The FoundriesFactory updating utility: now for microcontrollers too

Photo of Andre Detsch

Posted on Apr 18, 2024 by Andre Detsch

4 min read

The FoundriesFactory™ platform has been from the beginning a platform for developing, securing and maintaining embedded devices based on the Linux® operating system (OS). That’s why customers’ projects are normally based on the Linux microPlatform (LmP), an embedded Linux distribution which was created and is maintained by Foundries​io.

But the same FoundriesFactory benefits that projects made in a microprocessor/Linux environment enjoy – including built-in security, and a ready-made infrastructure for managing and maintaining a fleet of production units in the field – are equally desirable for embedded product designs based on a microcontroller running a real-time OS (RTOS) rather than the LmP. Not surprisingly, then, customers have been asking us to enable the platform for MCUs as well as microprocessors. And the specific feature that they most often request is the update capability, which in the FoundriesFactory platform is based on The Update Framework (TUF). This will enable them to apply the same update capability to lower-cost MCU-based products lines as they do to premium products that are based on an MPU running the LmP.

In response, Foundries​io tasked me and a team of colleagues with developing new update software for MCUs, and a demonstration application to prove that updates for MCUs can indeed be deployed via the FoundriesFactory platform.

Subtraction and addition

The main requirement of our project was to right-size the update capability for the smaller resources available in an MCU. But we also had to maintain some important features for MCUs that are little used on MPUs.

The sample application running on FreeRTOS interacts with our cloud services, supporting the same management and update flow as in LmP-based devices. The application runs on FreeRTOS as a way to demonstrate the update process for MCUs, but with slight modification it can be made compatible with other RTOSs as well.

The application uses two new libraries:

  • Aktualizr-nano – communicates with our device gateway, providing similar functionality as the aktualizr-lite library used by MPUs..
  • Libtufnano – a lightweight TUF implementation in C that can run on any device, both MCUs and MPUs.

The implementation of the FoundriesFactory client for MCUs recognises that many components are not required by or applicable to MCUs. This includes OStree, CI Yocto builds, and container applications.

The new system for MCUs relies on MCUBoot to perform the local update process and signature verification of firmware images using an A/B update approach: this allows the user to roll back to a previous working version if errors in the updated version prevent the device from working correctly. The application demonstrates important functions such as device management, registration of the device in the cloud, and attesting the trusted status of the metadata provided by the update server.

It also provides a flexible programming interface which allows users to fully control the update flow on the device side. This is rarely necessary for devices based on an MPU, but is very useful for MCU users to enable them to match update operation to the application, for instance to tightly specify the conditions in which an update can take place.

Compatible with all types of 32-bit MCU

The sample application is currently built for a selection of MCUs, and supports NXP’s EdgeLock® 2GO security service package: this allows for easier provisioning of the device credentials used in communication with our device gateway. But the new libraries are in fact suitable for any high-end MCU that is capable of handling mutual TLS communications, and of storing the required dependencies in Flash memory.

For lower-end devices, in which a lighter weight solution is required, the use of libtufnano in stand-alone mode is an excellent option. In accordance with the TUF specification, a device can trust the obtained metadata and firmware image, regardless of the transport method. This makes it especially attractive for MCUs which cannot communicate using HTTPs, or which do not even have network access, but still require updates to be handled securely.

If you would like to explore how to extend your use of the FoundriesFactory system to MCUs, contact us today.

Related posts