Mender blog

Firmware over-the-air: package-based vs image-based updates

Here at Mender.io, we did a comprehensive survey with embedded developers and what they did with devices that required software updates over-the-air (OTA). Our findings included two very distinct approaches to handling updates, which we will go over in more detail in this blog post.

The results of our survey included the following:

Survey results for update type

Whether you do manual firmware updates to your devices or have the capability to provide them over-the-air, there are two primary methods to deploy them: image-based or package-based updates.

The most quoted reason why image-based updates was chosen is confidence in device consistency. Of course, consistency helps lower the risk of device downtime and the developers we’ve surveyed claim they feel strongly that what they tested in the preproduction/test environment is exactly the same as the one being deployed to the devices in the field. It also makes the design easier for atomic installation using a failover partition if there is a problem such as a power loss during the installation.

Package-based updates have the benefit of being more targeted and only changing a small part of the device software. Another key benefit is less consumption of the bandwidth and of course helping with the time to transfer and installation.

There are pros and cons to each approach. For example, a package-based update may be smaller to transfer and install, but it can be an enormous challenge to properly test and there are simply more moving parts that increases the likelihood of errors. With an image-based approach, the size means a larger consumption of bandwidth and the time it takes for delivery and installation. But it is atomic, meaning it will either work or not and eases the testing burden.

Ultimately, the context of your specific situation with your connected devices will dictate which approach works best for your team to ensure bug-fixes get delivered, security vulnerabilities are patched, and new features are delivered for your customers.

Recent articles

An Overview of EU Cyber Resilience Act (CRA) Compliance

An Overview of EU Cyber Resilience Act (CRA) Compliance

Learn how the EU Cyber Resilience Act (CRA) enforces stringent cybersecurity requirements for PDEs. Explore compliance essentials in part 1 of 4
Mender versioning: New releases by component

Mender versioning: New releases by component

Explore Mender's shift to independent component releases and versioning, designed to enhance update speed and user clarity.
Driving secure innovation: ISO/SAE 21434 & UNECE compliance

Driving secure innovation: ISO/SAE 21434 & UNECE compliance

ISO/SAE 21434 and UNECE R155/R156 standards reshape cybersecurity in software-defined vehicles. Compliance with these frameworks is essential for protecting consumers, ensuring vehicle safety, and driving innovation in the automotive industry.
View more articles

Learn why leading companies choose Mender

Discover how Mender empowers both you and your customers with secure and reliable over-the-air updates for IoT devices. Focus on your product, and benefit from specialized OTA expertise and best practices.

 
sales-pipeline_295756365