diff options
Diffstat (limited to 'docs/2_Architecture_Guides/2.2_Security_Blueprint/8_Update_(Over_The_Air)/1.2.8.1_Firmware_Over_The_Air.md')
-rw-r--r-- | docs/2_Architecture_Guides/2.2_Security_Blueprint/8_Update_(Over_The_Air)/1.2.8.1_Firmware_Over_The_Air.md | 53 |
1 files changed, 26 insertions, 27 deletions
diff --git a/docs/2_Architecture_Guides/2.2_Security_Blueprint/8_Update_(Over_The_Air)/1.2.8.1_Firmware_Over_The_Air.md b/docs/2_Architecture_Guides/2.2_Security_Blueprint/8_Update_(Over_The_Air)/1.2.8.1_Firmware_Over_The_Air.md index 0f7bed0..34761e3 100644 --- a/docs/2_Architecture_Guides/2.2_Security_Blueprint/8_Update_(Over_The_Air)/1.2.8.1_Firmware_Over_The_Air.md +++ b/docs/2_Architecture_Guides/2.2_Security_Blueprint/8_Update_(Over_The_Air)/1.2.8.1_Firmware_Over_The_Air.md @@ -1,28 +1,26 @@ --- -edit_link: '' title: FOTA -origin_url: >- - https://raw.githubusercontent.com/automotive-grade-linux/docs-sources/master/docs/security-blueprint/part-8/1-FOTA.md --- -<!-- WARNING: This file is generated by fetch_docs.js using /home/boron/Documents/AGL/docs-webtemplate/site/_data/tocs/architecture/master/security_blueprint-security-blueprint-book.yml --> - # Firmware Over The Air The firmware update is critical since its alteration back to compromise the -entire system. It is therefore necessary to take appropriate protective measures. - -AGL includes the _meta-updater_ Yocto layer that enables OTA software -updates via [Uptane](https://uptane.github.io), an automotive-specific extension -to [The Update Framework](https://theupdateframework.github.io/). Uptane and TUF -are open standards that define a secure protocol for delivering and verifying -updates even when the servers and network--internet and car-internal--aren't fully trusted. - -_meta-updater_ includes the application [`aktualizr`](https://github.com/advancedtelematic/aktualizr), -developed Advanced Telematic Systems (now part of HERE Technologies) that enables -OTA for an ECU. `aktualizr` combined with Uptane is suitable for updating the -firmware, software, and other packages on even functionally critical ECUs. -`aktualizr` can be enabled with the free, open souce backend +entire system. It is therefore necessary to take appropriate protective +measures. + +AGL includes the _meta-updater_ Yocto layer that enables OTA software updates +via [Uptane](https://uptane.github.io), an automotive-specific extension to [The +Update Framework](https://theupdateframework.github.io/). Uptane and TUF are +open standards that define a secure protocol for delivering and verifying +updates even when the servers and network--internet and car-internal--aren't +fully trusted. + +_meta-updater_ includes the application +[`aktualizr`](https://github.com/advancedtelematic/aktualizr), developed +Advanced Telematic Systems (now part of HERE Technologies) that enables OTA for +an ECU. `aktualizr` combined with Uptane is suitable for updating the firmware, +software, and other packages on even functionally critical ECUs. `aktualizr` can +be enabled with the free, open souce backend [`ota-community-edition`](https://github.com/advancedtelematic/ota-community-edition). This FOTA update mechanism can be enabled through the `agl-sota` feature. @@ -35,16 +33,17 @@ To build an AGL image that uses `aktualizr`, the following can be used. source meta-agl/scripts/aglsetup.sh -m <machine> agl-sota <other-features...> ``` -During the build, _meta-updater_ will use credentials downloaded from `ota-community-edition` -to sign metadata verifying the build as authentic. These signatures are part of the Uptane -framework and are used to verify FOTA updates. +During the build, _meta-updater_ will use credentials downloaded from +`ota-community-edition` to sign metadata verifying the build as authentic. These +signatures are part of the Uptane framework and are used to verify FOTA updates. ## Atomic Upgrades with Rollbacks -`aktualizr`'s primary method of updating firmware is to use `libostree` with binary diffs. -The binary diffs use the least amout of bandwidth, and by it's nature `libostree` stores -current and previous firmware versions on disk or in flash memory to allow for rollbacks. +`aktualizr`'s primary method of updating firmware is to use `libostree` with +binary diffs. The binary diffs use the least amout of bandwidth, and by it's +nature `libostree` stores current and previous firmware versions on disk or in +flash memory to allow for rollbacks. -`libostree` is a content addressable object store much like `git`. Versions are specified -via SHA2-256. These hashes are signed in the Uptane metadata and are robust against -cryptographic compromise. +`libostree` is a content addressable object store much like `git`. Versions are +specified via SHA2-256. These hashes are signed in the Uptane metadata and are +robust against cryptographic compromise. |