Over-The-Air (OTA) update is a way to remotely update your software on an embedded system. In other words, it makes it possible to update and fix your software as well as deploy new features and patch security vulnerabilities without physically getting to the board.
A system working like this demands robustness. A faulty update, following a network issue or power loss while updating, can brick your device, demanding a complete recovery. Therefore, OTA updates should be carried out atomically, providing a rollback to the last working version in case an unexpected event occurs leading to failure. Also, a system like that demands security. Because it grants a way to change the entire filesystem over the internet, this structure has to implement security checking features, such as TLS communication, to ensure confidentiality, as well as signature hashes for integrity and authenticity checking.
The OTA update system can also provide some kind of versioning method, which allows updates to download only the delta (diff) instead of the full rootfs as this saves a lot of time and internet usage. Note that not only you can update the entire rootfs, but also single applications libs or even a mix between all of that, should you want to.
OSTree is a library - actually libostree - that handles updates for filesystem trees, that is, the entire Linux root filesystem. OSTree is the preferred technology to deploy Over-The-Air updates for Toradex Modules. OSTree is a key technology used by Torizon Remote Updates, which is based on Aktualizr.
In this article, we will show solutions for Over-The-Air updates both provided by Toradex and Third Party companies.
Besides choosing to use an OTA Update platform, developers must also choose which one to pick. You can develop your own solution, implement existing, open-source software, or use corporative services. Toradex offers a variety of solutions through operating systems, partners and services.
Torizon Remote Updates is a complete solution that covers both the device and the server, providing seamless integration of hardware and software.
Device: our own Operating System, Torizon, makes use of OSTree: "a shared library and suite of command-line tools that combines a "git-like" model for committing and downloading bootable filesystem trees, along with a layer for deploying them and managing the bootloader configuration", as explained at the Torizon Remote Updates article. In this case, Aktualizr, an open-source implementation of Uptane (a very secure software update system design), is used as a supervisor, checking authentication and integrity, handling the security part of OTA.
Server: Toradex provides a hosted server for its customers, the app.torizon.io. Our solution is integrated with the Torizon platform which makes it easy to keep the TorizonCore OS up-to-date with the latest software from Toradex, as well as make it easier to manage and deploy both system updates and containerized applications to remote devices.
To learn more, visit the Torizon Remote Updates article.
Kynetics is a software development company providing customized U-Boot, Secure Boot, Drivers, Linux Kernel, Android HAL, and embedded Android and Linux Operating Systems. In addition, to help speed up development to production timelines, Kynetics offers an over-the-air embedded OS builds delivery platform: Update Factory, which remotely updates your Android or Linux OS: kernel, userspace system and applications. For more information visit:
Mender is an end-to-end open source software updater for embedded Linux devices that allows secure image-based updates using HTTPS and the A/B partitioning method. It includes both the client and management server providing tools to build, deploy and manage your software OTA. They offer a commercial solution named Hosted Mender, it is a cloud implementation for the server-side part of Mender.
Balena, known in the past as Resin.io, provides a complete set of tools for building, deploying, and managing fleets of connected Linux devices. Their core platform, balenaCloud, encompasses device, server, and client-side software, allowing you to push code to the Balena build servers, where it will be packaged into containers and delivered to your fleet. For more information visit:
Foundries.io offers Linux microPlatform. It is comprised of secure updatable firmware, kernel and a minimal distribution built using Open Embedded/Yocto, to run applications and Containers on SoCs. Applications include upgradable smart devices for industry and home, gateways and edge computing devices, reconfigurable OTA for newly attached hardware and/or services, and securely updatable software platforms for the automotive, robot, and drone industries. Note that our Operating System, Torizon, is built on top of Foundries' Linux microPlatform, thus they share the same technologies at the device level. To learn more, visit:
Qt offers an OTA Module that enables OTA Updates functionality in embedded Linux images built with meta-boot2qt. This solution is based on OSTree and features atomic updates, GPG signing and pinned TLS, efficient Disk Space handling, optimized bandwidth usage and rollback support, among other things. To learn more, visit:
QNX is a secure and safe RTOS. BlackBerry, the owner of the operating system, also provides a full OTA solution named BlackBerry QNX Over the Air (OTA). This solution leverages field-proven BlackBerry security technology such as Certicom PKI and works seamlessly with the BlackBerry Jarvis binary static application security testing (SAST) platform.