NVIDIA partner logo NXP partner logo






Over-the-Air Updates

Also known as over-the-air programming, Over-the-Air Updates or OTA is a method that allows developers to provided software updates to an embedded system without the need of having physical access to the device. However, in order for this technique to be applied, the device needs to be connected to a wireless network.

OTA allows providers to update several software components of the system, ranging from small updates to specific configurations or bigger updates to the root file system or the device firmware. This technique can be especially relevant to embedded systems installed in locations that are hard to access or if a product has already been shipped, it is not practical to recall all of the devices to apply the updates through a physical connection.

 
Fig 1. Industries that benefit from OTA. Extracted from link

As updating a system over-the-air makes the process easier and faster, it allows developers to maintain their system up to date with the latest version of their code to ensure the correct functionality and integrity of the product. This becomes specially relevant if bugs and vulnerabilities are discovered after the product has been released, so as soon as an updated version of the software with the corresponding fixes is ready, it can be shipped to all units remotely without having direct access to the device, minimizing the risk of the security vulnerabilities being exploited.

While OTA provides a great solution to the problem of updating remote devices, there are aspects that developers need to keep in mind when implementing an OTA solution. For example, if a device is being updated remotely and the connection to the network is interrupted mid update, this could leave the device in an unusable state. The more important aspects to consider are the following:

  • Reliability: As mentioned, network interruptions during the update process can seriously affect device. Due to this, robust mechanism need to be implemented to give the system a recovery option in case of a failure during the update process. An example of this is dual-partitioning.
  • Security: OTA must be secure to prevent malicious updates from being applied to the system. It can be combined with other features such as secure boot and TPM to ensure only trusted updates are applied to the system.
  • Resource Constraints: As embedded systems system often have limited resources, OTA implementations need be lightweight to ensure that updates can be applied without affecting system performance.
  • Version Compatibility: If there are different versions of the hardware each version must get an adequate update. Update management tools can help in handling this.

OTA works by posting the update to a remote server to which embedded OTA enabled devices can connect, and the server provides a mechanism for devices to check if updates are available. The connected devices will periodically check for updates, or when the action is triggered by actions such as getting connection to the network, and when an update is available the package will be downloaded by the device. After that, the package is verified to ensure the integrity of the update and if package is determined to be trustable the update is applied.

 
Fig 2. OTA process illustration. Extracted from link


Example: Mender.io

Mender is a project that allows the OTA (over-the-air) updates on embedded Linux devices in a robust a secure way. Mender has support for multiple platforms. To learn more about their client-server architecture and how to implement it in your embedded Linux platform, check out RidgeRun's Mender.io tutorial, and if you want to know more about other OTA providers and check a complete implementation and use cases of Mender in a Jetson Orin Nano you can check our Over-the-Air section.

 
Figure 3. Mender architecture