Invalid client identifier read from KVStore." );
+                    xHTTPStatus = HTTPInvalidParameter;
+                }
+            } 
+            
+            /* Initialize the HTTP request headers. */
+            if ( xHTTPStatus == HTTPSuccess )
+            {
+                char pathBuffer[PATH_BUFFER_LENGHT]; 
+                snprintf(pathBuffer, sizeof(pathBuffer), "/greengrass/discover/thing/%s", thing_name);
+
+                requestInfo.pHost = GGDisccoveryURL;
+                requestInfo.hostLen = strlen( GGDisccoveryURL );
+                requestInfo.pMethod = HTTP_METHOD_GET;
+                requestInfo.methodLen = strlen( HTTP_METHOD_GET );
+                requestInfo.pPath = pathBuffer;
+                requestInfo.pathLen = strlen(pathBuffer);
+            
+                requestHeaders.pBuffer = headerBuffer;
+                requestHeaders.bufferLen = HEADER_BUFFER_LENGTH;
+            
+                xHTTPStatus = HTTPClient_InitializeRequestHeaders( &requestHeaders, &requestInfo );
+                if ( xHTTPStatus != HTTPSuccess )
+                {
+                    LogError( "Failed to initialize HTTP request headers." );
+                }
+            }
+
+            /* Allocate memory for the response buffer on the heap. */
+            if ( xHTTPStatus == HTTPSuccess )
+            {
+                responseBuffer = ( uint8_t * ) pvPortMalloc( RESPONSE_BUFFER_LENGTH );
+                if ( responseBuffer == NULL )
+                {
+                    LogError( "Failed to allocate memory for response buffer." );
+                    xHTTPStatus = HTTPInsufficientMemory;
+                }
+            }
+
+            /* Send the HTTP GET request. */
+            if ( xHTTPStatus == HTTPSuccess )
+            {
+                /* Initialize the transport interface. */
+                transportInterface.pNetworkContext = pxNetworkContext;
+                transportInterface.send = transportSend;
+                transportInterface.recv = transportRecv;
+        
+                /* Initialize the HTTP response. */
+                response.pBuffer = responseBuffer;
+                response.bufferLen = RESPONSE_BUFFER_LENGTH;
+        
+                xHTTPStatus = HTTPClient_Send( &transportInterface, &requestHeaders,
+                                            NULL, 0, &response, 0 );
+                if ( xHTTPStatus != HTTPSuccess )
+                {
+                    LogError( ( "Failed to send HTTP request: Error=%s.",
+                                HTTPClient_strerror( xHTTPStatus ) ) );
+                }
+            }
+
+            /* Parse and write JSON reposne into the NVM */
+            if ( xHTTPStatus == HTTPSuccess )
+            {
+                /* Print the HTTP response. */
+                LogInfo( "HTTP Response: %.*s\n", ( int ) response.bodyLen, response.pBody );
+
+                /* Parse the JSON response */
+                char *p_parsedEndPoint = NULL;
+                char *p_parsedCertificate = NULL;
+                size_t parsedEndPointLen;
+                size_t parsedCertificateLen;
+                uint16_t mqttPort = 0;
+                BaseType_t xStatus = pdTRUE;
+
+                JSONStatus_t parseResult = parseGGDiscoveryResponse((const char *)response.pBody,
+                                                                response.bodyLen,
+                                                                &p_parsedEndPoint,
+                                                                &parsedEndPointLen,
+                                                                &p_parsedCertificate,
+                                                                &parsedCertificateLen,
+                                                                &mqttPort);
+
+                if (parseResult == JSONSuccess)
+                {
+                    LogDebug("Extracted mqtt endpoint: %.*s", parsedEndPointLen, p_parsedEndPoint);
+                    LogDebug("Extracted mqtt broker port: %d", mqttPort);
+                    LogDebug("Extracted certificate: %.*s", parsedCertificateLen, p_parsedCertificate);
+
+                    LogInfo("Successfully Parsed Json response");
+
+                    // Allocate memory and copy the parsed values
+                    char *endPointCopy = (char *)pvPortMalloc(parsedEndPointLen);
+                    char *certificateCopy = NULL;
+
+                    if (endPointCopy == NULL )
+                    {
+                        LogError("Memory allocation failed for endpoint.");
+                        xStatus = pdFALSE;
+                    }
+                    
+                    if( xStatus == pdTRUE ){
+
+                        /* Copy the parsed values to ensure the original JSON document remains unaltered if needed later */
+                        strncpy(endPointCopy, p_parsedEndPoint, parsedEndPointLen);
+
+                        /* Replace \\n newlines with actual \n newlines in certificate */
+                        certificateCopy = copyAndFormatCertificateForNVM(p_parsedCertificate);
+
+                        /* Write received GreenGrass config params into NVM */
+                        xStatus = Write_GG_config_into_NVM(certificateCopy,
+                                                            endPointCopy,
+                                                            mqttPort);
+                    }
+
+                    if(xStatus == pdTRUE)
+                    {
+                        LogInfo("Successfully stored GG config into NVM");
+                        pGGContext->ggDiscoverySuccess = true;
+                    }
+                    else{
+                        LogError("Failed to store GG config into NVM");
+                        pGGContext->ggDiscoverySuccess = false;
+                    }
+                
+                    vPortFree(endPointCopy);
+
+                    if(certificateCopy != NULL){
+                        vPortFree(certificateCopy);
+                    }
+                }
+                else
+                {
+                    LogError("Failed to parse JSON response with error code: %d", parseResult);
+                }
+            }
+
+            /* Free the allocated memory for the header buffer. */
+            if (headerBuffer != NULL) {
+                vPortFree(headerBuffer);
+            }
+            /* Free the allocated memory for the response buffer. */
+            if (responseBuffer != NULL)
+            {
+                vPortFree( responseBuffer );
+            }
+        }
+		else
+		{
+			LogError( "Failed to connect to http server." );
+		}
+	}
+    if( pxNetworkContext != NULL )
+    {
+        
+        mbedtls_transport_disconnect( pxNetworkContext );
+        mbedtls_transport_free( pxNetworkContext );
+        pxNetworkContext = NULL;
+        ( void ) xEventGroupClearBits( xSystemEvents, EVT_MASK_MQTT_AGENT_FINISHED );
+    }
+    if(GGDisccoveryURL != NULL){
+        vPortFree (GGDisccoveryURL);
+    }
+    LogInfo("Greengrass Discovery done");
+
+    xEventGroupSetBits(xSystemEvents, EVT_MASK_GG_DISCOVERY_PERFORMED);
+
+    LogInfo("Terminating GGDiscovery Task.");
+
+	vTaskDelete( NULL );
+}
diff --git a/Common/app/greengrass/greengrass_discovery_task.h b/Common/app/greengrass/greengrass_discovery_task.h
new file mode 100644
index 000000000..c7adb75ca
--- /dev/null
+++ b/Common/app/greengrass/greengrass_discovery_task.h
@@ -0,0 +1,15 @@
+#ifndef _GREENGRASS_DISCOVERY_TASK_H_
+#define _GREENGRASS_DISCOVERY_TASK_H_
+
+#include "FreeRTOS.h"
+#include <stdbool.h>
+
+typedef struct
+{
+    bool ggDiscoverySuccess;        /* Boolean flag indicating if the GG Discovery was successful */
+} GGDiscoveryContext;
+
+void vGGDiscoveryTask( void * pvParameters );
+
+
+#endif /* ifndef _GREENGRASS_DISCOVERY_TASK_H_ */
diff --git a/Common/app/greengrass/x509_crt_ip_addr_san_verif.patch b/Common/app/greengrass/x509_crt_ip_addr_san_verif.patch
new file mode 100644
index 000000000..7cfdd68e8
--- /dev/null
+++ b/Common/app/greengrass/x509_crt_ip_addr_san_verif.patch
@@ -0,0 +1,271 @@
+diff --git a/Middleware/ARM/mbedtls/library/x509_crt.c b/Middleware/ARM/mbedtls/library/x509_crt.c
+index c8654445dd..7b90a4858f 100644
+--- a/Middleware/ARM/mbedtls/library/x509_crt.c
++++ b/Middleware/ARM/mbedtls/library/x509_crt.c
+@@ -2996,9 +2996,258 @@ static int x509_crt_check_cn( const mbedtls_x509_buf *name,
+     return( -1 );
+ }
+ 
++#ifdef MBEDTLS_CUSTOM_SAN_IP_VERIF
++ /* Use whether or not AF_INET6 is defined to indicate whether or not to use
++ * the platform inet_pton() or a local implementation (below).  The local
++ * implementation may be used even in cases where the platform provides
++ * inet_pton(), e.g. when there are different includes required and/or the
++ * platform implementation requires dependencies on additional libraries.
++ * Specifically, Windows requires custom includes and additional link
++ * dependencies, and Solaris requires additional link dependencies.
++ * Also, as a coarse heuristic, use the local implementation if the compiler
++ * does not support __has_include(), or if the definition of AF_INET6 is not
++ * provided by headers included (or not) via __has_include() above.
++ * MBEDTLS_TEST_SW_INET_PTON is a bypass define to force testing of this code //no-check-names
++ * despite having a platform that has inet_pton. */
++#if !defined(AF_INET6) || defined(MBEDTLS_TEST_SW_INET_PTON) //no-check-names
++/* Definition located further below to possibly reduce compiler inlining */
++static int x509_inet_pton_ipv4(const char *src, void *dst);
++
++#define li_cton(c, n) \
++    (((n) = (c) - '0') <= 9 || (((n) = ((c)&0xdf) - 'A') <= 5 ? ((n) += 10) : 0))
++
++static int x509_inet_pton_ipv6(const char *src, void *dst)
++{
++    const unsigned char *p = (const unsigned char *) src;
++    int nonzero_groups = 0, num_digits, zero_group_start = -1;
++    uint16_t addr[8];
++    do {
++        /* note: allows excess leading 0's, e.g. 1:0002:3:... */
++        uint16_t group = num_digits = 0;
++        for (uint8_t digit; num_digits < 4; num_digits++) {
++            if (li_cton(*p, digit) == 0) {
++                break;
++            }
++            group = (group << 4) | digit;
++            p++;
++        }
++        if (num_digits != 0) {
++            MBEDTLS_PUT_UINT16_BE(group, addr, nonzero_groups);
++            nonzero_groups++;
++            if (*p == '\0') {
++                break;
++            } else if (*p == '.') {
++                /* Don't accept IPv4 too early or late */
++                if ((nonzero_groups == 0 && zero_group_start == -1) ||
++                    nonzero_groups >= 7) {
++                    break;
++                }
++
++                /* Walk back to prior ':', then parse as IPv4-mapped */
++                int steps = 4;
++                do {
++                    p--;
++                    steps--;
++                } while (*p != ':' && steps > 0);
++
++                if (*p != ':') {
++                    break;
++                }
++                p++;
++                nonzero_groups--;
++                if (x509_inet_pton_ipv4((const char *) p,
++                                        addr + nonzero_groups) != 0) {
++                    break;
++                }
++
++                nonzero_groups += 2;
++                p = (const unsigned char *) "";
++                break;
++            } else if (*p != ':') {
++                return -1;
++            }
++        } else {
++            /* Don't accept a second zero group or an invalid delimiter */
++            if (zero_group_start != -1 || *p != ':') {
++                return -1;
++            }
++            zero_group_start = nonzero_groups;
++
++            /* Accept a zero group at start, but it has to be a double colon */
++            if (zero_group_start == 0 && *++p != ':') {
++                return -1;
++            }
++
++            if (p[1] == '\0') {
++                ++p;
++                break;
++            }
++        }
++        ++p;
++    } while (nonzero_groups < 8);
++
++    if (*p != '\0') {
++        return -1;
++    }
++
++    if (zero_group_start != -1) {
++        if (nonzero_groups > 6) {
++            return -1;
++        }
++        int zero_groups = 8 - nonzero_groups;
++        int groups_after_zero = nonzero_groups - zero_group_start;
++
++        /* Move the non-zero part to after the zeroes */
++        if (groups_after_zero) {
++            memmove(addr + zero_group_start + zero_groups,
++                    addr + zero_group_start,
++                    groups_after_zero * sizeof(*addr));
++        }
++        memset(addr + zero_group_start, 0, zero_groups * sizeof(*addr));
++    } else {
++        if (nonzero_groups != 8) {
++            return -1;
++        }
++    }
++    memcpy(dst, addr, sizeof(addr));
++    return 0;
++}
++
++static int x509_inet_pton_ipv4(const char *src, void *dst)
++{
++    const unsigned char *p = (const unsigned char *) src;
++    uint8_t *res = (uint8_t *) dst;
++    uint8_t digit, num_digits = 0;
++    uint8_t num_octets = 0;
++    uint16_t octet;
++
++    do {
++        octet = num_digits = 0;
++        do {
++            digit = *p - '0';
++            if (digit > 9) {
++                break;
++            }
++
++            /* Don't allow leading zeroes. These might mean octal format,
++             * which this implementation does not support. */
++            if (octet == 0 && num_digits > 0) {
++                return -1;
++            }
++
++            octet = octet * 10 + digit;
++            num_digits++;
++            p++;
++        } while (num_digits < 3);
++
++        if (octet >= 256 || num_digits > 3 || num_digits == 0) {
++            return -1;
++        }
++        *res++ = (uint8_t) octet;
++        num_octets++;
++    } while (num_octets < 4 && *p++ == '.');
++    return num_octets == 4 && *p == '\0' ? 0 : -1;
++}
++
++#else
++
++static int x509_inet_pton_ipv6(const char *src, void *dst)
++{
++    return inet_pton(AF_INET6, src, dst) == 1 ? 0 : -1;
++}
++
++static int x509_inet_pton_ipv4(const char *src, void *dst)
++{
++    return inet_pton(AF_INET, src, dst) == 1 ? 0 : -1;
++}
++
++#endif /* !AF_INET6 || MBEDTLS_TEST_SW_INET_PTON */ //no-check-names
++
++size_t mbedtls_x509_crt_parse_cn_inet_pton(const char *cn, void *dst)
++{
++    return strchr(cn, ':') == NULL
++            ? x509_inet_pton_ipv4(cn, dst) == 0 ? 4 : 0
++            : x509_inet_pton_ipv6(cn, dst) == 0 ? 16 : 0;
++}
++
++static int x509_crt_check_san_ip(const mbedtls_x509_sequence *san,
++                                 const char *cn, size_t cn_len)
++{
++    uint32_t ip[4];
++    cn_len = mbedtls_x509_crt_parse_cn_inet_pton(cn, ip);
++    if (cn_len == 0) {
++        return -1;
++    }
++
++    for (const mbedtls_x509_sequence *cur = san; cur != NULL; cur = cur->next) {
++        const unsigned char san_type = (unsigned char) cur->buf.tag &
++                                       MBEDTLS_ASN1_TAG_VALUE_MASK;
++        if (san_type == MBEDTLS_X509_SAN_IP_ADDRESS &&
++            cur->buf.len == cn_len && memcmp(cur->buf.p, ip, cn_len) == 0) {
++            return 0;
++        }
++    }
++
++    return -1;
++}
++
++static int x509_crt_check_san_uri(const mbedtls_x509_sequence *san,
++                                  const char *cn, size_t cn_len)
++{
++    for (const mbedtls_x509_sequence *cur = san; cur != NULL; cur = cur->next) {
++        const unsigned char san_type = (unsigned char) cur->buf.tag &
++                                       MBEDTLS_ASN1_TAG_VALUE_MASK;
++        if (san_type == MBEDTLS_X509_SAN_UNIFORM_RESOURCE_IDENTIFIER &&
++            cur->buf.len == cn_len && memcmp(cur->buf.p, cn, cn_len) == 0) {
++            return 0;
++        }
++    }
++
++    return -1;
++}
++
+ /*
+  * Check for SAN match, see RFC 5280 Section 4.2.1.6
+  */
++
++static int x509_crt_check_san(const mbedtls_x509_sequence *san,
++                              const char *cn, size_t cn_len)
++{
++    int san_ip = 0;
++    int san_uri = 0;
++    /* Prioritize DNS name over other subtypes due to popularity */
++    for (const mbedtls_x509_sequence *cur = san; cur != NULL; cur = cur->next) {
++        switch ((unsigned char) cur->buf.tag & MBEDTLS_ASN1_TAG_VALUE_MASK) {
++            case MBEDTLS_X509_SAN_DNS_NAME:
++                if (x509_crt_check_cn(&cur->buf, cn, cn_len) == 0) {
++                    return 0;
++                }
++                break;
++            case MBEDTLS_X509_SAN_IP_ADDRESS:
++                san_ip = 1;
++                break;
++            case MBEDTLS_X509_SAN_UNIFORM_RESOURCE_IDENTIFIER:
++                san_uri = 1;
++                break;
++            /* (We may handle other types here later.) */
++            default: /* Unrecognized type */
++                break;
++        }
++    }
++    if (san_ip) {
++        if (x509_crt_check_san_ip(san, cn, cn_len) == 0) {
++            return 0;
++        }
++    }
++    if (san_uri) {
++        if (x509_crt_check_san_uri(san, cn, cn_len) == 0) {
++            return 0;
++        }
++    }
++
++    return -1;
++}
++#else
+ static int x509_crt_check_san( const mbedtls_x509_buf *name,
+                                const char *cn, size_t cn_len )
+ {
+@@ -3014,6 +3263,7 @@ static int x509_crt_check_san( const mbedtls_x509_buf *name,
+     /* Unrecognized type */
+     return( -1 );
+ }
++#endif /* MBEDTLS_CUSTOM_SAN_IP_VERIF */
+ 
+ /*
+  * Verify the requested CN - only call this if cn is not NULL!
diff --git a/Common/app/mqtt/mqtt_agent_task.c b/Common/app/mqtt/mqtt_agent_task.c
index 10e2deb34..56146e7fb 100644
--- a/Common/app/mqtt/mqtt_agent_task.c
+++ b/Common/app/mqtt/mqtt_agent_task.c
@@ -119,6 +119,8 @@ static_assert( ( ( uint64_t ) RETRY_BACKOFF_MULTIPLIER * ( uint64_t ) RETRY_MAX_
 
 #define MUTEX_IS_OWNED( xHandle )    ( xTaskGetCurrentTaskHandle() == xSemaphoreGetMutexHolder( xHandle ) )
 
+#define GG_DISCOVERY_TIMEOUT_MS                 20000
+
 struct MQTTAgentMessageContext
 {
     QueueHandle_t xQueue;
@@ -822,7 +824,9 @@ static void prvFreeAgentTaskCtx( MQTTAgentTaskCtx_t * pxCtx )
 static MQTTStatus_t prvConfigureAgentTaskCtx( MQTTAgentTaskCtx_t * pxCtx,
                                               NetworkContext_t * pxNetworkContext,
                                               uint8_t * pucNetworkBuffer,
-                                              size_t uxNetworkBufferLen )
+                                              size_t uxNetworkBufferLen,
+                                              KVStoreKey_t endpointLabel,
+                                              KVStoreKey_t portLabel)
 {
     BaseType_t xSuccess = pdTRUE;
     MQTTStatus_t xStatus = MQTTSuccess;
@@ -910,7 +914,7 @@ static MQTTStatus_t prvConfigureAgentTaskCtx( MQTTAgentTaskCtx_t * pxCtx,
 
     if( xStatus == MQTTSuccess )
     {
-        pxCtx->pcMqttEndpoint = KVStore_getStringHeap( CS_CORE_MQTT_ENDPOINT,
+        pxCtx->pcMqttEndpoint = KVStore_getStringHeap( endpointLabel,
                                                        &( pxCtx->uxMqttEndpointLen ) );
 
         if( ( pxCtx->uxMqttEndpointLen == 0 ) ||
@@ -923,7 +927,7 @@ static MQTTStatus_t prvConfigureAgentTaskCtx( MQTTAgentTaskCtx_t * pxCtx,
 
     if( xStatus == MQTTSuccess )
     {
-        pxCtx->ulMqttPort = KVStore_getUInt32( CS_CORE_MQTT_PORT, &( xSuccess ) );
+        pxCtx->ulMqttPort = KVStore_getUInt32( portLabel, &( xSuccess ) );
 
         if( ( pxCtx->ulMqttPort == 0 ) ||
             ( xSuccess == pdFALSE ) )
@@ -965,10 +969,13 @@ void vMQTTAgentTask( void * pvParameters )
     uint8_t * pucNetworkBuffer = NULL;
     NetworkContext_t * pxNetworkContext = NULL;
     uint16_t usNextRetryBackOff = 0U;
+    MQTTConnectionContext_t *connectionParams = (MQTTConnectionContext_t *)pvParameters;
 
     PkiObject_t xPrivateKey = xPkiObjectFromLabel( TLS_KEY_PRV_LABEL );
     PkiObject_t xClientCertificate = xPkiObjectFromLabel( TLS_CERT_LABEL );
-    PkiObject_t pxRootCaChain[ 1 ] = { xPkiObjectFromLabel( TLS_ROOT_CA_CERT_LABEL ) };
+    PkiObject_t pxRootCaChain[ 1 ] = { xPkiObjectFromLabel( connectionParams->caLabel ) };
+    KVStoreKey_t portLabel = connectionParams->portLabel;
+    KVStoreKey_t endpointLabel = connectionParams->endpointLabel;
 
     ( void ) pvParameters;
 
@@ -1019,7 +1026,9 @@ void vMQTTAgentTask( void * pvParameters )
         {
             xMQTTStatus = prvConfigureAgentTaskCtx( pxCtx, pxNetworkContext,
                                                     pucNetworkBuffer,
-                                                    MQTT_AGENT_NETWORK_BUFFER_SIZE );
+                                                    MQTT_AGENT_NETWORK_BUFFER_SIZE,
+                                                    endpointLabel,
+                                                    portLabel);
         }
         else
         {
@@ -1051,7 +1060,6 @@ void vMQTTAgentTask( void * pvParameters )
         else
         {
             ( void ) xEventGroupSetBits( xSystemEvents, EVT_MASK_MQTT_INIT );
-            xDefaultInstanceHandle = &( pxCtx->xAgentContext );
         }
     }
 
@@ -1083,7 +1091,7 @@ void vMQTTAgentTask( void * pvParameters )
         BackoffAlgorithm_InitializeParams( &xReconnectParams,
                                            RETRY_BACKOFF_BASE,
                                            RETRY_MAX_BACKOFF_DELAY,
-                                           BACKOFF_ALGORITHM_RETRY_FOREVER );
+                                           connectionParams->maxBackoffAttempts);
 
         xTlsStatus = TLS_TRANSPORT_UNKNOWN_ERROR;
 
@@ -1148,6 +1156,7 @@ void vMQTTAgentTask( void * pvParameters )
             if( ( xMQTTStatus == MQTTSuccess ) &&
                 ( pxCtx->xConnectInfo.cleanSession == false ) )
             {
+                connectionParams->mqttAgentConnected = true;
                 configASSERT_CONTINUE( MUTEX_IS_OWNED( pxCtx->xSubMgrCtx.xMutex ) );
                 LogInfo( "Resuming persistent MQTT Session." );
 
@@ -1177,6 +1186,7 @@ void vMQTTAgentTask( void * pvParameters )
             }
             else if( xMQTTStatus == MQTTSuccess )
             {
+                connectionParams->mqttAgentConnected = true;
                 configASSERT_CONTINUE( MUTEX_IS_OWNED( pxCtx->xSubMgrCtx.xMutex ) );
 
                 LogInfo( "Starting a clean MQTT Session." );
@@ -1187,6 +1197,7 @@ void vMQTTAgentTask( void * pvParameters )
             }
             else
             {
+                connectionParams->mqttAgentConnected = false;
                 LogError( "Failed to connect to mqtt broker." );
             }
 
@@ -1203,6 +1214,7 @@ void vMQTTAgentTask( void * pvParameters )
 
         if( xMQTTStatus == MQTTSuccess )
         {
+            xDefaultInstanceHandle = &( pxCtx->xAgentContext );
             ( void ) xEventGroupSetBits( xSystemEvents, EVT_MASK_MQTT_CONNECTED );
 
             /* Reset backoff timer */
@@ -1275,7 +1287,7 @@ void vMQTTAgentTask( void * pvParameters )
     }
 
     ( void ) xEventGroupClearBits( xSystemEvents, EVT_MASK_MQTT_INIT | EVT_MASK_MQTT_CONNECTED );
-
+    xEventGroupSetBits(xSystemEvents, EVT_MASK_MQTT_AGENT_FINISHED);
     LogError( "Terminating MqttAgentTask." );
 
     vTaskDelete( NULL );
diff --git a/Common/app/mqtt/mqtt_agent_task.h b/Common/app/mqtt/mqtt_agent_task.h
index ec553d521..6156b797d 100644
--- a/Common/app/mqtt/mqtt_agent_task.h
+++ b/Common/app/mqtt/mqtt_agent_task.h
@@ -3,9 +3,18 @@
 
 #include "FreeRTOS.h"
 #include <stdbool.h>
+#include "kvstore_config.h"
 
 struct MQTTAgentTaskCtx;
 typedef struct MQTTAgentContext * MQTTAgentHandle_t;
+typedef struct
+{
+    KVStoreKey_t endpointLabel;         /* Label for the MQTT endpoint */
+    const char *caLabel;                /* Label for the Certificate Authority */
+    KVStoreKey_t portLabel;             /* Label for the port used for the MQTT connection */
+    uint32_t maxBackoffAttempts;        /* Maximum number of backoff attempts for reconnection */
+    bool mqttAgentConnected;            /* Boolean flag indicating if the MQTT agent is connected */
+} MQTTConnectionContext_t;
 
 MQTTAgentHandle_t xGetMqttAgentHandle( void );
 
diff --git a/Common/app/mqtt/mqtt_connection_task.c b/Common/app/mqtt/mqtt_connection_task.c
new file mode 100644
index 000000000..38798a4d9
--- /dev/null
+++ b/Common/app/mqtt/mqtt_connection_task.c
@@ -0,0 +1,144 @@
+/**
+  ******************************************************************************
+  * @file           : mqtt_connection_task.c
+  * @brief          : Task implementation of the MQTT connection state machine
+  ******************************************************************************
+  * @attention
+  *
+  * Copyright (c) 2025 STMicroelectronics.
+  * All rights reserved.
+  *
+  * This software is licensed under terms that can be found in the LICENSE file
+  * in the root directory of this software component.
+  * If no LICENSE file comes with this software, it is provided AS-IS.
+  *
+  ******************************************************************************
+  */
+#include "logging_levels.h"
+#define LOG_LEVEL    LOG_INFO
+#include "logging.h"
+
+#include "mqtt_agent_task.h"
+#include "greengrass_discovery_task.h"
+#include "mqtt_connection_task.h"
+#include "tls_transport_config.h"
+#include "sys_evt.h"
+#include "backoff_algorithm.h"
+
+/**
+ * Maximum number of attempts to reconnect to the GreenGrass core device
+ * before attempting a Greengrass discovery.
+ */
+#define MAX_GG_FIRST_CONNECTION_ATTEMPTS        2
+
+/**
+ * Maximum number of attempts to reconnect to the GreenGrass core device
+ * before connecting to the cloud.
+ */
+#define MAX_GG_CONNECTION_ATTEMPTS              5
+
+#define MQTT_AGENT_TASK_PRIORITY                11
+#define GG_DISCOVERY_TASK_PRIORITY              11
+
+extern void vMQTTAgentTask( void * pvParameters);
+extern void vGGDiscoveryTask( void * pvParameters);
+
+static void setGGConnectionContext( MQTTConnectionContext_t *ConnectionConext,  uint32_t maxBackOffAttempts )
+{
+    ConnectionConext->endpointLabel = CS_CORE_GG_ENDPOINT;
+    ConnectionConext->portLabel = CS_CORE_GG_PORT;
+    ConnectionConext->caLabel = TLS_ROOT_GG_CA_CERT_LABEL;
+    ConnectionConext->maxBackoffAttempts = maxBackOffAttempts;
+    ConnectionConext->mqttAgentConnected = false;
+}
+
+static void setCloudConnectionContext( MQTTConnectionContext_t *ConnectionConext, uint32_t maxBackOffAttempts )
+{
+    ConnectionConext->endpointLabel = CS_CORE_MQTT_ENDPOINT;
+    ConnectionConext->portLabel = CS_CORE_MQTT_PORT;
+    ConnectionConext->caLabel = TLS_ROOT_CA_CERT_LABEL;
+    ConnectionConext->maxBackoffAttempts = maxBackOffAttempts;
+    ConnectionConext->mqttAgentConnected = false;
+}
+
+void vMQTTConnectionTask( void * pvParameters ){
+    BaseType_t xResult;
+
+    MQTTConnectionContext_t ConnectionCtx;
+    GGDiscoveryContext xGGContext;
+    
+    setGGConnectionContext(&ConnectionCtx, MAX_GG_FIRST_CONNECTION_ATTEMPTS);
+
+    LogInfo("Connecting to Greengrass Core device using NVM config");
+    xResult = xTaskCreate( vMQTTAgentTask, "MQTTAgent", 1024, &ConnectionCtx, MQTT_AGENT_TASK_PRIORITY, NULL );
+    configASSERT( xResult == pdTRUE );
+
+    ( void ) xEventGroupWaitBits( xSystemEvents,
+                                EVT_MASK_MQTT_AGENT_FINISHED,
+                                0x00,
+                                pdTRUE,
+                                portMAX_DELAY );
+
+    /* Attempt Greengrass discovery if direct connection fails */
+    if (ConnectionCtx.mqttAgentConnected == false)
+    {
+        LogWarn( "Connection to Greengrass Core device using NVM config failed. Initiating GreenGrass discovery." );
+
+        /* Attempt Greengrass discovery connection */ 
+        xResult = xTaskCreate( vGGDiscoveryTask, "GGDiscovery", 1024, &xGGContext, GG_DISCOVERY_TASK_PRIORITY , NULL );
+        configASSERT( xResult == pdTRUE );
+
+        ( void ) xEventGroupWaitBits( xSystemEvents,
+                                EVT_MASK_GG_DISCOVERY_PERFORMED,
+                                0x00,
+                                pdTRUE,
+                                portMAX_DELAY );
+
+        /* If GG Discovery successful, attempt connection to the GG core device */
+        if( xGGContext.ggDiscoverySuccess == true ){
+            LogInfo("Greengrass Discovery succeeded. Connecting to Greengrass Core device");
+            setGGConnectionContext(&ConnectionCtx, MAX_GG_CONNECTION_ATTEMPTS);
+
+            xResult = xTaskCreate( vMQTTAgentTask, "MQTTAgent", 1024, &ConnectionCtx, MQTT_AGENT_TASK_PRIORITY, NULL );
+            configASSERT( xResult == pdTRUE );
+
+            ( void ) xEventGroupWaitBits( xSystemEvents,
+                                    EVT_MASK_MQTT_AGENT_FINISHED,
+                                    0x00,
+                                    pdTRUE,
+                                    portMAX_DELAY );
+
+            /* If connection to the GG Core device failed, connect to Cloud */
+            if (ConnectionCtx.mqttAgentConnected == false){
+                LogWarn("Connection to Greengrass failed. Connecting to Cloud");
+                setCloudConnectionContext(&ConnectionCtx, BACKOFF_ALGORITHM_RETRY_FOREVER);
+
+                xResult = xTaskCreate( vMQTTAgentTask, "MQTTAgent", 1024, &ConnectionCtx, MQTT_AGENT_TASK_PRIORITY, NULL );
+                configASSERT( xResult == pdTRUE );
+
+                ( void ) xEventGroupWaitBits( xSystemEvents,
+                                        EVT_MASK_MQTT_AGENT_FINISHED,
+                                        0x00,
+                                        pdTRUE,
+                                        portMAX_DELAY );
+            }
+        }
+        /* If GG Discovery failed, connect to Cloud */
+        else
+        {
+            LogWarn("Greengrass Discovery failed. Connecting to Cloud");
+            setCloudConnectionContext(&ConnectionCtx, BACKOFF_ALGORITHM_RETRY_FOREVER);
+
+            xResult = xTaskCreate( vMQTTAgentTask, "MQTTAgent", 1024, &ConnectionCtx, MQTT_AGENT_TASK_PRIORITY, NULL );
+            configASSERT( xResult == pdTRUE );
+
+            ( void ) xEventGroupWaitBits( xSystemEvents,
+                                    EVT_MASK_MQTT_AGENT_FINISHED,
+                                    0x00,
+                                    pdTRUE,
+                                    portMAX_DELAY );
+        }
+    }
+    LogInfo( "Terminating MqttConnecionTask." );
+    vTaskDelete(NULL);
+}
diff --git a/Common/app/mqtt/mqtt_connection_task.h b/Common/app/mqtt/mqtt_connection_task.h
new file mode 100644
index 000000000..8e4069410
--- /dev/null
+++ b/Common/app/mqtt/mqtt_connection_task.h
@@ -0,0 +1,9 @@
+#ifndef _MQTT_CONNECTION_TASK_H_
+#define _MQTT_CONNECTION_TASK_H_
+
+#include "FreeRTOS.h"
+
+void vMQTTConnectionTask( void * pvParameters );
+
+
+#endif /* ifndef _MQTT_CONNECTION_TASK_H_ */
diff --git a/Common/config/kvstore_config.h b/Common/config/kvstore_config.h
index 442ea88bd..75d9ff0fa 100644
--- a/Common/config/kvstore_config.h
+++ b/Common/config/kvstore_config.h
@@ -35,7 +35,9 @@ typedef enum KvStoreEnum
 {
     CS_CORE_THING_NAME,
     CS_CORE_MQTT_ENDPOINT,
+    CS_CORE_GG_ENDPOINT,
     CS_CORE_MQTT_PORT,
+    CS_CORE_GG_PORT,
     CS_WIFI_SSID,
     CS_WIFI_CREDENTIAL,
     CS_TIME_HWM_S_1970,
@@ -81,10 +83,18 @@ typedef enum KvStoreEnum
     #define MQTT_ENDPOINT_DFLT    ""
 #endif /* !defined ( MQTT_ENDPOINT_DFLT ) */
 
+#if !defined( GG_ENDPOINT_DFLT )
+#define GG_ENDPOINT_DFLT    ""
+#endif /* !defined ( GG_ENDPOINT_DFLT ) */
+
 #if !defined( MQTT_PORT_DFLT )
     #define MQTT_PORT_DFLT    8883
 #endif /* !defined ( MQTT_PORT_DFLT ) */
 
+#if !defined( GG_PORT_DFLT )
+#define GG_PORT_DFLT    8883
+#endif /* !defined ( GG_PORT_DFLT ) */
+
 #if !defined( WIFI_SSID_DFLT )
     #define WIFI_SSID_DFLT    ""
 #endif /* !defined ( WIFI_SSID_DFLT ) */
@@ -103,7 +113,9 @@ typedef enum KvStoreEnum
     {                      \
         "thing_name",      \
         "mqtt_endpoint",   \
+        "gg_endpoint",     \
         "mqtt_port",       \
+        "gg_port",         \
         "wifi_ssid",       \
         "wifi_credential", \
         "time_hwm"         \
@@ -113,7 +125,9 @@ typedef enum KvStoreEnum
     {                                                                              \
         KV_DFLT( KV_TYPE_STRING, THING_NAME_DFLT ),    /* CS_CORE_THING_NAME */    \
         KV_DFLT( KV_TYPE_STRING, MQTT_ENDPOINT_DFLT ), /* CS_CORE_MQTT_ENDPOINT */ \
+        KV_DFLT( KV_TYPE_STRING, GG_ENDPOINT_DFLT ),   /* CS_CORE_GG_ENDPOINT */   \
         KV_DFLT( KV_TYPE_UINT32, MQTT_PORT_DFLT ),     /* CS_CORE_MQTT_PORT */     \
+        KV_DFLT( KV_TYPE_UINT32, GG_PORT_DFLT ),       /* CS_CORE_GG_PORT */       \
         KV_DFLT( KV_TYPE_STRING, WIFI_SSID_DFLT ),     /* CS_WIFI_SSID */          \
         KV_DFLT( KV_TYPE_STRING, WIFI_PASSWORD_DFLT ), /* CS_WIFI_CREDENTIAL */    \
         KV_DFLT( KV_TYPE_UINT32, 0 ),                  /* CS_TIME_HWM_S_1970 */    \
diff --git a/Common/include/sys_evt.h b/Common/include/sys_evt.h
index b1e6cebad..c766e7e92 100644
--- a/Common/include/sys_evt.h
+++ b/Common/include/sys_evt.h
@@ -35,6 +35,8 @@
 #define EVT_MASK_NET_CONNECTED     0x04
 #define EVT_MASK_MQTT_INIT         0x08
 #define EVT_MASK_MQTT_CONNECTED    0x10
+#define EVT_MASK_GG_DISCOVERY_PERFORMED      0X100
+#define EVT_MASK_MQTT_AGENT_FINISHED         0X200
 
 extern EventGroupHandle_t xSystemEvents;
 
diff --git a/Documentation/Pictures/CLI.png b/Documentation/Pictures/CLI.png
new file mode 100644
index 000000000..bcc17d50c
Binary files /dev/null and b/Documentation/Pictures/CLI.png differ
diff --git a/Documentation/Pictures/mqtt_agent_sequence_diagram.png b/Documentation/Pictures/mqtt_agent_sequence_diagram.png
new file mode 100644
index 000000000..47802d888
Binary files /dev/null and b/Documentation/Pictures/mqtt_agent_sequence_diagram.png differ
diff --git a/Documentation/Pictures/mqtt_agent_sequence_diagram_alternative.png b/Documentation/Pictures/mqtt_agent_sequence_diagram_alternative.png
new file mode 100644
index 000000000..0ab97684c
Binary files /dev/null and b/Documentation/Pictures/mqtt_agent_sequence_diagram_alternative.png differ
diff --git a/Documentation/Pictures/sequence_diagram.png b/Documentation/Pictures/sequence_diagram.png
new file mode 100644
index 000000000..49fa41181
Binary files /dev/null and b/Documentation/Pictures/sequence_diagram.png differ
diff --git a/Documentation/Pictures/state_machine.png b/Documentation/Pictures/state_machine.png
new file mode 100644
index 000000000..bf6ec38d1
Binary files /dev/null and b/Documentation/Pictures/state_machine.png differ
diff --git a/Documentation/Readme.md b/Documentation/Readme.md
new file mode 100644
index 000000000..9a1a9c28a
--- /dev/null
+++ b/Documentation/Readme.md
@@ -0,0 +1,104 @@
+# Greengrass Discovery
+
+## Overview
+
+The Greengrass Discovery feature is designed to implement the discovery and establish a connection to a Greengrass core device. It implements the necessary functionalities: 
+- sending HTTP discovery request
+- parsing JSON response
+- storing parsed values in Non-Volatile Memory (NVM)
+- establishing a connection to the Greengrass core device using the stored configuration.
+
+## Project File Structure
+
+Below is the file structure of the added files related to the AWS Greengrass discovery feature:   
+
+Common/                                    
+├── app
+│   ├── greengrass
+│   │   ├── greengrass_discovery_task.c            
+│   │   ├── greengrass_discovery_task.h
+│   │   ├── x509_crt_ip_addr_san_verif.patch
+│   ├── mqtt
+│   │   ├── mqtt_connection_task.c
+│   │   ├── mqtt_connection_task.h
+
+## Global Sequence Diagram
+The global sequence diagram below illustrates the overall process:
+
+![alt text](Pictures/sequence_diagram.png)
+
+
+## Certificate Generation and Import Process
+
+To successfully establish a secure connection with AWS Greengrass, it is essential to generate a Certificate Signing Request (CSR) using the `pki generate csr <label>` command, have it signed by AWS, and import the resulting certificate into the H5 device. Using a self-signed certificate will result in a `close_notify` error during the TLS connection.
+
+## mbedTLS Middleware Modifications
+
+To avoid the bad_certificate error while connecting to the Greengrass core device, a patch was made to the mbedTLS middleware, specifically in the `x509_crt.c` file. The existing mbedTLS middleware (version 3.1.1) lacked support for verifying IP addresses in the SAN field of x509 certificates. These changes enable custom Subject Alternative Name (SAN) verification for IP addresses, providing a solution that accommodates the current version of the middleware and avoids conflicts with newer API changes.
+This modification ensures that IP addresses are correctly validated, thereby preventing `bad_certificate` errors during the TLS handshake with Greengrass core devices.
+- A macro `MBEDTLS_CUSTOM_SAN_IP_VERIF` was added to the mbedTLS configuration file to activate the custom SAN verification feature.  
+The current implementation is inspired by mbedTLS v3.5.0
+
+## mbedTLS configuration file
+Modifications were made to the `mbedtls_config_ntz.h` configuration file to enable RSA cipher suites. This change was crucial to prevent the `no cipher suites in common` error during the TLS handshake with the Greengrass core device. The modified parts are marked with the comment "Enable for greengrass" to make it easier to enable them.
+
+The RSA cipher suites are necessary for both the Discovery and the connection to the Greengrass core device.
+
+Additionally, it is essential to use the `Amazon Root CA 1` certificate, which provides 2048-bit RSA security. This certificate should be imported into the `root_ca_cert` to ensure connection with the cipher suite used.
+
+## Features
+
+### Discovery Request
+
+- **HTTP Discovery Request:** Utilizes the HTTP client `coreHTTP` library to send HTTP discovery requests.
+  - **Submodule Integration:** The `llhttp` is a necessary dependency that was added as a submodule to the project. To initialize and fetch the submodule after cloning the repository, use the following command: `git submodule update --init`.
+  - **Endpoint Construction:** Constructs the discovery URL from the existing AWS endpoint stored in NVM. For example:
+    - AWS endpoint: `**********-ats.iot.region.amazonaws.com`
+    - Constructed Discovery endpoint: `greengrass-ats.iot.region.amazonaws.com`
+  - This approach eliminates the need to store another endpoint for the Greengrass discovery feature, as only the region is required for the discovery URL.
+
+- **TLS Connection Establishment:** 
+  - Establishes a secure TLS connection to `greengrass-ats.iot.region.amazonaws.com` on port `8443`.
+  - Sends the HTTP discovery request to `https://greengrass-ats.iot.region.amazonaws.com:8443/greengrass/discover/thing/thing-name` once the connection is established.
+
+- **Response Handling:** The `transportRecv` function is designed to receive responses from the Greengrass server. It implements a loop with a timeout, using the `mbedtls_transport_recv` function. This approach prevents the `No response received` error caused by the delay in the Greengrass server's response time.
+
+**Multiple Core Devices Limitation:**
+
+The current implementation does not support handling multiple Greengrass core devices or multiple CA certificates returned in the discovery response. The lack of support comes from the design of the discovery response processing logic, which only precesses the first core device and the first CA certificate.
+
+### JSON Parsing and NVM Storage
+
+The parsing of the JSON response is done by using the CoreJSON library which is already integrated into the project.
+- **JSON Response Parsing:** The function `parseGGDiscoveryResponse` parses the JSON response received from the Greengrass core device, it returns pointers for the parsed endpoint, port, and CA.
+- **Certificate Formatting:** The parsed certificate requires formatting to replace escaped newline sequences (`\\n`) with actual newline characters (`\n`).
+- **NVM Storage:** Writes the parsed configuration values into Non-Volatile Memory (NVM) and commits changes for persistent storage and future use, The following labels and files are defined for storage:
+  - **Greengrass CA:** Stored in the file `corePKCS11_GG_CA_Certificate.dat` under the label `root_gg_ca_cert`.
+  - **Greengrass Endpoint:** Stored under the label `gg_endpoint`, it can be either an IP address or a common name (CN).
+  - **Port:** Stored under the label `gg_port`.
+
+![alt text](Pictures/CLI.png)
+
+### Connection to Greengrass Core
+
+The connection is detailed in the state machine below:
+
+![alt text](Pictures/state_machine.png)
+
+- **Connection Process:** The `vMQTTAgentTask` is responsible for establishing a connection to the Greengrass core device. Initially, it attempts to connect using the existing Greengrass configuration stored in Non-Volatile Memory (NVM). If this attempt fails, the task performs a Greengrass Discovery to retrieve the necessary configuration, updates the NVM, and retry the connection. If all attempts are exhausted without success, the system connects to the AWS cloud.
+
+- After successfully establishing a connection with the Greengrass core device, the system proceeds with its default operations. This includes subscribing to relevant topics, calling additional tasks, and publishing data to the given MQTT topic.
+
+#### **Modification in MQTT Agent Task**
+
+A modification was made to the `vMQTTAgentTask` to delay the initialization of the `mqttAgentHandler` pointer until the MQTT agent is successfully connected. This change was necessary because other tasks rely on the `mqttAgentHandler` pointer once it is initialized. In scenarios where the MQTT agent task fails to connect and restarts, the pointer remains initialized in those dependent tasks which causes assertion faults.
+
+By delaying the initialization of the `mqttAgentHandler` pointer until the MQTT agent is connected, this issue is avoided. 
+
+**Alternative Solutions:**
+- Another possible solution would be to terminate the tasks that are using the `mqttAgentHandler` pointer if the MQTT agent task fails and restart them when the MQTT agent task is retried. However, the current approach of delaying the pointer initialization is simpler, and involves fewer modifications to other tasks, and avoids unnecessary task management.
+- An improved approach consists in starting the `vMQTTAgentTask` only once with a pointer to the agent handler. If the connection attempt fails, instead of restarting the entire task with different parameters, the connection parameters are updated dynamically and the connection retried within the same task instance. 
+
+![alt text](Pictures/mqtt_agent_sequence_diagram.png) ![alt text](Pictures/mqtt_agent_sequence_diagram_alternative.png)
+
+
diff --git a/Documentation/Src/gg_sequence_diagram.puml b/Documentation/Src/gg_sequence_diagram.puml
new file mode 100644
index 000000000..04c3d7854
--- /dev/null
+++ b/Documentation/Src/gg_sequence_diagram.puml
@@ -0,0 +1,31 @@
+@startuml
+
+!pragma teoz true
+participant STM32H5 as H5_Board
+participant "GreenGrass STM32MPU" as GG
+participant "IoT Core" as Cloud
+
+== GreenGrass Discovery==
+
+H5_Board -> Cloud : HTTP Discovery request
+H5_Board <- Cloud : JSON response
+
+== MQTT Session ==
+
+H5_Board <-> GG : MQTT Connect
+
+H5_Board -> GG : Subscribe to Topics
+
+H5_Board -> GG : Publish Data
+
+group MQTT bridge
+    GG -> Cloud : Publish Data
+
+end
+
+
+== Disconnect ==
+
+H5_Board <-> GG : Close connection
+
+@enduml
\ No newline at end of file
diff --git a/Documentation/Src/mqtt_agent_sequence_diagram.puml b/Documentation/Src/mqtt_agent_sequence_diagram.puml
new file mode 100644
index 000000000..fb60052d0
--- /dev/null
+++ b/Documentation/Src/mqtt_agent_sequence_diagram.puml
@@ -0,0 +1,31 @@
+@startuml
+title Sequence diagram of the current implementation
+
+participant mqtt_connection_task
+participant mqtt_agent_task
+participant mqtt_broker
+
+activate mqtt_connection_task
+
+loop while not connected to broker
+    mqtt_connection_task -> mqtt_connection_task : set params X
+    mqtt_connection_task -> mqtt_agent_task++ : Start task with params X
+    mqtt_agent_task -> mqtt_broker : connect with params X
+    
+    alt connection successful
+    
+mqtt_broker -> mqtt_agent_task : connection successful
+
+    mqtt_agent_task -> mqtt_connection_task : notify success
+    else connection failed
+    mqtt_broker -> mqtt_agent_task : connection failed
+    mqtt_agent_task -> mqtt_connection_task : notify failure
+    mqtt_agent_task -> mqtt_agent_task : task end
+    deactivate mqtt_agent_task
+    end
+
+end
+
+deactivate mqtt_connection_task
+
+@enduml
\ No newline at end of file
diff --git a/Documentation/Src/mqtt_agent_sequence_diagram_alternative.puml b/Documentation/Src/mqtt_agent_sequence_diagram_alternative.puml
new file mode 100644
index 000000000..1807dafbd
--- /dev/null
+++ b/Documentation/Src/mqtt_agent_sequence_diagram_alternative.puml
@@ -0,0 +1,22 @@
+@startuml
+title Sequence diagram of the alternative solution
+
+activate mqtt_connection_task
+mqtt_connection_task -> mqtt_agent_task++ : Start task 
+loop while not connected to broker
+mqtt_connection_task -> mqtt_connection_task : set params X
+mqtt_connection_task -> mqtt_agent_task : apply params X
+mqtt_agent_task -> mqtt_broker : connect with params X
+    
+    alt connection successful
+    
+mqtt_broker -> mqtt_agent_task : connection successful
+
+    mqtt_agent_task -> mqtt_connection_task : notify success
+    else connection failed
+    mqtt_broker -> mqtt_agent_task : connection failed
+    mqtt_agent_task -> mqtt_connection_task : notify failure
+    end
+end
+
+@enduml
\ No newline at end of file
diff --git a/Documentation/Src/sequence_diagram.puml b/Documentation/Src/sequence_diagram.puml
new file mode 100644
index 000000000..fd67d31b1
--- /dev/null
+++ b/Documentation/Src/sequence_diagram.puml
@@ -0,0 +1,20 @@
+@startuml
+participant STM32H5 as H5_Board
+participant "IoT Core" as Cloud
+
+== Establishing network connection ==
+
+Cloud <-> H5_Board : TLS Connection
+
+== MQTT Session ==
+
+H5_Board -> Cloud : MQTT Connect
+
+H5_Board -> Cloud : Subscribe to Topics
+
+H5_Board -> Cloud : Publish Data
+== Disconnect ==
+
+H5_Board <-> Cloud : Close connection
+
+@enduml
\ No newline at end of file
diff --git a/Documentation/Src/state_machine.puml b/Documentation/Src/state_machine.puml
new file mode 100644
index 000000000..6938ed31a
--- /dev/null
+++ b/Documentation/Src/state_machine.puml
@@ -0,0 +1,70 @@
+@startuml
+hide empty description
+
+state "Connect to Greengrass Core Device" as Connect_to_GG #LightGreen
+state "Read Greengrass configuration from Non-Volatile Memory" as Read_gg_config_nvm #LightGreen
+state "Perform Greengrass discovery request" as GG_discovery #LightGreen
+state "Write Greengrass config in Non-Volatile Memory" as Write_gg_config_nvm #LightGreen
+state "Connect to IoT Cloud" as Connect_to_Cloud #LightBlue
+state "Connected to Greengrass Core Device" as Connected_to_GG #LightGreen
+state "Read Cloud configuration from Non-Volatile Memory" as Read_cloud_config_nvm #LightBlue
+state "Connected to Cloud" as Connected_to_Cloud #LightBlue
+state "Delay (back off mechanism)" as Back_Off  #LightBlue
+state "Delay (back off mechanism)" as Back_Off_GG #LightGreen
+
+state Start <<start>>
+state End_success  <<end>> #Green
+state End_failure  <<end>> #Red
+
+Back_Off_GG : Max GG connection attempts
+Back_Off    : Unlimited connection attempts
+
+Start  -down-> Read_gg_config_nvm
+Read_gg_config_nvm: Greengrass URL
+Read_gg_config_nvm: Greengrass port
+Read_gg_config_nvm: Greengrass Certificate
+
+Read_gg_config_nvm -down-> GG_discovery : Failure
+Read_gg_config_nvm -down-> Connect_to_GG : Success
+
+
+Read_cloud_config_nvm : MQTT endpoint
+Read_cloud_config_nvm : MQTT port
+Read_cloud_config_nvm : Root CA cert
+state GG_state <<choice>>
+state Cloud_state <<choice>>
+
+Connect_to_GG -down-> GG_state
+
+GG_state --> Connected_to_GG : Success
+GG_state --> Back_Off_GG : Failure
+Back_Off_GG --> Connect_to_GG : First attempt < Attempts < Max GG Connection Attempts
+Back_Off_GG --> GG_discovery : Attempts = First attempt
+Back_Off_GG --> Read_cloud_config_nvm : Attempts >= Max_GG_Connection_Attempts
+
+Connected_to_GG --> End_success
+
+GG_discovery --> Write_gg_config_nvm : Success
+
+Write_gg_config_nvm -up-> Read_gg_config_nvm
+
+Write_gg_config_nvm: Greengrass URL
+Write_gg_config_nvm: Greengrass port
+Write_gg_config_nvm: Greengrass Certificate
+
+GG_discovery --> Read_cloud_config_nvm : Failure
+Read_cloud_config_nvm --> Connect_to_Cloud : Success
+Read_cloud_config_nvm --> End_failure : Failure
+
+Connect_to_Cloud --> Cloud_state
+Cloud_state --> Connected_to_Cloud : Success
+Cloud_state --> Back_Off  : Failure
+Back_Off --> Connect_to_Cloud
+Connected_to_Cloud --> End_success
+
+legend
+Color Legend:
+- **LightGreen**: Added Greengrass connection features
+- **LightBlue**: Original Cloud connection feature
+end legend
+@enduml
\ No newline at end of file
diff --git a/Documentation/Src/state_machine_sequence_diagram.puml b/Documentation/Src/state_machine_sequence_diagram.puml
new file mode 100644
index 000000000..f33e5680d
--- /dev/null
+++ b/Documentation/Src/state_machine_sequence_diagram.puml
@@ -0,0 +1,44 @@
+@startuml
+title Sequence diagram of the current implementation
+
+participant NVM
+participant mqtt_connection_task
+participant discovery_task
+participant mqtt_agent_task
+participant mqtt_broker
+
+activate mqtt_connection_task
+
+alt
+    mqtt_connection_task -> discovery_task++ : start task
+    discovery_task -> NVM : write connectivity info
+    deactivate discovery_task
+end
+
+loop while not connected to broker
+alt Connect to greengrass
+    mqtt_connection_task -> mqtt_agent_task++ : Start task (NVM ID = GG )
+else Connect to IoT Core
+    mqtt_connection_task -> mqtt_agent_task : Start task (NVM ID = IoT Core )
+end
+    mqtt_agent_task -> NVM :  get connectivity info (NVM ID)
+    mqtt_agent_task <- NVM :  connectivity info
+    mqtt_agent_task -> mqtt_broker : connect(connectivity info)
+    
+    alt connection successful
+    
+mqtt_broker -> mqtt_agent_task : connection successful
+
+    mqtt_agent_task -> mqtt_connection_task : notify success
+    else connection failed
+    mqtt_broker -> mqtt_agent_task : connection failed
+    mqtt_agent_task -> mqtt_connection_task : notify failure
+    mqtt_agent_task -> mqtt_agent_task : task end
+    deactivate mqtt_agent_task
+    end
+
+end
+
+deactivate mqtt_connection_task
+
+@enduml
\ No newline at end of file
diff --git a/Projects/b_u585i_iot02a_ntz/.cproject b/Projects/b_u585i_iot02a_ntz/.cproject
index 7f810035e..4f7fbbe40 100644
--- a/Projects/b_u585i_iot02a_ntz/.cproject
+++ b/Projects/b_u585i_iot02a_ntz/.cproject
@@ -20,7 +20,7 @@
 				</extensions>
 			</storageModule>
 			<storageModule moduleId="cdtBuildSystem" version="4.0.0">
-				<configuration artifactExtension="elf" artifactName="${ProjName}" buildArtefactType="org.eclipse.cdt.build.core.buildArtefactType.exe" buildProperties="org.eclipse.cdt.build.core.buildArtefactType=org.eclipse.cdt.build.core.buildArtefactType.exe,org.eclipse.cdt.build.core.buildType=org.eclipse.cdt.build.core.buildType.debug" cleanCommand="rm -rf" description="" errorParsers="org.eclipse.cdt.core.GASErrorParser;org.eclipse.cdt.core.GmakeErrorParser;org.eclipse.cdt.core.GLDErrorParser;org.eclipse.cdt.core.CWDLocator;org.eclipse.cdt.core.GCCErrorParser" id="com.st.stm32cube.ide.mcu.gnu.managedbuild.config.exe.debug.402628481" name="Debug" parent="com.st.stm32cube.ide.mcu.gnu.managedbuild.config.exe.debug" postbuildStep="" prebuildStep="">
+				<configuration artifactExtension="elf" artifactName="${ProjName}" buildArtefactType="org.eclipse.cdt.build.core.buildArtefactType.exe" buildProperties="org.eclipse.cdt.build.core.buildArtefactType=org.eclipse.cdt.build.core.buildArtefactType.exe,org.eclipse.cdt.build.core.buildType=org.eclipse.cdt.build.core.buildType.debug" cleanCommand="rm -rf" description="" errorParsers="org.eclipse.cdt.core.GASErrorParser;org.eclipse.cdt.core.GmakeErrorParser;org.eclipse.cdt.core.GLDErrorParser;org.eclipse.cdt.core.CWDLocator;org.eclipse.cdt.core.GCCErrorParser" id="com.st.stm32cube.ide.mcu.gnu.managedbuild.config.exe.debug.402628481" name="Debug" parent="com.st.stm32cube.ide.mcu.gnu.managedbuild.config.exe.debug" postbuildStep="" preannouncebuildStep="Patch for the x509_crt custom addr ip verification" prebuildStep="cd ../../../ &amp;&amp; if git apply --check Common/app/greengrass/x509_crt_ip_addr_san_verif.patch; then git apply Common/app/greengrass/x509_crt_ip_addr_san_verif.patch; else echo &quot;Patch already applied or cannot be applied cleanly.&quot;; fi &amp;&amp; cd -">
 					<folderInfo id="com.st.stm32cube.ide.mcu.gnu.managedbuild.config.exe.debug.402628481." name="/" resourcePath="">
 						<toolChain id="com.st.stm32cube.ide.mcu.gnu.managedbuild.toolchain.exe.debug.1043946617" name="MCU ARM GCC" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.toolchain.exe.debug">
 							<option id="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.target_mcu.995835186" name="MCU" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.target_mcu" useByScannerDiscovery="true" value="STM32U585AIIxQ" valueType="string"/>
@@ -104,6 +104,9 @@
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Libraries/Unity/src}&quot;"/>
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Libraries/Unity/extras/fixture/src}&quot;"/>
 									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Libraries/Unity/extras/memory/src}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Libraries/coreHTTP/dependency/3rdparty/llhttp/include}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Libraries/coreHTTP/include}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Common/app/greengrass}&quot;"/>
 								</option>
 								<option id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.c.compiler.option.warnings.extra.1737884242" name="Enable extra warning flags (-Wextra)" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.c.compiler.option.warnings.extra" useByScannerDiscovery="false" value="true" valueType="boolean"/>
 								<option id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.c.compiler.option.warnings.missing_include_dirs.1877044054" name="Warn if a user-supplied include directory does not exist (-Wmissing-include-dirs)" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.c.compiler.option.warnings.missing_include_dirs" useByScannerDiscovery="false" value="true" valueType="boolean"/>
@@ -123,6 +126,7 @@
 								<option id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.c.linker.option.cref.1875334421" name="Add symbol cross reference table to map file (-Wl,--cref)" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.c.linker.option.cref" useByScannerDiscovery="false" value="true" valueType="boolean"/>
 								<option id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.c.linker.option.systemcalls.71325426" name="System calls" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.c.linker.option.systemcalls" useByScannerDiscovery="false" value="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.c.linker.option.systemcalls.value.minimalimplementation" valueType="enumerated"/>
 								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="true" id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.c.linker.option.additionalobjs.595722552" name="Additional object files" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.c.linker.option.additionalobjs" useByScannerDiscovery="false" valueType="userObjs"/>
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="true" id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.c.linker.option.otherflags.1060833522" name="Other flags" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.c.linker.option.otherflags" valueType="stringList"/>
 								<inputType id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.c.linker.input.1314855374" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.c.linker.input">
 									<additionalInput kind="additionalinputdependency" paths="$(USER_OBJS)"/>
 									<additionalInput kind="additionalinput" paths="$(LIBS)"/>
@@ -139,99 +143,87 @@
 							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.objcopy.symbolsrec.406731059" name="MCU Output Converter Motorola S-rec with symbols" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.objcopy.symbolsrec"/>
 						</toolChain>
 					</folderInfo>
-					<folderInfo id="com.st.stm32cube.ide.mcu.gnu.managedbuild.config.exe.debug.402628481.216439256" name="/" resourcePath="Libraries/Unity/extras/memory/test">
-						<toolChain id="com.st.stm32cube.ide.mcu.gnu.managedbuild.toolchain.exe.debug.1439429077" name="MCU ARM GCC" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.toolchain.exe.debug" unusedChildren="">
-							<option id="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.target_mcu.995835186.1504430639" name="MCU" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.target_mcu.995835186"/>
-							<option id="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.target_cpuid.487577999.1684040220" name="CPU" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.target_cpuid.487577999"/>
-							<option id="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.target_coreid.1454325159.200901094" name="Core" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.target_coreid.1454325159"/>
-							<option id="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.fpu.1984131119.1758504896" name="Floating-point unit" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.fpu.1984131119"/>
-							<option id="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.floatabi.772757274.607013338" name="Floating-point ABI" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.floatabi.772757274"/>
-							<option id="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.target_board.1143138459.888823040" name="Board" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.target_board.1143138459"/>
-							<option id="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.defaults.375648875.950764142" name="Defaults" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.defaults.375648875"/>
-							<option id="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.converthex.1345390154.1835642471" name="Convert to Intel Hex file (-O ihex)" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.converthex.1345390154"/>
-							<option id="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.convertbinary.1589811416.1539963115" name="Convert to binary file (-O binary)" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.convertbinary.1589811416"/>
-							<option id="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.nanoprintffloat.166065946.1351277668" name="Use float with printf from newlib-nano (-u _printf_float)" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.nanoprintffloat.166065946"/>
+					<folderInfo id="com.st.stm32cube.ide.mcu.gnu.managedbuild.config.exe.debug.402628481.1091806806" name="/" resourcePath="Common">
+						<toolChain id="com.st.stm32cube.ide.mcu.gnu.managedbuild.toolchain.exe.debug.406888108" name="MCU ARM GCC" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.toolchain.exe.debug" unusedChildren="">
+							<option id="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.target_mcu.995835186.412212532" name="MCU" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.target_mcu.995835186"/>
+							<option id="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.target_cpuid.487577999.407050885" name="CPU" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.target_cpuid.487577999"/>
+							<option id="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.target_coreid.1454325159.2077427199" name="Core" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.target_coreid.1454325159"/>
+							<option id="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.fpu.1984131119.1768068026" name="Floating-point unit" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.fpu.1984131119"/>
+							<option id="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.floatabi.772757274.470040841" name="Floating-point ABI" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.floatabi.772757274"/>
+							<option id="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.target_board.1143138459.679219780" name="Board" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.target_board.1143138459"/>
+							<option id="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.defaults.375648875.1336662612" name="Defaults" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.defaults.375648875"/>
+							<option id="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.converthex.1345390154.2120902494" name="Convert to Intel Hex file (-O ihex)" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.converthex.1345390154"/>
+							<option id="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.convertbinary.1589811416.10048551" name="Convert to binary file (-O binary)" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.convertbinary.1589811416"/>
+							<option id="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.nanoprintffloat.166065946.414160718" name="Use float with printf from newlib-nano (-u _printf_float)" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.nanoprintffloat.166065946"/>
 							<targetPlatform archList="all" binaryParser="org.eclipse.cdt.core.ELF" id="com.st.stm32cube.ide.mcu.gnu.managedbuild.targetplatform" isAbstract="false" osList="all" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.targetplatform"/>
-							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.assembler.138560115" name="MCU GCC Assembler" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.assembler.2049031598">
-								<inputType id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.assembler.input.382120180" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.assembler.input"/>
+							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.assembler.1392455996" name="MCU GCC Assembler" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.assembler.2049031598">
+								<inputType id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.assembler.input.17767268" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.assembler.input"/>
 							</tool>
-							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.c.compiler.1266395644" name="MCU GCC Compiler" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.c.compiler.599564873">
-								<inputType id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.c.compiler.input.c.432596727" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.c.compiler.input.c"/>
-							</tool>
-							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.cpp.compiler.822243938" name="MCU G++ Compiler" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.cpp.compiler.1769967524"/>
-							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.c.linker.1626212242" name="MCU GCC Linker" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.c.linker.1881350553"/>
-							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.cpp.linker.1380746192" name="MCU G++ Linker" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.cpp.linker.1154242336"/>
-							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.archiver.499435421" name="MCU GCC Archiver" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.archiver.1096626281"/>
-							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.size.195372319" name="MCU Size" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.size.787837784"/>
-							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.objdump.listfile.742171630" name="MCU Output Converter list file" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.objdump.listfile.1109510947"/>
-							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.objcopy.hex.2014403463" name="MCU Output Converter Hex" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.objcopy.hex.626421236"/>
-							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.objcopy.binary.1612160875" name="MCU Output Converter Binary" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.objcopy.binary.2003340050"/>
-							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.objcopy.verilog.1257239509" name="MCU Output Converter Verilog" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.objcopy.verilog.1218761829"/>
-							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.objcopy.srec.1031025145" name="MCU Output Converter Motorola S-rec" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.objcopy.srec.1848392860"/>
-							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.objcopy.symbolsrec.748757609" name="MCU Output Converter Motorola S-rec with symbols" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.objcopy.symbolsrec.406731059"/>
-						</toolChain>
-					</folderInfo>
-					<folderInfo id="com.st.stm32cube.ide.mcu.gnu.managedbuild.config.exe.debug.402628481.1287202470" name="/" resourcePath="tools">
-						<toolChain id="com.st.stm32cube.ide.mcu.gnu.managedbuild.toolchain.exe.debug.66259025" name="MCU ARM GCC" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.toolchain.exe.debug" unusedChildren="">
-							<option id="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.target_mcu.995835186.1120499385" name="MCU" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.target_mcu.995835186"/>
-							<option id="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.target_cpuid.487577999.1791234864" name="CPU" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.target_cpuid.487577999"/>
-							<option id="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.target_coreid.1454325159.246424968" name="Core" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.target_coreid.1454325159"/>
-							<option id="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.fpu.1984131119.380799614" name="Floating-point unit" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.fpu.1984131119"/>
-							<option id="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.floatabi.772757274.460747658" name="Floating-point ABI" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.floatabi.772757274"/>
-							<option id="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.target_board.1143138459.2094568021" name="Board" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.target_board.1143138459"/>
-							<option id="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.defaults.375648875.1750594723" name="Defaults" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.defaults.375648875"/>
-							<option id="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.converthex.1345390154.836252767" name="Convert to Intel Hex file (-O ihex)" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.converthex.1345390154"/>
-							<option id="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.convertbinary.1589811416.1485924954" name="Convert to binary file (-O binary)" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.convertbinary.1589811416"/>
-							<option id="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.nanoprintffloat.166065946.1533629171" name="Use float with printf from newlib-nano (-u _printf_float)" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.nanoprintffloat.166065946"/>
-							<targetPlatform archList="all" binaryParser="org.eclipse.cdt.core.ELF" id="com.st.stm32cube.ide.mcu.gnu.managedbuild.targetplatform" isAbstract="false" osList="all" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.targetplatform"/>
-							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.assembler.1328187832" name="MCU GCC Assembler" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.assembler.2049031598">
-								<inputType id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.assembler.input.2036210317" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.assembler.input"/>
-							</tool>
-							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.c.compiler.73607686" name="MCU GCC Compiler" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.c.compiler.599564873">
-								<inputType id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.c.compiler.input.c.1624636975" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.c.compiler.input.c"/>
-							</tool>
-							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.cpp.compiler.1371302022" name="MCU G++ Compiler" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.cpp.compiler.1769967524"/>
-							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.c.linker.527506364" name="MCU GCC Linker" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.c.linker.1881350553"/>
-							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.cpp.linker.857919579" name="MCU G++ Linker" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.cpp.linker.1154242336"/>
-							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.archiver.1215262026" name="MCU GCC Archiver" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.archiver.1096626281"/>
-							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.size.534566000" name="MCU Size" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.size.787837784"/>
-							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.objdump.listfile.1919850202" name="MCU Output Converter list file" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.objdump.listfile.1109510947"/>
-							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.objcopy.hex.293470706" name="MCU Output Converter Hex" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.objcopy.hex.626421236"/>
-							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.objcopy.binary.101900774" name="MCU Output Converter Binary" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.objcopy.binary.2003340050"/>
-							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.objcopy.verilog.1248020427" name="MCU Output Converter Verilog" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.objcopy.verilog.1218761829"/>
-							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.objcopy.srec.315502405" name="MCU Output Converter Motorola S-rec" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.objcopy.srec.1848392860"/>
-							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.objcopy.symbolsrec.1223060908" name="MCU Output Converter Motorola S-rec with symbols" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.objcopy.symbolsrec.406731059"/>
-						</toolChain>
-					</folderInfo>
-					<folderInfo id="com.st.stm32cube.ide.mcu.gnu.managedbuild.config.exe.debug.402628481.1465923093" name="/" resourcePath="Common/app">
-						<toolChain id="com.st.stm32cube.ide.mcu.gnu.managedbuild.toolchain.exe.debug.1614199419" name="MCU ARM GCC" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.toolchain.exe.debug" unusedChildren="">
-							<option id="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.target_mcu.995835186.526485833" name="MCU" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.target_mcu.995835186"/>
-							<option id="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.target_cpuid.487577999.2133169477" name="CPU" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.target_cpuid.487577999"/>
-							<option id="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.target_coreid.1454325159.1283449054" name="Core" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.target_coreid.1454325159"/>
-							<option id="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.fpu.1984131119.359392418" name="Floating-point unit" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.fpu.1984131119"/>
-							<option id="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.floatabi.772757274.74246385" name="Floating-point ABI" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.floatabi.772757274"/>
-							<option id="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.target_board.1143138459.706525636" name="Board" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.target_board.1143138459"/>
-							<option id="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.defaults.375648875.1468936764" name="Defaults" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.defaults.375648875"/>
-							<option id="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.converthex.1345390154.871625660" name="Convert to Intel Hex file (-O ihex)" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.converthex.1345390154"/>
-							<option id="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.convertbinary.1589811416.1714699861" name="Convert to binary file (-O binary)" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.convertbinary.1589811416"/>
-							<option id="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.nanoprintffloat.166065946.288497651" name="Use float with printf from newlib-nano (-u _printf_float)" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.option.nanoprintffloat.166065946"/>
-							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.assembler.1238552097" name="MCU GCC Assembler" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.assembler.2049031598">
-								<inputType id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.assembler.input.295277043" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.assembler.input"/>
-							</tool>
-							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.c.compiler.413146358" name="MCU GCC Compiler" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.c.compiler.599564873">
-								<inputType id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.c.compiler.input.c.1002938856" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.c.compiler.input.c"/>
+							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.c.compiler.1734494491" name="MCU GCC Compiler" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.c.compiler.599564873">
+								<option IS_BUILTIN_EMPTY="false" IS_VALUE_EMPTY="false" id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.c.compiler.option.includepaths.382758006" name="Include paths (-I)" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.c.compiler.option.includepaths" valueType="includePath">
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Libraries/pkcs11}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Src}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Src/ota_pal}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Libraries/corePKCS11/mbedtls_utils}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Libraries/LittleFS}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Drivers/bsp}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Libraries/ota/include}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Libraries/ota/portable/os}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Libraries/tinycbor}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Libraries/mbedtls/library}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Libraries/mbedtls/include}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Libraries/deviceDefender/include}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Libraries/deviceShadow/include}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Common/app/mqtt}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Libraries/backoffAlgorithm/include}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Libraries/coreJSON/include}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Libraries/coreMQTTAgent/include}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Libraries/coreMQTT/include}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Libraries/coreMQTT/interface}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Libraries/CommonIO/include}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Libraries/CommonIO/gpio}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Common/boards}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Common/net/lwip_port/include}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Libraries/lwip/include}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Libraries/CMSIS/core}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Common/cli}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Libraries/CMSIS/stm32u5xx}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Libraries/STM32U5_HAL/Inc}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Libraries/freertos_kernel/port}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Libraries/freertos_kernel/include}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Common/include}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Common/config}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Common}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Common/kvstore}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Libraries/corePKCS11/include}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Libraries/FreeRTOS-Libraries-Integration-Tests}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Libraries/FreeRTOS-Libraries-Integration-Tests/common}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Libraries/FreeRTOS-Libraries-Integration-Tests/mqtt}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Libraries/FreeRTOS-Libraries-Integration-Tests/ota}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Libraries/FreeRTOS-Libraries-Integration-Tests/pkcs11}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Libraries/FreeRTOS-Libraries-Integration-Tests/pkcs11/dev_mode_key_provisioning}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Libraries/FreeRTOS-Libraries-Integration-Tests/transport_interface}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Libraries/Unity/src}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Libraries/Unity/extras/fixture/src}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Libraries/Unity/extras/memory/src}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Libraries/coreHTTP/dependency/3rdparty/llhttp/include}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Libraries/coreHTTP/include}&quot;"/>
+									<listOptionValue builtIn="false" value="&quot;${workspace_loc:/${ProjName}/Common/app/greengrass}&quot;"/>
+								</option>
+								<inputType id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.c.compiler.input.c.508128141" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.c.compiler.input.c"/>
 							</tool>
-							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.cpp.compiler.1693268194" name="MCU G++ Compiler" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.cpp.compiler.1769967524"/>
-							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.c.linker.109977779" name="MCU GCC Linker" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.c.linker.1881350553"/>
-							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.cpp.linker.905532973" name="MCU G++ Linker" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.cpp.linker.1154242336"/>
-							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.archiver.1449860856" name="MCU GCC Archiver" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.archiver.1096626281"/>
-							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.size.1774889291" name="MCU Size" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.size.787837784"/>
-							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.objdump.listfile.1316718527" name="MCU Output Converter list file" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.objdump.listfile.1109510947"/>
-							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.objcopy.hex.510781395" name="MCU Output Converter Hex" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.objcopy.hex.626421236"/>
-							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.objcopy.binary.1513573581" name="MCU Output Converter Binary" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.objcopy.binary.2003340050"/>
-							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.objcopy.verilog.1291806807" name="MCU Output Converter Verilog" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.objcopy.verilog.1218761829"/>
-							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.objcopy.srec.1576239117" name="MCU Output Converter Motorola S-rec" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.objcopy.srec.1848392860"/>
-							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.objcopy.symbolsrec.523872195" name="MCU Output Converter Motorola S-rec with symbols" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.objcopy.symbolsrec.406731059"/>
+							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.cpp.compiler.843860885" name="MCU G++ Compiler" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.cpp.compiler.1769967524"/>
+							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.c.linker.1567477154" name="MCU GCC Linker" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.c.linker.1881350553"/>
+							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.cpp.linker.1682714458" name="MCU G++ Linker" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.cpp.linker.1154242336"/>
+							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.archiver.108720929" name="MCU GCC Archiver" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.archiver.1096626281"/>
+							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.size.1464824796" name="MCU Size" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.size.787837784"/>
+							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.objdump.listfile.874323310" name="MCU Output Converter list file" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.objdump.listfile.1109510947"/>
+							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.objcopy.hex.1131943043" name="MCU Output Converter Hex" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.objcopy.hex.626421236"/>
+							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.objcopy.binary.1652425279" name="MCU Output Converter Binary" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.objcopy.binary.2003340050"/>
+							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.objcopy.verilog.731765440" name="MCU Output Converter Verilog" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.objcopy.verilog.1218761829"/>
+							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.objcopy.srec.1712584415" name="MCU Output Converter Motorola S-rec" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.objcopy.srec.1848392860"/>
+							<tool id="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.objcopy.symbolsrec.996208675" name="MCU Output Converter Motorola S-rec with symbols" superClass="com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.objcopy.symbolsrec.406731059"/>
 						</toolChain>
 					</folderInfo>
 					<sourceEntries>
@@ -260,14 +252,14 @@
 			<resource resourceType="PROJECT" workspacePath="/b_u585i_iot02a_ntz"/>
 		</configuration>
 	</storageModule>
+	<storageModule moduleId="org.eclipse.cdt.internal.ui.text.commentOwnerProjectMappings"/>
 	<storageModule moduleId="scannerConfiguration">
 		<autodiscovery enabled="true" problemReportingEnabled="true" selectedProfileId=""/>
-		<scannerConfigBuildInfo instanceId="com.st.stm32cube.ide.mcu.gnu.managedbuild.config.exe.release.1375331058;com.st.stm32cube.ide.mcu.gnu.managedbuild.config.exe.release.1375331058.;com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.c.compiler.215048907;com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.c.compiler.input.c.1802198639">
+		<scannerConfigBuildInfo instanceId="com.st.stm32cube.ide.mcu.gnu.managedbuild.config.exe.debug.402628481;com.st.stm32cube.ide.mcu.gnu.managedbuild.config.exe.debug.402628481.;com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.c.compiler.599564873;com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.c.compiler.input.c.860213181">
 			<autodiscovery enabled="false" problemReportingEnabled="true" selectedProfileId=""/>
 		</scannerConfigBuildInfo>
-		<scannerConfigBuildInfo instanceId="com.st.stm32cube.ide.mcu.gnu.managedbuild.config.exe.debug.402628481;com.st.stm32cube.ide.mcu.gnu.managedbuild.config.exe.debug.402628481.;com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.c.compiler.599564873;com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.c.compiler.input.c.860213181">
+		<scannerConfigBuildInfo instanceId="com.st.stm32cube.ide.mcu.gnu.managedbuild.config.exe.release.1375331058;com.st.stm32cube.ide.mcu.gnu.managedbuild.config.exe.release.1375331058.;com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.c.compiler.215048907;com.st.stm32cube.ide.mcu.gnu.managedbuild.tool.c.compiler.input.c.1802198639">
 			<autodiscovery enabled="false" problemReportingEnabled="true" selectedProfileId=""/>
 		</scannerConfigBuildInfo>
 	</storageModule>
-	<storageModule moduleId="org.eclipse.cdt.internal.ui.text.commentOwnerProjectMappings"/>
 </cproject>
\ No newline at end of file
diff --git a/Projects/b_u585i_iot02a_ntz/.project b/Projects/b_u585i_iot02a_ntz/.project
index ec6d1762f..221e7fc4b 100644
--- a/Projects/b_u585i_iot02a_ntz/.project
+++ b/Projects/b_u585i_iot02a_ntz/.project
@@ -111,6 +111,11 @@
 			<type>2</type>
 			<locationURI>WORKSPACE_LOC/Middleware/FreeRTOS/coreJSON/source</locationURI>
 		</link>
+		<link>
+			<name>Libraries/coreHTTP</name>
+			<type>2</type>
+			<locationURI>WORKSPACE_LOC/Middleware/FreeRTOS/coreHTTP/source</locationURI>
+		</link>
 		<link>
 			<name>Libraries/coreMQTT</name>
 			<type>2</type>
diff --git a/Projects/b_u585i_iot02a_ntz/Inc/core_pkcs11_config.h b/Projects/b_u585i_iot02a_ntz/Inc/core_pkcs11_config.h
index 02a899724..f29736253 100644
--- a/Projects/b_u585i_iot02a_ntz/Inc/core_pkcs11_config.h
+++ b/Projects/b_u585i_iot02a_ntz/Inc/core_pkcs11_config.h
@@ -187,4 +187,7 @@
 #define pkcs11_ROOT_CA_CERT_LABEL                          "root_ca_cert"
 #define pkcs11configLABEL_ROOT_CERTIFICATE                 ( pkcs11_ROOT_CA_CERT_LABEL )
 
+#define pkcs11_ROOT_GG_CA_CERT_LABEL                          "root_gg_ca_cert"
+#define pkcs11configLABEL_ROOT_GG_CERTIFICATE                 ( pkcs11_ROOT_GG_CA_CERT_LABEL )
+
 #endif /* _CORE_PKCS11_CONFIG_H_ */
diff --git a/Projects/b_u585i_iot02a_ntz/Inc/mbedtls_config_ntz.h b/Projects/b_u585i_iot02a_ntz/Inc/mbedtls_config_ntz.h
index 534a86b61..685955726 100644
--- a/Projects/b_u585i_iot02a_ntz/Inc/mbedtls_config_ntz.h
+++ b/Projects/b_u585i_iot02a_ntz/Inc/mbedtls_config_ntz.h
@@ -3269,6 +3269,20 @@ void mbedtls_platform_free( void * ptr );
  */
 /*#define MBEDTLS_ECDH_VARIANT_EVEREST_ENABLED */
 
+/**
+ * @brief Enables custom Subject Alternative Name (SAN) verification for IP addresses.
+ *
+ * This macro activates a custom implementation of the x509 certificate SAN verification
+ * function, which includes support for IP address and URI verification in addition to
+ * DNS names. When defined, the verification function prioritizes DNS names but also
+ * checks for IP addresses and URIs in the SAN field of the certificate.
+ *
+ * @note This macro should be defined when IP address and URI verification are required
+ * in addition to DNS name verification in the SAN field of x509 certificates.
+ * Enable the greengrass connection
+ */
+#define MBEDTLS_CUSTOM_SAN_IP_VERIF
+
 /* \} name SECTION: Customization configuration options */
 
 #include "mbedtls/check_config.h"
diff --git a/Projects/b_u585i_iot02a_ntz/Inc/tls_transport_config.h b/Projects/b_u585i_iot02a_ntz/Inc/tls_transport_config.h
index d12b5f5ae..432084a7e 100644
--- a/Projects/b_u585i_iot02a_ntz/Inc/tls_transport_config.h
+++ b/Projects/b_u585i_iot02a_ntz/Inc/tls_transport_config.h
@@ -31,6 +31,7 @@
 #define TLS_KEY_PUB_LABEL          pkcs11_TLS_KEY_PUB_LABEL
 #define TLS_CERT_LABEL             pkcs11_TLS_CERT_LABEL
 #define TLS_ROOT_CA_CERT_LABEL     pkcs11_ROOT_CA_CERT_LABEL
+#define TLS_ROOT_GG_CA_CERT_LABEL  pkcs11_ROOT_GG_CA_CERT_LABEL
 #define OTA_SIGNING_KEY_LABEL      pkcs11configLABEL_CODE_VERIFICATION_KEY
 
 #define TRANSPORT_USE_CTR_DRBG     1
diff --git a/Projects/b_u585i_iot02a_ntz/Src/app_main.c b/Projects/b_u585i_iot02a_ntz/Src/app_main.c
index a29175e43..26c3e6496 100644
--- a/Projects/b_u585i_iot02a_ntz/Src/app_main.c
+++ b/Projects/b_u585i_iot02a_ntz/Src/app_main.c
@@ -183,7 +183,7 @@ static void vHeartbeatTask( void * pvParameters )
 }
 
 extern void net_main( void * pvParameters );
-extern void vMQTTAgentTask( void * );
+extern void vMQTTConnectionTask( void * );
 extern void vMotionSensorsPublish( void * );
 extern void vEnvironmentSensorPublishTask( void * );
 extern void vShadowDeviceTask( void * );
@@ -240,7 +240,7 @@ void vInitTask( void * pvArgs )
         xResult = xTaskCreate( run_qualification_main, "QualTest", 4096, NULL, 10, NULL );
         configASSERT( xResult == pdTRUE );
     #else
-        xResult = xTaskCreate( vMQTTAgentTask, "MQTTAgent", 2048, NULL, 10, NULL );
+        xResult = xTaskCreate( vMQTTConnectionTask, "MQTTConnection", 1024, NULL, 12, NULL );
         configASSERT( xResult == pdTRUE );
 
         xResult = xTaskCreate( vOTAUpdateTask, "OTAUpdate", 4096, NULL, tskIDLE_PRIORITY + 1, NULL );
@@ -267,7 +267,9 @@ void vInitTask( void * pvArgs )
 
 static uint32_t ulCsrFlags = 0;
 
-static void vDetermineResetSource()
+void vDetermineResetSource();
+
+void vDetermineResetSource()
 {
     const char * pcResetSource = NULL;
 
diff --git a/Projects/b_u585i_iot02a_ntz/Src/crypto/core_pkcs11_pal_utils.c b/Projects/b_u585i_iot02a_ntz/Src/crypto/core_pkcs11_pal_utils.c
index 3ef727c00..5af17da7a 100644
--- a/Projects/b_u585i_iot02a_ntz/Src/crypto/core_pkcs11_pal_utils.c
+++ b/Projects/b_u585i_iot02a_ntz/Src/crypto/core_pkcs11_pal_utils.c
@@ -51,6 +51,7 @@
 #define pkcs11palFILE_NAME_CLAIM_CERTIFICATE     "corePKCS11_Claim_Certificate.dat" /**< The file name of the Provisioning Claim Certificate object. */
 #define pkcs11palFILE_NAME_CLAIM_KEY             "corePKCS11_Claim_Key.dat"         /**< The file name of the Provisioning Claim Key object. */
 #define pkcs11palFILE_NAME_CA_CERTIFICATE        "corePKCS11_CA_Certificate.dat"    /**< The file name of the CA Certificate object. */
+#define pkcs11palFILE_NAME_GG_CA_CERTIFICATE     "corePKCS11_GG_CA_Certificate.dat" /**< The file name of the GG CA Certificate object. */
 
 
 void PAL_UTILS_LabelToFilenameHandle( const char * pcLabel,
@@ -122,6 +123,13 @@ void PAL_UTILS_LabelToFilenameHandle( const char * pcLabel,
             *pcFileName = pkcs11palFILE_NAME_CA_CERTIFICATE;
             *pHandle = ( CK_OBJECT_HANDLE ) eAwsCaCertificate;
         }
+        else if( 0 == strncmp( pkcs11_ROOT_GG_CA_CERT_LABEL,
+                                pcLabel,
+                                sizeof( pkcs11_ROOT_GG_CA_CERT_LABEL ) ) )
+        {
+            *pcFileName = pkcs11palFILE_NAME_GG_CA_CERTIFICATE;
+            *pHandle = ( CK_OBJECT_HANDLE ) eAwsGGCaCertificate;
+        }
         else
         {
             *pcFileName = NULL;
@@ -198,6 +206,11 @@ CK_RV PAL_UTILS_HandleToFilename( CK_OBJECT_HANDLE xHandle,
                 *pcFileName = pkcs11palFILE_NAME_CA_CERTIFICATE;
                 *pIsPrivate = CK_FALSE;
                 break;
+            
+            case eAwsGGCaCertificate:
+            *pcFileName = pkcs11palFILE_NAME_GG_CA_CERTIFICATE;
+            *pIsPrivate = CK_FALSE;
+            break;
 
             default:
                 xReturn = CKR_KEY_HANDLE_INVALID;
diff --git a/Projects/b_u585i_iot02a_ntz/Src/crypto/core_pkcs11_pal_utils.h b/Projects/b_u585i_iot02a_ntz/Src/crypto/core_pkcs11_pal_utils.h
index dff102e28..fed912691 100644
--- a/Projects/b_u585i_iot02a_ntz/Src/crypto/core_pkcs11_pal_utils.h
+++ b/Projects/b_u585i_iot02a_ntz/Src/crypto/core_pkcs11_pal_utils.h
@@ -52,6 +52,7 @@ enum eObjectHandles
     eAwsClaimPrivateKey,      /**< Provisioning Claim Private Key. */
     eAwsClaimCertificate,     /**< Provisioning Claim Certificate. */
     eAwsCaCertificate,
+    eAwsGGCaCertificate,      /**< GreenGrass CA certificate. */
 };