diff --git a/.gitmodules b/.gitmodules
index f2cff24..0872aa8 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -1,3 +1,5 @@
 [submodule "RIOT"]
 	path = RIOT
-	url = https://github.com/AlexFuhr/RIOT.git
\ No newline at end of file
+	url = https://github.com/seojeongmoon/RIOT.git
+	branch = dtls
+
diff --git a/Makefile b/Makefile
index 3f4f3fc..599199f 100644
--- a/Makefile
+++ b/Makefile
@@ -45,6 +45,13 @@ INCLUDE += $(RIOTPKG)/tinycbor/cbor.h
 CFLAGS += -DGNRC_IPV6_NIB_CONF_SLAAC=1
 
 
+#choose tiny dtls stack 
+#if errors, disable
+USEMODULE += tinydtls_sock_dtls
+CFLAGS += -DDTLS_PSK
+# when using plain CoAP. Uncomment the next line to fix this.
+CFLAGS += -DGCOAP_PDU_BUF_SIZE=256
+
 # Comment this out to disable code in RIOT that does safety checking
 # which is not needed in a production environment but helps in the
 # development process:
diff --git a/RIOT b/RIOT
index b38f48a..62a4ab8 160000
--- a/RIOT
+++ b/RIOT
@@ -1 +1 @@
-Subproject commit b38f48a72009141cbce3a0f01c09cc1a7ef0275b
+Subproject commit 62a4ab83cb6512406c2287dd0b5f8621bbbf829b
diff --git a/credentials.c b/credentials.c
new file mode 100644
index 0000000..90c731b
--- /dev/null
+++ b/credentials.c
@@ -0,0 +1,56 @@
+/*
+ * Copyright (C) 2018 Inria
+ *
+ * This file is subject to the terms and conditions of the GNU Lesser
+ * General Public License v2.1. See the file LICENSE in the top level
+ * directory for more details.
+ */
+
+/**
+ * @ingroup     tests
+ * @{
+ *
+ * @file
+ * @brief       tlsman test application (PSK and ECC keys)
+ *
+ * Small test for TLSMAN. Many definitions defined here are also available at
+ * sock_secure (and are intended to be used in standard applications)
+ *
+ * @author      Raul Fuentes <raul.fuentes-samaniego@inria.fr>
+ *
+ * @}
+ */
+
+#ifdef MODULE_SOCK_DTLS
+#ifdef DTLS_PSK
+const char psk_key[] = "secretPSK";
+const char psk_id[] = "Client_identity";
+const unsigned psk_key_len = sizeof(psk_key) - 1;
+const unsigned psk_id_len = sizeof(psk_id) - 1;
+#endif /* DTLS_PSK */
+
+#ifdef DTLS_ECC
+const unsigned char ecdsa_priv_key[] = {
+    0x41, 0xC1, 0xCB, 0x6B, 0x51, 0x24, 0x7A, 0x14,
+    0x43, 0x21, 0x43, 0x5B, 0x7A, 0x80, 0xE7, 0x14,
+    0x89, 0x6A, 0x33, 0xBB, 0xAD, 0x72, 0x94, 0xCA,
+    0x40, 0x14, 0x55, 0xA1, 0x94, 0xA9, 0x49, 0xFA
+};
+
+const unsigned char ecdsa_pub_key_x[] = {
+    0x36, 0xDF, 0xE2, 0xC6, 0xF9, 0xF2, 0xED, 0x29,
+    0xDA, 0x0A, 0x9A, 0x8F, 0x62, 0x68, 0x4E, 0x91,
+    0x63, 0x75, 0xBA, 0x10, 0x30, 0x0C, 0x28, 0xC5,
+    0xE4, 0x7C, 0xFB, 0xF2, 0x5F, 0xA5, 0x8F, 0x52
+};
+
+const unsigned char ecdsa_pub_key_y[] = {
+    0x71, 0xA0, 0xD4, 0xFC, 0xDE, 0x1A, 0xB8, 0x78,
+    0x5A, 0x3C, 0x78, 0x69, 0x35, 0xA7, 0xCF, 0xAB,
+    0xE9, 0x3F, 0x98, 0x72, 0x09, 0xDA, 0xED, 0x0B,
+    0x4F, 0xAB, 0xC3, 0x6F, 0xC7, 0x72, 0xF8, 0x29
+};
+#endif /* DTLS_ECC */
+#endif /* MODULE_SOCK_DTLS */
+
+typedef int unused_workaround;
\ No newline at end of file
diff --git a/saul_coap.c b/saul_coap.c
index 31e7995..98745b1 100644
--- a/saul_coap.c
+++ b/saul_coap.c
@@ -40,6 +40,23 @@ uint8_t class_press = SAUL_SENSE_PRESS;
 uint8_t class_temp = SAUL_SENSE_TEMP;
 uint8_t class_voltage = SAUL_SENSE_VOLTAGE;
 
+#ifdef MODULE_SOCK_DTLS
+#include "net/credman.h"
+
+#define SOCK_DTLS_GCOAP_TAG (10)
+
+#ifdef DTLS_PSK
+extern const char psk_key[];
+extern const char psk_id[];
+extern const unsigned psk_key_len;
+extern const unsigned psk_id_len;
+#else /* DTLS_PSK */
+extern const unsigned char ecdsa_priv_key[];
+extern const unsigned char ecdsa_pub_key_x[];
+extern const unsigned char ecdsa_pub_key_y[];
+#endif /* DTLS_ECC */
+#endif /* MODULE_SOCK_DTLS */
+
 /* CoAP resources. Must be sorted by path (ASCII order). */
 static const coap_resource_t _resources[] = {
     { "/hum", COAP_GET, _saul_type_handler, &class_hum },
@@ -288,5 +305,47 @@ CborError export_phydat_to_cbor(CborEncoder *encoder, phydat_t data, int dim)
 
 void saul_coap_init(void)
 {
+#ifdef MODULE_SOCK_DTLS
+#ifdef DTLS_PSK
+    credman_credential_t credential = {
+        .type = CREDMAN_TYPE_PSK,
+        .tag = SOCK_DTLS_GCOAP_TAG,
+        .params = {
+            .psk = {
+                .key = { .s = (char *)psk_key, .len = psk_key_len },
+                .id = { .s = (char *)psk_id, .len = psk_id_len },
+            },
+        },
+    };
+#else /* DTLS_PSK */
+    ecdsa_public_key_t other_pubkeys[] = {
+        { .x = ecdsa_pub_key_x, .y = ecdsa_pub_key_y },
+    };
+
+    credman_credential_t credential = {
+        .type = CREDMAN_TYPE_ECDSA,
+        .tag = SOCK_DTLS_GCOAP_TAG,
+        .params = {
+            .ecdsa = {
+                .private_key = ecdsa_priv_key,
+                .public_key = {
+                    .x = ecdsa_pub_key_x,
+                    .y = ecdsa_pub_key_y,
+                },
+                .client_keys = other_pubkeys,
+                .client_keys_size = ARRAY_SIZE(other_pubkeys),
+            }
+        },
+    };
+#endif /* DTLS_ECC */
+    if (credman_add(&credential) < 0) {
+        puts("gcoap_cli: unable to add credential");
+        return;
+    }
+
+    /* tell gcoap with tag to use */
+    gcoap_set_credential_tag(SOCK_DTLS_GCOAP_TAG);
+#endif
+    
     gcoap_register_listener(&_listener);
 }