Efficient Over-the-Air (OTA) Updates for IoT Devices: Azure Sets New Standards in Secure Software Updates
The increasing number of IoT devices used by our customers and the associated need for more over-the-air (OTA) updates have prompted us to evaluate and implement a sustainable and secure option for updating the firmware and software of customer projects. The following concept description is based on Microsoft Azure IoT. This solution allows building an initial cloud infrastructure for each project which covers multiple use cases. For example, the post-market surveillance of rolled-out devices can be ensured through data analysis. The data from the cloud infrastructure can also be processed further using a wide variety of algorithms.
Low power consumption is often an essential requirement for IoT devices. Therefore, the communication protocols are designed to use as little transmission and computing power as possible. Many devices incorporate wireless technologies such as Bluetooth, ZigBee, Thread, or LoRa that are not compatible with TCP/IP protocol. It should also be possible to update these devices over-the-air. The use of various non-TCP/IP wireless technologies thus poses a challenge for cloud solutions.
An Overview of the Cloud Solution
Our solution represented in the diagram above is based on the Azure Cloud Platform and requires four different Microsoft services. The devices can be connected to the cloud and updated using various wireless technologies (with or without TCP). To accommodate non-TCP/IP technologies, a Gateway is needed to convert the desired packets into TCP packets.
The biggest challenge is connecting the IoT microcontroller to the cloud because each device requires a TCP implementation. Many cloud providers offer a Real Time Operating System (RTOS) for this purpose which already handles the cloud connection. A popular and widespread system is FreeRTOS which was purchased by Amazon (AWS) in 2017 and now includes all libraries for connecting to the Amazon cloud. Another established system is Azure RTOS from Microsoft which includes a software wrapper for FreeRTOS devices. This means that our solution can be implemented for both FreeRTOS and Azure RTOS.
Performing the Firmware Updates
The operator starts the update from the Azure portal (1). Then, the “Azure Device Update” service retrieves the applicable firmware file and the corresponding manifest file (2) from the cloud storage. The manifest file contains vital information about how to install the update on the target devices. After successful completion of this step, the service sends the appropriate update command to the target devices via the “Azure IoT Hub” (3). The update command contains the URL and the relevant JSON Web Signature for downloading the new firmware and the manifest file (4). The hash key for authentication of the firmware file is contained in the manifest file. In the final step, the target devices download the new firmware file and conduct the over-the-air functions which have been implemented (5, 6).
Advantages of the Cloud Solution
There are numerous challenges for secure, high-performance medical products during their entire life cycle:
- Independent of wireless technology: expanding the cloud solution is possible regardless of the type of wireless technology used.
- Expandability/Connection to additional services: Building the “Infrastructure as Code” simplifies expansion and the integration of additional services. For example, adding microservices for QA (post-market surveillance) applications.
- Sustainable and secure: The current Azure services will remain compatible for years and Microsoft will continue to develop the solution according to the highest standards of security.
- Time to market: By using this proven framework, functionality becomes the focus resulting in a shorter time to market.
- Costs: The cloud solution allows minimizing and scaling costs in the short term. Depending on the services provided, the costs are based on the number of reports or the number of devices. Basic monthly fees may also apply. For updates, the basic monthly fee is CHF 65 plus CHF 0.064 per device.
The abovementioned advantages of the cloud solution and its perfect fit with our agile methods make it possible for us to satisfy the wishes and requirements of our customers without much additional effort. Furthermore, by distributing our solution using a script in the Azure cloud, we can set up the initial cloud infrastructure for every project and then expand it with additional services.
Would you also like to benefit from a flexible and reliable Azure IoT solution? Do you need support for your IoT cloud infrastructure? If yes, then please do not hesitate to contact us. We gladly support our customers as a partner from conception and development to maintenance during the entire product life cycle.
Burak Kizilkaya, Embedded Software Engineer
We are here for you – send us your request!
Developing together! We put your ideas into practice and accompany your projects until they are ready for the market. Get in touch with our experts now.