SCHEDULE BUILDER
Welcome to the Drive World with ESC 2019 Presentation Store. Here you can view and download conference presentations before, during, and after the event. If you’re looking for a presentation from a specific session that you’re unable to find here, note that it’s likely because the presenter has not provided permission for external use or has not yet shared their presentation with us. Please check back after the event for a more complete catalogue of available presentations.
Designing a Secure & Reliable OTA Implementation
Nick Lethaby (IoT Ecosystem Manager, Texas Instruments)
Location: Room 209
Date: Wednesday, August 28
Time: 2:05pm - 3:00pm
Track: ESC - IoT & Connected Devices, ESC - Embedded Software Design & Verification
Format: Technical Session
Vault Recording: TBD
OTA (Over-The-Air) updates are essential for IoT devices, enabling bugs or security flaws to be patched remotely rather than physically updated by service technicians or inexperienced users. There are some major challenges in any OTA process: the device must be sure that the update emanates from a trusted source and was not modified during transit; it must be able to recover if the system crashes during the firmware download. The device itself will typically require additional memory since two images will need to reside concurrently and there must be a boot protocol that enables reversion to the previous image in the case of the new one failing. Furthermore, in some applications, it may be necessary to run the OTA in the background to minimize system downtime. In this session, we will discuss these challenges in more depth and then give a technical overview of a secure OTA framework that has been implemented on an ARM Cortex M4-based wireless microcontroller. This technical overview will cover the different stages of OTA and how they are implemented, bootloader and file system requirements, such as security and fail-safety, and the different security protocols, ciphers, and certificates needed to ensure firmware image integrity and authentication.