LAUNCHXL-CC1310 user program update by RF (OTA)

Hi Pedro,

I'm Marcus at Thingsquare and I'd just like to share some experiences since, as you correctly noticed, it's far from trivial :). The keywords to this process are secure, authenticated, robust, graceful.

We (at Thingsquare, using our system) support firmware updates over the air (FOTA) on the cc1310 provided that the hardware comes with an external flash (common and cheap component) since the flash of the cc1310 is limited. With only 128 kB of flash, the cc1310 doesn't have space to store the new binary to update to. So that's a pre-requirement that I'd wager most would happen upon. On the cc2538, the 512 kB flash is more than enough even without external flash.

With that taken care of, there are numerous other things to make sure that you have a robust, graceful solution that works in harsh conditions without affecting the day-to-day normal operations of the rest of the system.

Sending the new binary must not choke the network, even if the device is several hops down from the gateway that connects to the backend. The connection over the internet should be encrypted with TLS, so it wouldn't be tampered with. Our devices do end-to-end TLS when updating. Further, the server and the device should gracefully handle packet loss and reboots, ie resuming and retransmissions etc. Perhaps one of the most important security features that we see many fail at in various exploits, is that the binary should be authenticated so that the end device knows that it comes from the right source and hasn't been changed. Layers of security.

That's to start with. Then we have platform management and versioning, and having a bootloader that handles installation of the binary and checks and so on, and I'm sure I'm forgetting about many other things that are relevant and necessary.

So, it's not trivial. But you could make it trivial to yourself by not having to think about it if you let someone else take care of it, hint hint nudge nudge.

Best,
Marcus