It’s great to implement IoT technology in your business.
It’s commendable if you are a vendor of IoT devices.
It’s challenging to be an IoT software development company (we know that from experience).
The number of IoT devices (or so-called IoT things) in one system can count thousands of devices. Smart home includes dozens of things (tv, speakers, light switches, kitchen staff), while enterprises tend to have hundreds and thousands of devices in their fleet, especially when enterprises use small low-power sensors.
Fast IoT technology development makes the replacement of existing devices whenever a new version appears nearly impossible and uneconomical. Moreover, it’s not enough to build and implement an IoT system, companies need to manage and maintain it.
An essential part of maintenance is the updating process. Updates add new software features, improve the performance, fix bugs, and patch security issues. However, deploying a new update on all IoT devices in a system is a complex task that requires a properly set update process to ensure the integrity and resilience of the system during and after the deployment. In other words, it requires good IoT update management.
In the article, we discuss IoT device management and describe one of its parts: IoT update management. We also provide guidelines and best practices for update management that you can implement in your update process or use to build an update process from scratch.
Whatever purposes you have, enjoy reading!
Let’s start with a simple question: What is IoT device management?
IoT device management is the process of managing all devices within an IoT system. The management includes:
Every new device in an IoT system entails a procedure of its registration and requires additional efforts to manage and troubleshoot. The number of connected IoT devices worldwide is about to reach 12.3 billion active devices in 2021, and an average industrial IoT system can count thousands of devices. So it became very apparent that IoT device management requires a separate tailored platform to maintain a huge IoT fleet. IoT device management platforms vary in their functionality: some only offer the option to track and monitor IoT devices within a system, while others give a whole spectrum of tools for IoT device management.
And although IoT update management is a part of IoT device management, it remains a separate complex process with a unique process flow and best practices.
IoT update management is the process of managing the IoT fleet by deploying updates to smart devices in order to keep their firmware updated, fix bugs, add new software features, and increase the security level of the entire system.
Before we continue to discuss the IoT update management details, it’s good to define two terms: firmware and software.
Firmware is the low-level software for different parts of the device, like a processor. It enables components within one device to interact with each other and allows the device to work as one system rather than a set of microcontrollers. The same firmware usually doesn’t suit microprocessors from different manufacturers, which means your system will depend on the IoT devices manufacturer’s support.
Simple gadgets like environmental sensors may have only firmware, while other devices like smart TV also have some installed applications. These applications are called software.
Now let’s jump back to the IoT update process. It consists of two parts:
Usually, updates are transferred to things in the IoT fleet using over-the-air (OTA) methods. The main benefit of OTA methods is that you can send updates from one central platform to every IoT device with no need to have physical access to it.
One way for devices to get updates is to download them directly from the main distribution center: the cloud. Another approach of IoT update management is to build locally placed gateways that are responsible for a certain group of devices in the area and control the traffic that goes to and out of that group, including the updates control. The choice depends on the security requirements, types of smart assets in the system, and the IoT system infrastructure. For example, a large set of low-powered sensors without strong embedded protection from unauthorized access requires a presence of a gateway with strong security software.
Speaking about the security programs it’s good to mention that IoT update management should cover the updates of such type of software too.
Go back to 2017. Airbnb used smart locks on apartment doors for flats on Airbnb’s platform. Smart locks were paired with a mobile app, providing remote access to lock control. No keys were required, and guests could unlock the front door through the app.
However, some doors stopped responding to any commands when the lock firmware got new updates. Guests lost the opportunity to open doors from their smartphones and had to use special emergency keys. The lock vendor couldn't fix the problem remotely. It was necessary either to return the locks to the vendor or ship a replacement of the lock. Either way, the total time for the vendor to solve this issue was 5-7 days in the first scenario while shipping a replacement required 14-18 days.
That happened because the vendor accidentally had included in the update group the subset of locks from the first generation, which were not compatible with new updates. Fortunately, the vendor managed to handle this critical issue.
Effective IoT update management helps to avoid such unpleasant situations. So let’s discuss the meaning of the term effective IoT update management and how you can improve your current IoT update process.
The main challenge for IoT update management lies in building the update process since it’s unique for every system. However, we can provide you with common workflows in that field and best practices that will make your IoT update process more robust.
At that stage, you should form a clear vision of the devices in your fleet. You need:
A backup allows restoring configuration files to an earlier point in time in case of firmware or software failure after the installation of the update. The software and firmware can fail for various reasons, like data corruption, software incompatibility, virus, or a banal human error during update deployment.
The recovery procedure should be embedded into the firmware so the IoT device can deploy the previous trusted configuration even if it fails.
All patches and updates should be tested before the deployment - it’s a crucial step in IoT update management!
Define a test group of IoT devices. Their system configuration, bandwidth, and software should be identical to those in your IoT fleet.
Then deploy updates and check whether devices successfully installed them without errors. Run tests to understand the impact on device performance. Test the correctness of the work of installed applications and programs if any. Then delete the patches and check whether the system works stable.
There will always be cases of interruptions during the updates deployment. Reasons are various: unstable internet connection, the device can run out of battery during the installation, low bandwidth that may interrupt the download process.
To test the resilience in such cases, deploy the updates to a test group, but then interrupt the update process during the downloading and installation by powering off the test devices or aborting the internet connection. The devices should handle these cases and either load an older image of the system or rollback the update process.
IoT devices have their pick and low weak workload, so you should consider deploying the updates when devices are not working or have a minimum load. Also, take into account the bandwidth of the network during the day since heavy patches can lead to device failure if the network load is high. Small size packages are always better than heavy images.
If your IoT system fleet consists of personal devices it would be better to allow users to choose the time when they are ready to update a system of their devices. Dealing with industrial IoT systems, automatic updates are preferable.
Assess the impact of the device downtown during the update deployment and alert all interested parties that the IoT fleet will be out of use for some time. It’s necessary for people who interact and use the IoT fleet to understand the period during which IoT devices will be out of use and sensors will stop collecting the data from the environment. Specific situations like deploying updates on medical equipment during surgery are unacceptable.
In case when the fleet consists of a large number of IoT devices that differ in their version, software, firmware, or hardware, the update should be deployed to every group of devices with similar characteristics separately.
By adhering to that practice, bug fixing becomes a much easier task compared to the situation when all devices in the fleet get updates at once. Gradual deployment is a vital step towards better risk management.
Once all preparations are done, it’s time to actually start the deployment process. After updates are successfully installed to one group of devices, check their health. If the system works properly and updates don’t cause errors you can go to another group of devices.
Even if everything worked out great, IoT update management doesn’t end here. The devices should continuously log all errors, and there must be a way for people who work with IoT devices to contact support or issue a ticket if something goes wrong.
Make a long-term support agreement with manufacturers
IoT devices consist of different parts that might break. The option to replace a broken part quickly is necessary to build a robust IoT system.
Block the option of direct firmware updates from manufacturers
Since manufacturers also provide updates for microcontrollers and embedded sensors, they can send updates directly to the IoT components they made. However, uncentralized update deployment may lead to errors and conflicts in IoT devices. Therefore, IoT update management should also include the management of updates from third parties.
Use cryptographic validation
Security patches help devices to stay protected from malicious software. All system images of IoT devices should be protected with a cryptographic key, and any software and firmware installation shall be permitted only after the validation procedure. Each firmware update must be digitally signed.
Provide a stable secure end-to-end connection during the update process
This step helps to secure your IoT network from man-in-the-middle attacks.
Small packages of updates are better than one big update image
It’s much easier to manage IoT updates when they are split into small pieces.
Devices become less vulnerable to security threats
Poorly tested updates may lead to device failure
Improved user experience for users of personal smart devices
IoT update management platform is a complex costly system
Fewer bugs and errors
Update management is a resource-intensive process
IoT fleet gets new features and possibilities
The new update may badly affect the devices performance or the correctness of work
The latest update may result in the better performance
Low network bandwidth can become a serious challenge for deploying a huge update package
IoT update management can be tricky and complicated, so it would be nice to have a list of programs that can help. Fortunately, developers took care of a lot of possible issues and made software to handle various cases.
Full-fledged platforms cover all issues related to IoT management. The platform can register new IoT devices, monitor their health, and manage the whole IoT fleet. You get an opportunity to set permissions for devices, group them, organize a hierarchy and set inheritance rules of policies and configurations. The platform also facilitates device troubleshot and the management of the fleet. Using full-fledged platforms, you can reboot devices, restore to the factory default configuration, manage their state (power off/on), or perform other actions.
Examples of full-fledged IoT management platforms:
Another big group of IoT management tools is monitoring platforms. Monitoring platforms cover machine health management issues, which is especially helpful for manufacturing organizations with a large IoT device fleet. It results in better downtime forecasting accuracy, reduction in unplanned downtime, and reduction in maintenance costs.
Great machine health and monitoring tools are:
We are familiar with the term “personal computer backup” when the operating system creates an image of core system files and personal user’s files so they can be restored in case of a computer failure. IoT devices are the same computers that support the backup and recovery option of their system files and configuration.
Among useful services you can find:
We believe that by implementing all best practices from the article you manage to build a robust IoT system without any security holes thanks to an effective IoT update management process.
Thanks for reading!
Original post at SumatoSoft