Overcoming 5 Challenges with Over-the-Air Updates Using MCUs
The ability to update an embedded system using a bootloader is an important skill to master, especially in the IoT age filled with connected systems using microcontrollers.
January 20, 2016
Despite all the effort placed into developing an embedded system, bugs will be discovered in the field or end users will request additional features. In order to update firmware in the field or remotely over-the-air, the embedded system must have a bootloader onboard, making the ability to update an embedded system using a bootloader an important skill to master. For over-the-air updates of embedded systems, which are part of the Internet of Things modus operandi, there are five key challenges facing development teams.
Challenge #1 – Code Size
Microcontroller-based applications used to be very small, on the order of eight to 16 kilobytes at most. Modern microcontrollers can have upwards of 1,024 kilobytes worth of application code space available to developers. Despite this explosion in capacity and capability, code size poises the first obstacle to embedded programmers looking to update their firmware over-the-air.
One of the challenges with code size is that microcontrollers typically don’t have onboard file systems for the application code that is being run, unlike CPU-based systems running Linux. Since files don’t exist, object files are placed contiguously within memory by the linker. A minor adjustment to the application could result in updating the entire flash space! To prevent such a catastrophe, developers need to have the forethought to partition memory with the anticipation of what areas of the code base may need to be modified. The result can be inefficient use of onboard flash and considerable complexity added to the system.
Challenge #2 – Bandwidth
In general, when a developer is considering bandwidth in relation to a bootloader, the bandwidth is used to determine the maximum flash time required to update an application. Updating an embedded system over-the-air potentially adds a couple of additional challenges.
The first challenge concerns bootloaders that are required to work over a wireless link that may have a cost associated with transmitting and receiving data. In many cases over-the-air updates would probably be performed over WiFi or Ethernet, but what about mobile devices that use cellular data links? Considering a single embedded system, one might dismiss the single megabyte of application code required to update the system, but what happens when there are millions of devices that need to be updated? Considerable costs could be incurred to simply push out a single update.
[Learn more microcontroller trends and developments at Pacific Design & Manufacturing, Feb. 9-11, at the Anaheim Convention Center.]
Engineers developing a bootloader, especially one that is performing updates over-the-air, need to find ways to compress the application image in order to minimize the amount of data transmitted over-the-air. Compression could be performed in a number of ways, or if a developer has partitioned flash space on a per-object basis, the use of a diff file might even be possible.
Challenge #3 – Robustness
One of the bootloader temptations facing many development teams is to use the bootloader solutions that are provided by the chip manufacturer. The problem with chip manufacturer solutions is that they often reside within ROM space and cannot be customized. More important is that the ROM-based bootloader is usually nothing more than functional code. Functional code can perform a purpose under controlled conditions but isn’t meant for a production environment where anything goes.
READ MORE JACOB BENINGO ARTICLES ON DESIGN NEWS:
Robustness needs to be built into a bootloader solution from the beginning. A bootloader should have capabilities to verify the integrity of the onboard application. A bootloader should be able to detect a failed firmware update and roll back to the original application rather than bricking the system. In a production environment there are many events that could upset the system, but a properly designed bootloader will be robust enough to handle them smoothly without the end user ever being aware that there is a problem.
Challenge #4 – Security
Many microcontroller-based bootloaders ignore security, which is a critical challenge facing developers performing over-the-air updates. One of the simplest security measures that a developer can take is to simply lock the flash system.
Developers who are performing over-the-air updates might consider encrypting the application image to prevent anyone from gaining insights into proprietary firmware or even reverse engineering and hacking the system. An over-the-air bootloader should have built-in methods to authenticate the update process.
Challenge #5 – Version Management
The final challenge facing developers of over-the-air bootloaders is version management. Managing the version of firmware that will be distributed to potentially millions of devices is no small task. Odds are, firmware updates won’t be pushed all at once but rather in controlled batches. Even more importantly, chances are that different versions of hardware will exist at some point and potentially even different application sets for different end users. Keeping track and making sure that firmware rollouts go smoothly can be a major challenge.
Conclusion
Bootloaders are usually ignored until the end of the development cycle, yet they play an absolutely critical role in an embedded system. The five challenges presented here are just a few that embedded software developers face when developing connected systems using microcontrollers.
If you are interested in bootloader development for microcontroller-based systems, consider attending the Design News Continuing Education Center course, Bootloader Design for Microcontrollers, Jan. 25-29. Also, contact me directly for additional resources.
Jacob Beningo is principal consultant at Beningo Engineering, an embedded software consulting company. Jacob has experience developing, reviewing and critiquing drivers, frameworks and application code for companies requiring robust and scalable firmware. Jacob is actively involved in improving the general understanding of embedded software development through workshops, webinars and blogging. Feel free to contact him at [email protected], at his website www.beningo.com, and sign-up for his monthly Embedded Bytes Newsletter here.
Like reading Design News? Then have our content delivered to your inbox every day by registering with DesignNews.com and signing up for Design News Daily plus our other e-newsletters. Register here!
You May Also Like