Showing posts with label ota. Show all posts
Showing posts with label ota. Show all posts

Monday

OTA Architecture

 



                                    Photo by Pixabay

Developing an end-to-end Over-the-Air (OTA) update architecture for IoT devices in equipment like

escalators and elevators involves several components. This architecture ensures that firmware updates

can be delivered seamlessly and securely to the devices in the field. Here's an outline of the architecture

with explanations and examples:

1. Device Firmware: - The IoT devices (escalators, elevators) have embedded firmware that needs to be updated over the air. - Example: The firmware manages the operation of the device, and we want to update it to fix bugs or

add new features. 2. Update Server: - A central server responsible for managing firmware updates and distributing them to the devices. - Example: A cloud-based server that hosts the latest firmware versions. 3. Update Package: - The firmware update packaged as a binary file. - Example: A compressed file containing the updated firmware for the escalator controller. 4. Device Management System: - A system to track and manage IoT devices, including their current firmware versions. - Example: A cloud-based device management platform that keeps track of each escalator's firmware

version. 5. Communication Protocol: - A secure and efficient protocol for communication between the devices and the update server. - Example: MQTT (Message Queuing Telemetry Transport) for lightweight and reliable communication. 6. Authentication and Authorization: - Security mechanisms to ensure that only authorized devices can receive and install firmware updates. - Example: Token-based authentication, where devices need valid tokens to request updates. 7. Rollback Mechanism: - A mechanism to rollback updates in case of failures or issues. - Example: Keeping a backup of the previous firmware version on the device. 8. Deployment Strategy: - A strategy to deploy updates gradually to minimize the impact on operations. - Example: Rolling deployment where updates are deployed to a subset of devices first, and if successful,

expanded to others. 9. Update Trigger: - Mechanism to initiate the update process on devices. - Example: A scheduled time for updates or an event-triggered update based on certain conditions. 10. Logging and Monitoring: - Comprehensive logging and monitoring to track the update process and identify any issues. - Example: Logging each update attempt, monitoring device status during updates. 11. Edge Computing (Optional): - For large-scale deployments, edge computing can be used to distribute updates more efficiently. - Example: Edge devices in the facility can act as local update servers, reducing the load on the central

server. 12. Network Considerations: - Ensuring that the devices have reliable and secure connectivity for downloading updates. - Example: Using secure protocols like HTTPS for update downloads. Explanation: The architecture ensures that firmware updates can be securely and efficiently delivered to IoT devices.

The update process is orchestrated, logged, and monitored to maintain the reliability and security of the

devices in the field.

The deployment strategy and rollback mechanism add resilience to the update process. Example Scenario: Let's consider an example where an escalator management company wants to update the firmware of all

escalators to improve energy efficiency. The central server hosts the updated firmware, and the device

management system tracks the current firmware version on each escalator. Using a secure communication

protocol, the escalators request updates, and the deployment strategy ensures a smooth transition. If any

issues arise during the update, the rollback mechanism reverts the escalator to the previous firmware

version.

Today, industrial companies seek to ingest, store, and analyze IoT data closer to the point of generation.

This enhances predictive maintenance, improves quality control, ensures worker safety, and more.

Industrial Edge computing, focusing on stationary edge gateways in industrial environments, plays a

crucial role in connecting Operational Technology (OT) systems with the cloud. This whitepaper outlines

design considerations for industrial IoT architectures using the industrial edge, addressing low latency,

bandwidth utilization, offline operation, and regulatory compliance. The edge gateway serves as an

intermediary processing node, integrating industrial assets with the AWS Cloud, and addressing security

challenges for less-capable OT systems without authentication, authorization, and encryption support.

The following section examines key imperatives in edge computing. This architecture provides a structured approach to managing OTA updates for IoT devices, ensuring they

stay up-to-date, secure, and efficient.


Below are a few nice articles about Azure, AWS for IoT and OTA

Azure IoT

AWS IoT

Tuesday

OTA with Ubuntu Core

 


IoT (Internet of Things): IoT refers to the interconnection of everyday objects, devices, and appliances to the internet, allowing them to collect and exchange data. These objects, often embedded with sensors and communication hardware, can include everything from smart thermostats and wearable fitness trackers to industrial machines and autonomous vehicles. IoT enables these devices to transmit data, receive commands, and interact with other devices or centralized systems, often with minimal human intervention. Whether it’s smart cities, wearable technology, robotics, autonomous vehicles, or any other new and emerging IoT sector, network connectivity is central to IoT’s advancement.

OTA (Over-the-Air) Updates: OTA updates are a method of remotely delivering software updates and patches to devices or systems connected to the internet. This process allows for the seamless and efficient deployment of updates to devices without requiring physical access or manual intervention. OTA updates are commonly used in IoT, among other applications, for several important reasons:

1. Remote Accessibility: Many IoT devices are deployed in remote or hard-to-reach locations, making it impractical to update them manually. OTA updates eliminate the need for physical access to these devices.

2. Efficiency: OTA updates can be delivered in a more efficient manner, often transmitting only the changes or "deltas" between the current and updated software versions. This reduces bandwidth and time requirements.

3. Security: IoT devices often need security patches and updates to protect against vulnerabilities. OTA updates enable the timely delivery of these critical security fixes, reducing the risk of cyberattacks.

4. Bug Fixes and Improvements: IoT devices may experience software bugs or require feature enhancements. OTA updates provide a mechanism for delivering bug fixes and new features to improve device performance and functionality.

5. Cost Reduction: Implementing OTA updates can reduce operational costs associated with manual updates, such as sending technicians to remote locations or recalling devices for updates.

6. User Experience: For consumer IoT devices, OTA updates enhance the user experience by ensuring that devices are always running the latest and most reliable software.

In summary, IoT involves connecting everyday objects to the internet to collect and exchange data, while OTA updates are a crucial tool for remotely delivering software updates to IoT devices. They are essential for ensuring device security, efficiency, and functionality, especially in scenarios where manual updates are impractical or costly.

Ubuntu Core: A secure and reliable IoT operating system

Ubuntu Core is a lightweight, secure, and reliable operating system designed for IoT and embedded devices. It is based on Ubuntu, one of the most popular Linux distributions, and uses snaps for software packaging. Snaps are self-contained packages that include all of the dependencies needed to run an application, making them easy to install and update.

Ubuntu Core is ideal for IoT devices because it is small and efficient, uses minimal resources, and is very secure. It also has a long support lifecycle, which means that devices will continue to receive security updates for many years.

Snaps: A secure and reliable way to package IoT software

Snaps are a secure and reliable way to package and distribute IoT software. They are self-contained packages that include all of the dependencies needed to run an application, making them easy to install and update. Snaps are also isolated from each other and from the base operating system, which helps to improve security and stability.

For IoT devices, snaps can be distributed through a private Snap Store, or IoT App Store. This allows software vendors to distribute their software directly to their customers, without having to go through a third-party app store.

Benefits of using Ubuntu Core and snaps for IoT devices

There are many benefits to using Ubuntu Core and snaps for IoT devices, including:

Security: Ubuntu Core is a very secure operating system, and snaps are isolated from each other and from the base operating system, which helps to improve security even further.

Reliability: Ubuntu Core is a very reliable operating system, and it has a long support lifecycle, which means that devices will continue to receive security updates for many years.

Ease of use: Snaps are easy to install and update, and they can be distributed through a private Snap Store, or IoT App Store.

Efficiency: Ubuntu Core is a lightweight and efficient operating system, which makes it ideal for IoT devices with limited resources.

Overall, Ubuntu Core and snaps are a powerful combination for IoT devices. They offer a secure, reliable, and easy-to-use platform for developing and deploying IoT applications.

However, it is not fully free. For developer personal use it is free. For commercial use the free tier enables you to ship Ubuntu Core free of charge and receive unscheduled updates when bandwidth allows, or on-demand for emergencies.

For the first 20 devices, you can test Ubuntu Core free of charge and receive unscheduled updates.


Screenshots taken from Ubuntu

Let's discuss the challenges associated with delivering consistent, reliable, and robust software updates to low-powered, inaccessible, and remotely administered embedded IoT devices. It highlights the solutions provided by Ubuntu Core and snaps at overcoming these challenges. 

Here's a summary of the key points:

1. Introduction to the Challenges: Delivering software updates to IoT devices, given their remote and often inaccessible locations, is a significant challenge. The growth of IoT devices and data generation amplifies this challenge.

The extensive connectivity inherent in IoT devices brings with it a significant responsibility: the imperative to ensure devices remain updated, patched, and secure. This onus primarily rests on the choice of update and delivery mechanisms adopted by IoT vendors.

In the past, there were only a few ways to handle failed updates or software regressions in industrial automation systems:

Send engineers to affected sites: This is a costly and time-consuming option, and it is not always feasible, especially for systems with a large number of devices or devices that are located in remote areas.

Recall the devices: This is also a costly and time-consuming option, and it can disrupt production.

Remotely update each device individually: This is a time-consuming and error-prone option.

These options are no longer sufficient for the needs of modern industrial automation systems. Today, there are more sophisticated tools and techniques that can be used to handle failed updates and software regressions in a more efficient and effective way.

2. Historical Update Problems: Traditional update mechanisms often involve replacing files and binaries on the system, which can lead to system impairments if anything goes wrong during the update process. Recovering from failed updates or faulty updates is resource-intensive and not scalable.

Over the course of many decades, updates and their corresponding management systems have consistently superseded existing files and binaries within a system. Often, these updates form intricate and interdependent chains. In cases where issues arise, such as software bugs, power outages, or filesystem problems, the system's functionality becomes compromised. Addressing these challenges typically necessitates costly expert interventions for recovery.

An even more complex issue emerges when the update process itself proceeds as planned, but the update contains faults that require reversion. Resolving this problem proves challenging in traditional systems. It involves the retrieval of an older version from a package repository and its installation over a malfunctioning system, often requiring specialized scripts from a package maintainer.

3. Requirements for an Effective Update Solution: An effective update solution for IoT devices should include features like automated updates, mechanisms for update recovery, provisions for critical updates, and redundancy to handle unforeseen situations.

4. Ubuntu Core and Snaps: Ubuntu Core, designed for IoT and embedded devices, uses snaps as a secure, dependency-free packaging system. Snaps can be containerized, ensuring separation between the base system and applications. Updates are transactional, meaning they are only installed if successful, and recovery mechanisms are in place.

5. Security: Security is a significant concern for IoT devices, and Ubuntu Core's design ensures security by using immutable foundations, confined applications through snaps, and a read-only filesystem.

6. Update Mechanics and Recovery: Ubuntu Core delivers updates as deltas to save bandwidth, ensuring that updates are transferred efficiently. If an update fails, the system can be rolled back to the previous working state. The document explains how snaps enable parallel installations and epoch-based updates.

7. System Maintenance: Maintenance is crucial for system functionality. Good design, read-only filesystems, and encapsulation of data within snaps help minimize maintenance requirements.

8. Streamlined CI/CD Process: Ubuntu Core offers a streamlined CI/CD process for snap creation and publishing, with channels, tracks, and branches to manage stability expectations.

9. Advantages of Ubuntu Core and Snaps: The document highlights that Ubuntu Core and Snaps provide a solution that simplifies and ensures confidence in software updates for IoT devices, regardless of deployment scale or update frequency.

Overall, Ubuntu Core and Snaps address the complex challenges of updating software on IoT devices, providing reliability, security, and efficiency in the process.


Photo by Cemil Aybaci

Friday

OTA for IOT

 

Photo by Markus Winkler on Unsplash

Often you need to implement Machine Learning application into the EDGE devices. So IoT devices running your machine learning or other artificial intelligence application required updates time to time when you update ML models or back end application or some other part of the application running on IoT.

Over-the-Air (OTA) updates for IoT devices running machine learning applications refer to the capability of remotely updating the software and machine learning models deployed on IoT devices. This enables device manufacturers and developers to deliver bug fixes, security patches, feature enhancements, and even model updates to deployed devices without physically accessing or manually updating each device.

Implementing OTA for IoT devices running machine learning applications involves the following key steps:

1. Remote Software Management: OTA updates require a robust infrastructure to remotely manage and distribute software updates to IoT devices. This typically involves a cloud-based server or platform that maintains a repository of updates and communicates with the devices.

2. Update Packaging: The updates, including new software versions, bug fixes, security patches, or model updates, need to be packaged appropriately for efficient delivery. The packages may include the updated machine learning models, libraries, configuration files, or any other relevant software components.

3. Secure Communication: OTA updates should be transmitted securely to prevent unauthorized access or tampering. Encryption protocols such as Transport Layer Security (TLS) can be used to establish secure communication channels between the server and the devices.

4. Device Compatibility and Verification: The OTA system should handle device-specific variations in terms of hardware, firmware, and software versions. Compatibility checks should be performed before initiating updates to ensure that the updates are applicable to the target device.

5. Rollback and Redundancy: To handle potential issues or failures during the update process, an OTA system should have mechanisms for rollback or redundancy. This allows devices to revert to the previous working state in case of update failures or unexpected behavior.

6. User Consent and Control: Users may need to be informed and given control over the OTA update process. Devices should provide options to schedule updates, delay them, or manually trigger updates based on user preferences.

7. Monitoring and Analytics: OTA systems can incorporate monitoring and analytics capabilities to track the success of updates, detect anomalies, and gather data for future improvements.

Implementing OTA updates for IoT devices running machine learning applications helps ensure that devices remain up-to-date, secure, and optimized for improved performance. It enables developers to continuously improve the machine learning models deployed on the devices and provide a seamless user experience without the need for physical intervention.

Basic steps you can follow to do the automated OTA.

  1. Create a .service file which will eventually run the flask REST server application.
  2. Create one shell script which will check and fetch the latest code from github. And replace the old code with latest code. Then restart the service file.
  3. In that case, you can set up a cron job to execute the shell script at a specific interval.

Here’s an example of how you can configure a cron job to run the OTA model update script:

1. Open your terminal and run the following command to edit the cron jobs:

```

crontab -e

```

2. In the cron file, add a new entry to specify the schedule and command for the OTA model update script. For example, to run the script every day at 2:00 AM, add the following line:

```

0 2 * * * /bin/bash /path/to/ota_model_update.sh >> /path/to/logfile.log 2>&1

```

Make sure to replace `/path/to/ota_model_update.sh` with the actual path to your OTA model update shell script. The `>> /path/to/logfile.log 2>&1` part redirects the script output to a log file.

3. Save and exit the file.

The cron job is now configured to execute the OTA model update shell script at the specified interval. The script will run automatically without any manual intervention, allowing you to perform regular updates to your IoT device’s model.

Note: Ensure that the shell script (`ota_model_update.sh`) has the correct file paths and necessary permissions to execute. You may need to modify the script to include any additional steps required for updating the model from the zip file in the Git repository.

Create update shell script to fetch the model from a GitHub repository and then restart the `.service` file, you can modify the OTA model update shell script as follows:

```

#!/bin/bash

# Script for OTA Model Update

# Variables

DEVICE_IP=”192.168.0.100" # IP address of the IoT device

REMOTE_DIR=”/path/to/remote/directory” # Directory on the IoT device where the model is stored

BACKUP_DIR=”/path/to/backup/directory” # Directory to store backup of the previous model

GITHUB_REPO=”https://github.com/your_username/your_repository.git" # URL of the GitHub repository

# Backup existing model

ssh user@$DEVICE_IP “cp $REMOTE_DIR/model.pkl $BACKUP_DIR/$(date +%Y%m%d%H%M%S)_model.pkl”

# Clone the latest model from the GitHub repository

git clone $GITHUB_REPO /tmp/latest_model

# Move the latest model to the remote directory

scp /tmp/latest_model/model.pkl user@$DEVICE_IP:$REMOTE_DIR/model.pkl

# Restart the .service file (replace with your specific command)

ssh user@$DEVICE_IP “systemctl restart your_service.service”

```

In this updated script, the following changes have been made:

1. Added the `GITHUB_REPO` variable to specify the URL of the GitHub repository where the latest model is stored.

2. Added the backup step to copy the existing model to the backup directory using the current date and time as part of the backup file name.

3. Cloned the latest model from the specified GitHub repository to the local `/tmp/latest_model` directory.

4. Used `scp` to copy the latest model to the remote directory on the IoT device.

5. Restarted the `.service` file on the IoT device. Replace `your_service.service` with the actual name of the service file that needs to be restarted.

Ensure that you have the necessary SSH access and permissions set up for executing these commands remotely on the IoT device. Customize the script according to your specific requirements, such as file paths and service names.

After modifying the shell script, you can schedule the updated script as a cron job, as mentioned in the previous instructions, to automatically fetch the latest model from the GitHub repository and restart the `.service` file on your desired schedule.

OTA for Python application running in raspberry pi

 

Photo by Glenn Carstens-Peters on Unsplash

Remote AI/Machine Learning application running on Raspberry Pi required to update whenever new files or models etc updated into the repo eg. GitHub

We can use the Over The Air method to update them. You should have a Python application running maybe with Flask or using another MVC.

To run a Python Flask application as a server on a Raspberry Pi, you can follow these steps:

Install Flask using pip. You can install Flask by running the following command in your terminal:

pip install flask

Create a Flask application in a Python script. Here is an example Flask application that responds with “Hello, world!” to all requests:

from flask import Flask

app = Flask(__name__)

@app.route(‘/’)

def hello_world():

return ‘Hello, world!’

if __name__ == ‘__main__’:

app.run(debug=True, host=’0.0.0.0')

Save the script to a file, for example /home/pi/my-flask-app.py.

Start the Flask application by running the Python script in your terminal:

python /home/pi/my-flask-app.py

This will start the Flask application and bind it to the default port 5000 on the local machine.

Access the Flask application from a web browser by visiting http://localhost:5000/ or http://<your-raspberry-pi-ip>:5000/ from another device on the same network.

You can find out many machine learning applications code which may help you to build your application, find here https://github.com/dhirajpatra/

Now we need to think about how we will update our application on the fly means over the air remotely.

It will be better to run our application as a service inside the raspberry pi system.

Here are the steps on how to make your application a service so that it can stop and start when OTA requires:

  1. Create a service file.

sudo nano /etc/systemd/system/your_application.service

2. Add the following lines to the service file:

[Unit]

Description=Your application service

[Service]

Type=simple

ExecStart=/path/to/your_application

Restart=always

[Install]

WantedBy=multi-user.target

3. Save the service file and exit the editor.

4. Enable the service.

sudo systemctl enable your_application.service

5. Start the service.

sudo systemctl start your_application.service

6. Check the status of the service.

sudo systemctl status your_application.service

7. To stop the service, use the following command:

sudo systemctl stop your_application.service

8. To restart the service, use the following command:

sudo systemctl restart your_application.service

9. To disable the service, use the following command:

sudo systemctl disable your_application.service

10. To remove the service, use the following command:

sudo systemctl remove your_application.service

Once you have created the service file and enabled the service, your application will be started automatically when your Raspberry Pi boots up. You can stop and start the service using the commands above.

To update your application remotely. Here are the steps on how to use OTA for your Python application running in Raspberry Pi and code is in GitHub:

  1. Install the necessary dependencies.

sudo apt-get install git rsync

2. Clone your GitHub repository to your Raspberry Pi.

git clone https://github.com/your_username/your_repository.git

3. Create a new directory for your OTA updates.

mkdir ota_updates

4. Copy the latest version of your application to the ota_updates directory.

rsync -a ./ota_updates/

5. Create a script that will check for updates and download them if necessary.

#!/bin/bash

# Check for updates

cd ota_updates

git fetch

LOCAL=$(git rev-parse HEAD)

REMOTE=$(git rev-parse @{u})

if [ $LOCAL != $REMOTE ]; then

echo “Repository is outdated. Updating…”

# git pull

# Download updates

git checkout master

# Replace the current application with the updated version

rsync -a ./..

# Restart the application

sudo service your_application restart

else

echo “Repository is up to date.”

fi

6. Set the script to run automatically.

crontab -e

Add the following line to the crontab file:

* * * * * /path/to/script

7. Test the script.

bash /path/to/script

If the script runs successfully, you should see the latest version of your application running on your Raspberry Pi.

Here are some additional tips for using OTA updates:

  • Use a version control system (such as Git) to manage your code. This will make it easy to track changes and roll back to a previous version if necessary.
  • Use a staging environment to test updates before deploying them to production. This will help you catch any potential problems before they affect your users.
  • Use a secure connection when downloading updates. This will help protect your Raspberry Pi from malware and other security threats.