Thanks to Actility’s ThingPark® IoT platform, developers can set up a firmware update over-the-air (FUOTA) campaign using an STM32 LoRaWAN® gateway (STM32F7) and client (STM32WL) in just 10 minutes. It even supports the new STM32WL5 module, that democratizes sub-GHz applications. A new video walks users through the process and uses ST development boards to lower the barrier to entry. The content is also highly symbolic as it features Actility’s new interfaces that aim to reduce friction.
Table of Contents
Firmware Update Over-the-Air and Its Necessity
Why is FUOTA Challenging to Implement?
Sub-Gigahertz networks are increasingly popular but firmware updates over the air remain challenging to set up due to their complexity. Without FUOTA, companies need an army on the ground, physically attending to each device to perform maintenance operations, which is costly and impractical. However, securely pushing small packets to update a device safely demands mastery of multiple communication protocols and low-level coding. Actility thus offers back-end and client infrastructures to shift this burden away from developers. Moreover, as an ST Authorized Partner since October 2018, Actility offers solutions compatible with our LoRaWAN stack.
What Are Situations that Require FUOTA?
Consumers are increasingly mandating a FUOTA implementation for economic and security reasons. A few years ago, a car manufacturer had to mail USB drives as it asked its consumers to patch a vulnerability in their vehicle’s software. Today, such a scenario would be unacceptable. Users expect makers to patch a security flaw rapidly and a FUOTA is the most efficient way to do it. Similarly, IoT companies find bugs after their products’ launch but can’t access all devices physically. Moreover, AI at the edge is making FUOTA even more critical. Indeed, as machine learning applications run in real-world settings, developers use FUOTA to improve their models’ accuracy.
Actility’s ThingPark Platform and Its Primary Features
What Is ThingPark FUOTA?
Simply implementing a firmware update over-the-air mechanism isn’t always enough. Many are looking for granularity. For instance, some would need to update a subset of a fleet because of constraints or feature requests. However, few solutions allow for such finesse. The problem is that such a system usually suffers from packet losses or out-of-order deliveries. Hence, Actility developed its ThingPark FUOTA service to solve these challenges. A unicast protocol dynamically prepares each device to receive multicast packets. On the other hand, a broadcast system uses a server to talk to all devices at once. RMC can target a subset of devices and doesn’t suffer from the usual pitfalls.
What Makes ThingPark’s FUOTA Special?
Actility’s ThingPark FUOTA server features four critical modules: fragmentation, clock sync, remote multicast setup, and firmware management. The first one breaks down the update into chunks compatible with the traditional LoRaWAN payload (maximum 255 bytes). The solution also includes a forward error correction system and redundant packets to protect against losses or corruption. Engineers often overlook this aspect, but properly fragmenting an update to send it over the air is complex and a vital part of the process.
The clock synchronization helps switch all end devices about to receive an update from Class A to Class C temporarily at the beginning of the multicast session to coordinate packet reception. Finally, the remote multicast setup programs the FUOTA campaign. Developers can remotely set up the multicast identity and distribution window on end devices to change the subset about to receive the updates if necessary. Finally, the firmware management gathers end devices’ firmware versions. It allows the system to verify the firmware when upgrades happen or just keep track of end devices’ firmware versions deployed in the field. Actility’s ThingPark FUOTA supports both available versions of FUOTA specifications (v1 and v2).
STM32 Devices and Secure Solutions
Using Secure Boot Secure Firmware Update
Processing a FUOTA is also a sensitive mechanism on the client device. The update cannot brick the system or compromise its security. Hence, to optimize the update process, our developers created an update agent that acts as an intermediary between Actility’s modules and our Secure Boot and Secure Firmware Update (SBSFU) stack. Once the software processes the packages from the RMC server, the update agent ensures that the SBSFU system on the microcontroller writes on the correct memory space before the SBSFU module securely updates the firmware. In a nutshell, by working with Actility, we created a complex update agent that ensures the device’s security and integrity.
STM32 Ecosystem
The beauty of this whole solution is that it exists within the STM32Cube ecosystem. The demonstration in the video runs on an STM32WL, but it is possible to use another device. Engineers can also utilize our existing LoRaWAN stack (I-CUBE-LRWAN) to start working on their application, and our tutorials show how to set up a LoRa node in 10 minutes. Our B-L072Z-LRWAN1 and I-NUCLEO-LRWAN1 boards will help them prepare for the upcoming public release of our FUOTA solution in collaboration with Actility.
