How to choose the best Over The Air update technology for my needs? Domarys Correa Follow Apr 22 · 4 min read

Overview of solutions for remote update

The ability to gradually model a product even after its launch is just one of the great advantages that updates Over The Air brings to the product. Another striking feature is the possibility of fixing new vulnerabilities and bugs not detected before, without removing this device from its current environment; saving resources, time, energy, and avoiding customer dissatisfaction.

What is OTA technology and how it works?

Over The Air (OTA) updates mean the distribution of data without physical contact with the device, which allows update programs and change settings via a central server, to one or more devices remotely, through a wireless connection. The caution varies according to what will be updated, whether the software or the firmware.

Update on high-level applications running on the device is called SOTA (Software Over The Air). These updates are restricted to non-critical applications and components on the device.

Now, if these updates change the device’s core system, they are firmware updates, also called FOTA (Firmware Over The Air) and are much more complex, since they directly affect the operation of the hardware and the overall performance of the device. What requires caution.

Even with great benefits, any OTA update technology also brings risks and possible vulnerabilities that cannot be ignored. First, because these updates occur over wireless connections, such as the internet, and this communication can be dangerous if its channels are not secure enough. Second, because unauthorized access or a broken package received can seriously damage the product.

Although some companies have started to adopt SOTA or FOTA updates of their services and products as a way to streamline their processes, many have still chosen to develop their own solutions, expending lots of resource and time expenses, in addition to being potentially dangerous. The project complexity required increases in the face of inexperience in the area, which delays the finding of the correct decision in the project.

Update systems need to be thought from the smallest details to more comprehensive questions such as: Who will be responsible for verifying the authenticity of the data? What is the form of this authentication? How to proceed in case of power failure or communication failure? What procedure should be performed if the updated image received does not load correctly? And a number of other cases.

How to have the benefits of OTA update, without the risk?

If you intend to have an OTA update on your project, the best option is to seek specialized support, while still in the development phase, so that the product’s basic needs are met, respecting its development and adding even more reliability to the update process. The other option, especially when it comes to updating firmware, is to rely on a corporate solution, which in addition to being more secure, will save much more project time and reduce the team effort.

Today, there are solutions on the market to update Firmware Over The Air (FOTA) that meets the requirements from the device to the cloud and vary according to the product, number of devices and features.

Some opensource options are:

Balena: is a platform focus on the development and management of connected Linux devices. Although its purpose is not OTA updates, it offers a good infrastructure for deployment. The company headquarters is in England.

Mender: it’s one of the most generic solutions on the market, it stands out for supporting both software (SOTA) and firmware (FOTA) updates. Its headquarter is in California.

Upswift: is a solution-focused on the control and management of IoT, Linux, and RTOS devices which allows the sending of micro-updates. Depending on the devices, it is a satisfactory option. It also has its headquarter in California.

UpdateHub: one of the most complete solutions to FOTA updates, it stands out for supporting also the Bootloader update. Its infrastructure allows the automation of the process as a whole, considerably reducing efforts. Its headquarter is in Brazil.

The enterprise solutions, in addition to offering greater agility, reduce human interference as much as possible, which adds greater security to the process decreasing the chances of fails caused by tiredness, lack of attention, which are quite common to happen. Your choice, however, should consider the needs of the project, the product life cycle, especially when it is intended to reduce costs and efforts.

Whether choosing a ready-made Over The Air solution or developing your own, keep in mind some important features that will ensure the safety of your device during the process:

Atomic updates: to prevent failure occurring during the update package installation process in case of interruption (power failure, lack of disk space, among others).

Integrity checksum: to avoid corruption during file transfer over a network.

Secure communication: ensure the confidentiality of all data sent and received.

Package Signing: guarantee the authenticity of packages before it is installed on the device.

These characteristics are especially important when the information received changes programs or parts of the system. What means this kind of feature avoids the risk of an update fails for external reasons. There isn’t a solution better than others, but the most suitable for your project. Always consider the life cycle of your product and choose the solution most aligned with your business strategies.