Use over-the-air device management
Over-the-air device management refers to operations to update, secure, and configure your IoT devices from the cloud. Devices that go offline unexpectedly or have critical security vulnerabilities often require expensive site visits or shipment of a device to a refurbishment center. To reduce the carbon footprint and operational costs across your device fleet, your device must support one or more capabilities for over-the-air device management.
Over-the-air (OTA) updates
OTA updates enable IoT devices to receive and install software or configuration updates without the need for physical access to the devices. This mechanism is supported across a variety of embedded operating systems, including embedded Linux and FreeRTOS, and can be powered by the AWS IoT Jobs agent and cloud service.
The OTA update mechanism for IoT devices must be resilient, reliable, and secure in order to prevent a failed update from requiring a truck roll to fix the device. There are several techniques that device makers can use to build a resilient OTA mechanism.
OTA updates may encounter errors or failures during the update process, such as network errors, data corruption, or other issues. The device's firmware should have error handling and recovery mechanisms in place to detect and recover from potential errors, such as checksum verification, error correction codes (ECC), redundancy, or other suitable techniques to ensure data integrity and reliability.
Atomic updates are updates that are either fully applied or fully rolled back, without leaving the system in an inconsistent state. This can be achieved by storing a new version of the firmware on an inactive partition and then swapping it with the active firmware partition upon successful completion. This approach also supports safe rollback in case the updated firmware encounters any errors.
Once an OTA update is installed and running correctly, the device must prevent it from being rolled back to a previous vulnerable version. This can be achieved through mechanisms such as secure bootloaders, cryptographic signatures, or other techniques that prevent the device from reverting to earlier, potentially less secure, firmware or software versions.
OTA updates can also be used for certificate rotation when there is a security incident or to renew an expiring certificate. A certificate rotation mechanism extends the device's lifetime without the need to use long-lived certificates and allows the device to benefit from improvements in security algorithms and ciphers that might not have been available at the time the device was manufactured.
Devices on networks such as LoRaWAN and NB-IoT face additional challenges. These
networks are constrained in bandwidth, making OTA updates power inefficient for large file
transfers. Sending large files over-the-air is also problematic for battery-powered
devices connected to more power-hungry Wi-Fi and cellular networks. To overcome this
issue, instead of sending the entire firmware image to a device, send only the portions of
the image that have actually changed, reducing communication and processing required, and
reducing power consumption. The Delta Over the
Air Updates
Remote access
To reduce the need to send people on site in case of a malfunctioning system, it is recommended to provide a remote access capability on the device. When IoT devices are deployed in the field, remote access provides a way to troubleshoot, change the configuration, access files such as logs, and perform other operational tasks even if the device is behind a firewall or private network. Users can update devices through its command line interface or access the device's package manager to add new software via Secure Shell (SSH) or Remote Desktop Protocol (RDP).
Use AWS IoT Secure Tunneling to establish bidirectional communication to remote devices over a secure connection that is managed by AWS IoT. Secure tunneling does not require updates to your existing inbound firewall rules, so you can keep the same security level provided by firewall rules at a remote site without adding operational overhead.
AWS Systems Manager is another AWS service that you can use to view and control your edge devices. Systems Manager enables you to view operational data, automate operation tasks, and maintain security and compliance through remote device access.
