D



Embedded Update

Embedded devices require a fully automated update. This is commonly referred to as an OTA (over the air) update. The technical implementation of this concept must take into account all the different storage media as well as all the various communication channels for the distribution of the update.

The constantly advancing complexity of system-on-chips expands the functional scope of the devices manufactured with them, and thus also places increasing demands on the update concept. Often, it is no longer just a processor that needs to be supplied with software, but also other components such as FPGAs, heterogeneously structured CPU cores or subordinate devices. Technologies such as containers or hypervisors allow third-party software to be used on an embedded device. This third-party software also requires a secure update, although it is desirable that in this case the update does not necessarily have to be delivered by the manufacturer of the device.

In addition, there are the ever-present high demands of industrially used systems. Because there is no operator sitting in front of the device who can manually trigger a reset in the event of an error. The demands on an update system that can be derived from this situation can be summarised as follows:

  • Authentication of the update server (security endpoint feature)
  • Signed and optionally encrypted updates (data integrity)
  • Verification of each update locally before download
  • No import of outdated, faulty updates (downgrade)
  • Power failure security and robustness against faulty data transfers
  • Rollback option, also for downstream devices
  • Multiple images for multiple units in one update
  • Forwarding of updates to downstream devices (FPGA, CPUs ...)
  • Optimal use of memory
  • Optimal use of existing bandwidth (CDN-friendly systems) thanks to delta updates
  • Update as images, as partition updates, as packages and as files
  • Feedback update and information exchange to the management server

We have implemented these requirements on the basis of an open source tool (swupdate), which has received appropriate extensions from us. Our tool can be easily integrated into Yocto or Debian based build environments. An update then runs as shown below.

The above points describe the requirements of the target device regarding the update. In addition, one also needs a tool to which the device can log on and receive its update, and which can manage the devices.