The embedded systems industry is struggling to properly bring devices online due to the security implications of connecting devices at mass scale. The Internet of Things is not new -- it was previously referred to as cyber-physical systems or machine-to-machine (M2M): bringing devices online is not a novel development. But due to the scale of connecting devices and the numerous hacks that have already affected health-sensitive target devices as in the case of medical devices and connected cars, it is rightfully receiving renewed scrutiny.
One specific area receiving attention is the ability to update and patch vulnerable IoT devices. Unfortunately, the software update mechanism is typically a rudimentary homemade endeavor for many embedded development teams. A common thread from these homegrown update solutions is that they largely lack the many capabilities to ensure security and robustness.
Requirements for updating software to connected devices differ from many other solutions in the IoT ecosystem, for example cloud infrastructure, because connected devices must be treated and assumed unreliable and non-redundant, for instance due to poor connectivity, loss of battery, physical damage, and end user behavior.
In this paper, we discuss:
- The need for an OTA update mechanism to have the ability to manage a large fleet of connected devices
- Security and robustness of a software update solution to ensure the resiliency of the embedded systems
- Why an OTA mechanism needs to easily expose APIs to hook into existing continuous development, build and integration systems