Logo image

Over-the-air firmware updates in a nutshell

3 December 2024


Firmware is the backbone of nearly every electronic device. It’s a special type of software integrated with a device’s hardware, managing its core functions and ensuring the device operates as intended. Without firmware, a device simply wouldn’t function – it is essential to the basic operation of everything from smart home sensors to powerful industrial machines.

Given its critical role, keeping firmware secure and up-to-date is crucial. However, updating firmware can be challenging, especially for IoT devices, which vary widely in applications and complexity. For instance, some of our clients’ devices are deployed high in the mountains or in hard-to-reach industrial locations, making manual access difficult. Additionally, manually updating a fleet of thousands of devices is simply impractical. Moreover, in complex systems, like vehicles, managing firmware-hardware compatibility and dependencies introduces further challenges. This is where over-the-air (OTA) updates come into play.

But what exactly is OTA, and how does it simplify the process of firmware updates? In this article, we’ll break down the concept of OTA updates and explore why they’re a game-changer for maintaining device security and performance.

Data center with network visualization representing OTA firmware updates, enabling remote updates across connected devices
Data center with network visualization representing OTA firmware updates, enabling remote updates across connected devices
Data center with network visualization representing OTA firmware updates, enabling remote updates across connected devices

Looking for firmware development support? Contact us and let’s work together!

What exactly is firmware?

In short, firmware is a “hidden” programming code embedded into given hardware and used to control it. It is sometimes referred to as “software for the hardware.” However, although firmware is indeed a type of software, not all software is firmware. Therefore, the terms can’t be used interchangeably.

Firmware provides low-level instructions for the hardware, telling it how to operate. It delivers communication between hardware and the operating system and controls basic functionalities such as device startup. When you turn on the device, firmware is usually the first thing that activates and turns on the other components.

It’s typically stored in a non-volatile memory (such as flash memory or ROM), separately from the other types of software. This helps prevent accidental code alterations, keeping the device’s core functionality intact.

Firmware is found in all electronic devices, one of the most common examples being BIOS in a computer. It is a vital part of mobile devices, routers, IoT devices, and even cars.

What else makes firmware different from software?

Unlike generic software applications which can be used on various devices, embedded firmware is made for specific hardware. In other words, it can only function on the device it was designed for. Firmware also lacks a user-friendly interface that allows for interaction, which is common in other types of software.

As the name itself implies, firmware is “firm.” This means it is relatively fixed and typically modified less frequently than “regular” or higher-level software, which interacts more directly with users. Consequently, firmware updates are much less common than software ones.

Programming code

What is an OTA update?

You may be wondering, if firmware is so hard to modify, can it even be updated? Fortunately, the answer is yes. Firmware updates can come from various sources. Some manufacturers regularly release updates on their websites, allowing users to download and install them on their own. In this case, it’s important to verify the device model and manufacturer before installing the update to ensure its compatibility. The updates can also be conducted manually via a USB port.

However, for internet-connected devices, the process is much more convenient. These devices regularly check for new updates and can automatically download and install them. This process is called an over-the-air (OTA) update.

OTA is the method of delivering software, firmware, or configuration updates remotely through a wireless network, usually a Wi-Fi or cellular network. In the case of firmware, this kind of update is also known as FOTA (firmware over-the-air).

How does OTA work?

The update is created and uploaded to a cloud server, from where it is wirelessly transmitted to the respective devices. The updated firmware code is received by the gateway or microcontroller, often through proxy.

The update is then authenticated to verify both its integrity and source before installation. If the authentication fails, the memory of the current firmware remains locked and unchanged. Once authenticated, the device either prompts the user to approve the update or installs it automatically, replacing the current code with the new one.

An effective method of delivering over-the-air firmware updates is through a dedicated platform, such as Mender. Developed by Northern.tech, Mender is an advanced OTA update platform designed for IoT and embedded devices. It provides a secure and reliable update mechanism across a diverse range of devices. With robust security features such as dual A/B partitioning, delta updates, encrypted communications, and role-based access control, Mender ensures the integrity of the update process and prevents device bricking. For years, Tronel and Mender have collaborated to enhance the reliability and security of OTA updates for our clients’ devices, ensuring they remain up-to-date and resilient against vulnerabilities.

An infographic presenting how do over-the-air (OTA) firmware updates work

Over-the-air updates across industries

The concept of over-the-air (OTA) updates gained popularity alongside the rise of smartphones, back in the late 2000s. While this technology existed in a limited form before this, it was smartphones that accelerated its large-scale development as the first mass-produced IoT devices.

Since then, the use of OTA updates has significantly expanded, now being essential for a wide variety of internet-connected devices. “Secure and robust OTA updates used to be reserved for the large high-tech companies but have now become a fundamental requirement for every company to compete, with the continued advancement of IoT and smart technology,” states Eystein Stenberg, CTO of Northern.tech. “Greater complexity, scale, capabilities, and risks require a more secure and robust OTA infrastructure on which to support the constant change of software.” Today, a diverse range of products rely on OTA updates, including not just smartphones and tablets, but also smart home appliances, industrial sensors, medical equipment, and even cars.

Automotive

Automakers, especially those producing electric vehicles, often leverage OTA updates to enhance vehicle performance and introduce new features. This enables them to keep their fleets aligned with the latest technological advancements, providing customers with immediate access to new functionalities without requiring a trip to a service centre.

Electric car (EV)

Healthcare

On the other hand, in critical industries, such as healthcare, OTA updates can be truly life-saving. They are vital for keeping devices like patient monitors securely up-to-date and responsive to emerging needs. By enabling updates after deployment, manufacturers can continue improving medical devices, extending their operational lifespan and ensuring ongoing reliability. This helps provide consistent, high-quality care to more patients without the need for costly equipment replacements, ultimately contributing to better healthcare outcomes.

Medical equipment that can benefit from over-the-air (OTA) updates

Smart home

OTA also plays a crucial role in our homes. Devices like smart thermostats, lighting systems, and security cameras receive updates that introduce new features, fix bugs, and patch security vulnerabilities without user intervention, keeping them reliable and aligned with users’ needs. For example, smart thermostats can use over-the-air updates to improve energy efficiency or introduce new temperature control features.

Benefits of OTA firmware updates

Cost and time efficiency

Before OTA, all updates to embedded devices had to be carried out on-site, which was both financially and time-consuming. The device had to be collected by the technician and connected to the computer for a manual update.

Thanks to OTA, all firmware updates can now be conducted remotely, requiring minimal or even no input from the user. This is particularly beneficial for industries with devices in remote or inaccessible areas, an example of this being environmental or industrial sensors that are often installed in hard-to-reach locations. Moreover, devices can download and install updates automatically, so the user doesn’t have to worry about accidentally installing incompatible firmware.

Scalability

One of the biggest advantages of OTA is the ability to update multiple devices at the same time. It is especially useful for managing larger fleets, consisting of thousands or even millions of devices. OTA makes such updates faster and easier to conduct, even if the fleet is spread around the world.

For instance, consider how challenging it would be for a manufacturer to manually upgrade the firmware of all their smart home thermostats. Coordinating visits to each customer’s home for on-site upgrades would not only be time-consuming but also extremely difficult to manage. With OTA all those devices can receive essential updates almost instantly.

Improved security

Another huge benefit of OTA is the security it provides. Because these kinds of updates are automatic, the user doesn’t have to remember to download and install them. In the worst-case scenario, they just need to accept the received update. This helps protect the system against current and emerging threats as soon as they arise. When new security vulnerabilities are found, it is always a critical race to patch them before they get widely exploited and compromise the system.

Reduced need to recall devices

Wireless firmware updates allow instant responses to errors, bugs and security breaches, without the need to physically recall devices. This helps maintain the continuity of the device’s operation while allowing developers to release new versions of firmware more frequently.

Computer servers, embedded systems

Why are firmware updates necessary?

While software updates are seen as a routine matter, many people are unaware of the existence of firmware, let alone consider upgrading it. Yet, as we’ve already mentioned, firmware is crucial to the operation of the entire device as it contains instructions for the hardware. Of course, hardware can physically exist without firmware, but it won’t function without it. And what’s the point of having a non-functioning device?

That’s why it is important to take care of firmware security by ensuring it is always up-to-date, ready to face any threat or attack. But that’s not the only reason behind the importance of firmware updates. Below we listed a few key benefits of keeping your firmware updated.

More features

Firmware updates often grant your device access to new features and capabilities by keeping its firmware compatible with the latest software and hardware developments. This ensures your system stays up to date with current technology advancements and improves its functionality and overall performance.

Better user experience

Nobody likes bugs and glitches. Unfortunately, as the device ages, they can become more frequent and troublesome, making it difficult to use the device smoothly. Long start-ups, lags, system crashes – all these issues can be reduced by performing firmware updates, resulting in improved user experience.

Enhanced security

As we mentioned, one of the key benefits of firmware updates is enhanced security. Unfortunately, according to a Microsoft Security Signals study, firmware security is often overlooked by companies. The report reveals that between 2019 and 2021 over 80% of enterprises have experienced at least one firmware attack, yet only 29% of security budgets are allocated toward protecting firmware. Meanwhile, firmware contains sensitive data like credentials and encryption keys which can be exploited by hackers. Regular updates can help protect firmware against new threats.

Top security challenges in embedded systems
Top security challenges in embedded systems

Learn more about how to ensure the safety of your embedded systems.

Challenges of OTA

OTA updates may seem fairly simple to conduct, but their dependence on wireless network is both their strength, as well as biggest downfall.

Security concerns

Wireless communication, whether over Wi-Fi or cellular network, is inherently more vulnerable to interception and tampering than wired communication. That’s why it is crucial to ensure secure data transmission during the OTA update.

One method for verifying the integrity of a firmware update is checksum verification. This process begins by generating a unique checksum value based on the contents of the firmware file before transmission. Once the device receives the update, it recalculates the checksum and compares it to the original value. Even the slightest modification can lead to a significant change in the checksum. If they match, the update is confirmed to be intact; if not, this indicates potential corruption or tampering.

Without safeguards like this, the update could end up being corrupted or replaced with malicious code, which can lead to data breaches, unauthorized access to the device, or even allowing hackers to gain full control of the system.

Connection and power requirements

For an OTA update to be successful, two conditions must be met: the device needs to have a stable internet connection or – in the case of an air-gapped or segregated network – an alternative secure communication channel, and access to a power source. If the connection is unstable, the device may encounter issues during the update process.

It is important not to interrupt the firmware update by turning off the device, removing the battery, or doing anything that could disrupt the process. An abrupt interruption can lead to “bricking” the device, that is rendering it inoperable – essentially turning it into an unusable “brick.” It is because disruption of the update leaves the firmware only partially overwritten, therefore causing an error, which can lead to the system having trouble loading or even not turning on at all. That’s why a well-designed system should have a safeguard in place, allowing it to revert to a previous version in case of an update failure (also known as A/B partitioning).

artificial-8587673_1920
artificial-8587673_1920

Keep your OTA firmware updates secure with our embedded software solutions. Contact us to get started!

Real-life examples of bricking

Although bricking is often caused by an interrupted update, it can also occur as a result of an error in the installed code, incompatibility with the hardware, or malware.

One of the most recent examples of bricking happened with the release of a new version of the iPadOS 18. Apple had to pause the update after numerous owners of iPad Pro with M4 chip reported their devices as inoperable after the update.

Sometimes even a small typo in the code can bring down the whole system, an example of this being Google’s Chrome OS update from a few years ago. The faulty update left users unable to log into their devices. Because of this error, Chrome OS never properly verified user passwords against the stored keys, causing users not to be able to log in even if entering the correct credentials.

IoT devices that can receive wireless OTA updates

The future of OTA

With the IoT market rapidly expanding and the increasing number of connected devices, OTA updates have become indispensable across various industries. Initially used to push updates to smartphones, OTA is now a critical tool for ensuring functionality and security in IoT devices, smart appliances, cars, and even medical equipment. This capability allows manufacturers to keep systems up-to-date, fix bugs, and improve performance in the most cost and time-efficient way.

As technology continues to evolve, so does OTA. The deployment of 5G networks accelerates update delivery, enabling manufacturers to roll out critical patches and introduce new features to millions of devices globally with minimal latency.

On the other hand, advancements in AI, machine learning, and edge computing can further automate and optimize the update process, allowing devices to receive tailored improvements based on their specific usage patterns and performance data.

AI and OTA updates go hand-in-hand. The constant exchange of data, whether it’s a new AI model, data points, new algorithm, or entire software program, requires a secure and robust communication channel. The OTA update infrastructure is that channel, the backbone of the process.

Eystein Stenberg

CTO of Nothern.tech

Moreover, with the increasing focus on security, developers are becoming better at mitigating potential risks and addressing vulnerabilities, resulting in a safer and more reliable update system.

Future-proof your devices with OTA firmware updates

Despite all the challenges, OTA updates are poised to remain a cornerstone of device management, paving the way for a safer and more connected future. Through our partnership with Mender, we are well-equipped to navigate any potential threats and challenges, delivering secure and reliable OTA updates that meet the specific needs of our clients.

Ready to be a part of this future? Partner with us to unlock the full potential of your IoT devices. Explore our cutting-edge firmware development solutions that harness the power of OTA technology and ensure your devices are not just up-to-date, but truly future-ready.

related solutions

R&D

IT consulting

software engineering

system integration

quality assurance

case studies

innovations in telecom

railway management

geo monitoring

industrial image processing

structural condition monitoring system


By Anna Kazarnowicz