Embedded Update

Embedded devices require a fully automated update. This is commonly referred to as an OTA (over the air) update. The technical implementation of this concept must take into account all the different storage media as well as all the various communication channels for the distribution of the update.

The constantly advancing complexity of system-on-chips expands the functional scope of the devices manufactured with them, and thus also places increasing demands on the update concept. Often, it is no longer just a processor that needs to be supplied with software, but also other components such as FPGAs, heterogeneously structured CPU cores or subordinate devices. Technologies such as containers or hypervisors allow third-party software to be used on an embedded device. This third-party software also requires a secure update, although it is desirable that in this case the update does not necessarily have to be delivered by the manufacturer of the device.

In addition, there are the ever-present high demands of industrially used systems. Because there is no operator sitting in front of the device who can manually trigger a reset in the event of an error. The demands on an update system that can be derived from this situation can be summarised as follows:

Authentication of the update server (security endpoint feature)
Signed and optionally encrypted updates (data integrity)
Verification of each update locally before download
No import of outdated, faulty updates (downgrade)
Power failure security and robustness against faulty data transfers
Rollback option, also for downstream devices
Multiple images for multiple units in one update
Forwarding of updates to downstream devices (FPGA, CPUs ...)
Optimal use of memory
Optimal use of existing bandwidth (CDN-friendly systems) thanks to delta updates
Update as images, as partition updates, as packages and as files
Feedback update and information exchange to the management server

We have implemented these requirements on the basis of an open source tool (swupdate), which has received appropriate extensions from us. Our tool can be easily integrated into Yocto or Debian based build environments. An update then runs as shown below.

The above points describe the requirements of the target device regarding the update. In addition, one also needs a tool to which the device can log on and receive its update, and which can manage the devices.

Embedded Update Process Overwiew

Want to learn more? Then log on to our download area and get the White Paper Update 2021. Not quite sure if this is of interest to you? Here you can find a preview of what awaits you there.