Blog

The world's most secure and robust OTA solution

During 2015 we spent a lot of time talking to users and companies in the embedded space. Our early findings which continued to be confirmed during the market research showed that 50% of all connected devices had no way to be remotely updated. Besides some outliers, the other 50% had homegrown solutions to do over-the-air updates (OTA). Common for almost all homegrown solutions were their fragility and insecurity. This was understandable. After all product companies are not set up to make system management software. Herein lied the opportunity for Mender: Create a secure and robust OTA for the world’s connected devices.

Security and robustness since day one

The team behind Mender, is the same team that developed CFEngine, a large-scale automation solution that manages some of the world’s largest mission critical production IT-infrastructures. We knew the importance of security and robustness from the get go, and we brought our experience and expertise to Mender.

Security and robustness permeate the Mender team. We hold ourselves to the highest standards. In everything from design to implementation to documentation and testing. Mender is and shall remain very robust and secure.

Given its permissive Apache v2 license, our hope is to eradicate fragile and insecure homegrown solutions and thereby contributing to a more safe and secure world.

High test-coverage

One objective way to deliver on our promise of a high-quality product relates to a very high test coverage of our code. Mender code has unit tests associated with it. On top of that we have 518 acceptance tests and 263 integration tests executed for every master code change, numbers that increase every time we develop a new feature. This high level of test coverage not only ensures high-quality, but it also allows us to move faster because engineers are confident issues will be detected fast, and can quickly be fixed.

Another benefit relates to the release cycle. According to our engineer Lluís Campos, who is the main architect behind our current nicely automated pipeline, we can release a new version of Mender almost at any point in time with very little human effort.

World-class documentation

Again and again we are told by our users how the Mender documentation impresses them. What lies underneath is the clean and thoughtful architecture and design of Mender which makes it “easy” to create good documentation.

We think engineers themselves should ensure documentation is up to date and holds high quality. Ensuring documentation updates is part of our definition of “done” in any engineering task.

It’s in our DNA

From our product owner, Eystein Stenberg to the small army of engineers implementing and developing code, writing tests and documentation, robustness and security stay top of mind. When Mr. Stenberg decided on our first use-case; end-to-end Yocto based dual-partition atomic updates, this was not by coincidence. This particular use-case addressed the most important gaps we found in many of the home-grown solutions. Even the earliest users of Mender could benefit from a robust solution, that even if a device lost power during an update, it would be able to recover to a last known good state.

Yocto, a bottom-up Linux based Operating System gives all the control to the end-user to decide which component to use instead of using a stock OS filled with unknowns. Again, security and robustness drove the decision.

It is safe to say that robustness and security is part of our DNA.

There is still more to do

Although we feel proud to have taken a big leap ahead of fragile and insecure homegrown OTA solutions, and helped the world move towards a more robust and secure connected world, there is still room for improvements.

Our test-coverage can increase even further. We can always benefit from more integration tests. We can always try to fix bugs faster. We can always try to be ever more mindful about robustness and security. However, we have come a long way, and to everyone deciding to use Mender: “Our goal is to ensure that Mender is the World’s most Secure and Robust OTA solution”. We are ready to be held to this promise.