Differences
This shows you the differences between two versions of the page.
|
iothings:laboratoare:2025:lab10 [2025/12/06 21:32] dan.tudose [Pull-Based OTA + Hash Integrity + Telemetry] |
iothings:laboratoare:2025:lab10 [2025/12/06 21:35] (current) dan.tudose |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| ====== Lab 10. Secure OTA ====== | ====== Lab 10. Secure OTA ====== | ||
| - | This lab shows how to implement **real remote firmware updates from a browser** for an ESP32-C6 board using **PlatformIO + pioarduino** and an **Async Web OTA** page powered by **ElegantOTA**. | + | Over-the-air (OTA) updates are a core capability of modern IoT devices, enabling firmware improvements, bug fixes, and security patches without physical access to the hardware. In real deployments, devices may be installed in hard-to-reach locations or embedded in larger systems, so requiring a USB connection for every update becomes impractical. OTA solves this by allowing a device to receive new firmware over a network, reducing maintenance costs and shortening the time between discovering an issue and delivering a fix. |
| + | |||
| + | Designing OTA for embedded systems also introduces engineering trade-offs that are less visible in traditional software. Devices must update safely despite limited flash, intermittent connectivity, and the risk of power loss mid-installation. A robust OTA approach typically uses separate firmware slots so a known-good image remains available if an update fails. Just as importantly, OTA is part of a security boundary: update mechanisms must ensure that only authentic, intact firmware can be installed, or they can become a high-impact attack path in an IoT fleet. | ||
| + | |||
| + | {{ :iothings:laboratoare:2025:ota1.jpg?800 |}} | ||
| + | |||
| + | ====== Simple OTA ====== | ||
| + | |||
| + | This first example shows you how to implement **real remote firmware updates from a browser** for an ESP32-C6 board using **PlatformIO + pioarduino**. | ||
| You will: | You will: | ||
| Line 10: | Line 18: | ||
| * document basic threat-model thinking. | * document basic threat-model thinking. | ||
| - | {{ :iothings:laboratoare:2025:ota1.jpg?800 |}} | ||
| ===== Learning outcomes ===== | ===== Learning outcomes ===== | ||
| Line 21: | Line 28: | ||
| - Identify key security risks for OTA and apply simple mitigations. | - Identify key security risks for OTA and apply simple mitigations. | ||
| - | |||
| - | ====== Simple OTA ====== | ||
| **What you are building:** | **What you are building:** | ||
