Your submission was sent successfully! Close

  1. Blog
  2. Article

Edoardo Barbieri
on 10 October 2022

IoT Project Lifecycle: Key considerations for OTA updates at scale [Part IV]

From entertainment to security, automation is now pervasive. Intelligent devices are transforming our homes while enriching our lives, making them more efficient, productive and environmentally friendly.

Most embedded devices run Linux, and their number is poised to keep growing. As we move into a world where our houses are full of devices storing personal information and with cameras and microphones attached to them, it’s important to celebrate the role of free software in powering such a revolution. Whilst we strongly believe in the power of open source to unleash creativity, this enormous success brings profound responsibilities to the Linux community.

Legacy embedded systems were largely unconnected, with manually applied updates at most comprising functional fixes. The new wave of devices is connected to the internet, allowing hackers to exploit eventual bugs. Is the current paradigm capable of delivering reliable software updates to low-powered, inaccessible, and often remotely administered embedded Linux devices in the field?

Legacy update mechanisms are not suitable for IoT devices

Most updates rely on tarballs and shell scripts, paralleling the evolution of early Linux distros with packages in tarballs without dependencies. A scripted update is not robust, as it lacks atomicity and can’t update the kernel in raw flash memory [1].

Modern tools and package managers like dpkg and RPM solve some problems by including a complete set of dependencies but still provide non-atomic, incremental updates. A package manager usually replaces existing files and binaries on the system, often in long interdependent chains that can leave the updated machine in a non-working state. If the handcrafted package-based releases require specific pre/post-install scripts, they risk rendering the system inconsistent [2]

With traditional update mechanisms, faulty updates can cause IoT devices to become unstable, and fixing them requires costly manual intervention through on-site engineer visits or device recalls.

When you need to revert to the previous software, downloading an old version from a package repo and installing it over a broken system may require a complex set of scripts from a package maintainer. Developers often obtain newer or older versions of the dependent packages to solve the challenge of installed libraries having dependencies on specific software, potentially breaking compatibility further and pushing the problem to another set of packages [3]

Furthermore, whereas an apt-get update works fine for servers within a secure environment, intermittent power and network outages for devices in the field mean an update will likely be interrupted. Whether driven by a software bug, power outage or filesystem issue, the system may become inconsistent and require costly, expert manual intervention to recover.

Also, as we discussed in Part IV of this series, the next generation of IoT innovations is moving too fast compared to the release cadence of standard Linux distros.

Key considerations for OTA updates

IoT devices need a robust, production-grade software distribution mechanism capable of shipping unattended, over-the-air (OTA) updates. Not only are OTA updates needed to keep the devices safe in the field by fixing bugs, but also to deploy new features for enhanced performance. 

Building a fail-safe mechanism for update recovery and scalable infrastructure for OTA is quite expensive and time-consuming. Furthermore, an updater must meet a few requirements to be effective at scale. First, the remote nature of many embedded devices means:

  • They need to roll back in case of faulty updates
  • The service needs to deliver robust, automated updates 
  • The system must have enough redundancy to handle autonomous re-provisioning and network-free bootstrapping.

The provisioning of critical updates is also crucial, as the devices may need urgent bug fixes and vulnerability patching beyond the regular update cadence. Furthermore, unattended updates must be atomic to prevent rendering the device unusable, and they need to preserve user data.

Solving the software updates challenge for IoT devices

At Canonical, we know we stand on the shoulders of giants in building Ubuntu. We are now raising the bar of what is possible in the world of free software while delivering it with phenomenal security. 

With Ubuntu Core, we built the lightest and most secure version of Ubuntu for IoT devices. As Ubuntu Core is the premier embedded Linux choice by innovators, we are committed to keeping it secure by automatically delivering OTA updates on day zero.

The update mechanism of Ubuntu Core is faster, more efficient and more reliable than the traditional package-based approach to IoT devices. Ubuntu Core allows atomic transactional updates in the system. The kernel, the rootfs and any application on top are all transactionally updated, allowing for faster, more reliable updates.

The system attempts to apply OTA delta diffs to conserve bandwidth. It moves forward on success or automatically rolls back in case of failure. Ubuntu Core mitigates data corruption caused by modification during application update failures. It maintains the original data before the upgrade, allowing seamless rollbacks as needed. Unlike alternative or more traditional package managers, a failed update never leaves the system in an unpredictable state.

Furthermore, with each software release, developers can bundle everything their IoT device needs into one package, eliminating the risk of missing dependencies.

From the tiniest devices up to the heaviest x86 server, developers can now prototype, build and ship production-ready devices that will automatically update themselves to their latest version; with all the security fixes they expect from Ubuntu. Ubuntu Core and its robust OTA update mechanism enable the next generation of secure, open and extensible IoT devices, from set-top boxes and home hubs to robots and drones, unleashing a new wave of creativity and innovation.

Further reading

Why is Linux the OS of choice for IoT devices? Find out with the official guide to Linux for embedded applications

Working on a new IoT project, but unsure which OS to pick? Learn about the trade-offs between Yocto and Ubuntu Core.

Read our whitepaper on IoT lifecycle management for more insights. 

Join the conversation on IoT Discourse to discuss everything related to IoT and tightly connected, embedded devices. 

Related posts

12 September 2023

이제 인텔 SoC에서 일반적으로 사용 가능한 최적화된 실시간 우분투

IoT Article

Canonical이 TSN 및 인텔 TCC를 지원하는 인텔 코어 프로세서에서 실시간 우분투를 제공 2023년 7월 26일, 런던: Canonical은 오늘 인텔 코어 프로세서에 최적화된 실시간 우분투를 이용할 수 있음을 발표했습니다. 이 솔루션을 통해 기업은 통신회사 워크로드에서 생명을 구하는 의료 장비 및 공장용 자동화 시스템에 이르기까지 광범위한 사용 사례에 인텔 실리콘에 최적화된 리눅스의 성능을 이용할 수 있습니다. Canonical의 ...

26 July 2023

Optimised Real-time Ubuntu is now generally available on Intel SoCs

IoT Article

Canonical delivers Real-time Ubuntu on Intel Core processors with TSN and Intel TCC support London, 26 July 2023: Canonical today announced the availability of Real-time Ubuntu optimised on Intel Core processors.  The solution enables enterprises to harness the power of optimised Linux on Intel silicon for a wide range of use cases, from ...

23 March 2023

이제 실시간 우분투를 일반적으로 사용 가능

IoT Article

실시간 우분투는 현대 기업의 시간 제약이 있는 워크로드에 종단간 보안 및 신뢰성을 제공합니다. 실시간 컴퓨팅 지원을 통해 Canonical은 오픈 소스 소프트웨어 소비를 위한 동급 최고의 경험을 제공하겠다는 약속을 더욱 강화하게 되었습니다. Canonical은 오늘 실시간 Ubuntu 22.04 LTS를 일반에서도 사용 가능하다고 발표했습니다. 실시간 우분투는 지정된 기한 내에 보장하는 응답 시간을 최소화하는 것을 목표로 외부 이벤트에 대한 ...