Professional Documents
Culture Documents
RAUC stands for “Robust Auto-Update Controller”. the cryptographic objects that we have generated and
RAUC can be a target application which runs the update install them in the container file system; we establish the
client on the embedded device, and can also be a host username and password credentials to login; we set up the
application that manages the installation artifacts [7]. It is server port and set the polling time; and finally we set TLS
written in C and is designed to be a lightweight update as the SSL protocol. The last line is commented out and
tool. we kept it because was useful to check that the server was
functioning with the Eclipse hawkBit device simulator.
SWUpdate is an acronym for “Software Update for
Embedded Linux Devices” [8]. Its goal is to provide a safe The upgrade can be triggered by the system administrator.
and efficient Linux update mechanism for embedded The hawkBit server allows selecting the embedded devices
systems [9] at no charge, being completely free. It is by using filters (for example for filtering by name we use
written in C, is highly configurable and has security “name =ge= ddi2” to select the devices which names are
features, so we have chosen it in our IoT OTA secure greater or equal to “ddi2” string). The most important
update system. thing is that the upgrade can also be done by using the
rollout function that applies to devices of a specified filter,
III. IMPLEMENTATION AND and these devices can be grouped. The system starts to
CONFIGURATION upgrade the first group, and, after it had upgraded a
specified percentage of targets from this group (for
The project consists in one server which run Eclipse example 50%), it starts upgrading the next group and so
hawkBit and multiple clients which compose the IoT fleet. on. This way the system is scalable and does not hang
Each client runs a Buildroot Linux distribution which use when it has many targets to upgrade.
the SWUpdate program tool. The clients repeatedly try to
connect to the server and verify if an upgrade is available, sudodocker run -p 8443:8443 \
–v "$PWD/jetty.pkcs12:/opt/hawkbit/jetty.pkcs12"
and, if so, they will update their Linux system image. \
hawkbit/hawkbit-update-server:latest \
We started from [5], a simple and not secure, one target --security.user.name=admin \
board only, update system. To this project, we added the --security.user.password=admin
following features: allow multiple clients (targets), --spring.main.allow-bean-definition-
scalability, security using OpenSSL, rollback mechanism overriding=true \
--
if the client update fails, reduced server uptime – the hawkbit.server.ddi.security.authentication.target
clients try to repeatedly connect to the server at discrete token.enabled=true \
time intervals, and we ported our software on the cheap --hawkbit.server.repository.publish-target-poll-
and handy Raspberry Pi Zero W. event=false \
--hawkbit.controller.pollingTime=00:00:30 \
The sources of our project are free and open, being --hawkbit.dmf.rabbitmq.enabled=false \
available on the Internet [10]. --hawkbit.artifact.url.protocols.download-
http.protocol=https \
--hawkbit.artifact.url.protocols.download-
III.1. Server configuration http.port=8443 \
For the update server we used Eclipse hawkBit. Eclipse --security.require-ssl=true \
--server.use-forward-headers=true \
hawkBit is a program which allows admin triggered --server.port=8443 \
software updates to the remote connected embedded --server.ssl.key-store=jetty.pkcs12 \
targets [11]. It is written in Java, being platform --server.ssl.key-store-password=admin12 \
independent. The server can be run on http or https. --server.ssl.key-password=admin12 \
--server.ssl.protocol=TLS \
In order to enable secure updates, we used https and a --server.ssl.enabled-
protocols=TLSv1,TLSv1.1,TLSv1.2,TLSv1.3
login username and password. To enable https, we must
first generate the private and public keys, then we create a Listing 2.hawkBit starting script.
self signed certificate (for proof of concept, we use
The IoT fleet update time (SN) is a linear function of the
“laurPC-100”, the development hostname) and finally we
time to update a single board (S1) multiplied with the
store the cryptography objects in a single PKCS #12 file.
number of boards (N) and divided by the number of
The commands are listed in Listing 1.
parallel updates (Np):
$ opensslgenrsa -aes128 -out jetty.key
S1 N
S N O
passwd: admin12
$ opensslreq -new -x509 -days 3650 -sha256 -key
Np (1)
jetty.key -out jetty.crt -subj
"/C=RO/L=Bucharest/CN=laurPC-100"
$ openssl pkcs12 -inkeyjetty.key -in jetty.crt - Building the effective upgrade file is shown in the section
export -out jetty.pkcs12 “The target system” because is dependent of the
export passwd: admin12 SWUpdate tool.
Listing 1.Generating the cryptography objects for https.
III.2. The build system
We used the default Docker image with hawkBit server in The build system used in this implementation is Buildroot,
order to deploy our server application. We start the Docker version 2020.11.3. We choosedBuildroot because is an
container with the script shown in Listing 2. Here we use efficient tool which can be used to generate embedded
Int. J. Advanced Networking and Applications 4990
Volume: 13 Issue: 03 Pages: 4988-4992(2021) ISSN: 0975-0290
Linux systems from boot loader to kernel and root file filename
CONFIG_ENV_FAT_FILE="uboot.env" # default
system through cross compilation [12]. After downloading
and extracting the Buildroot archive, the user can build the Listing 4.Buildroot configuration.
system by using three commands listed in Listing 3. Before issuing the “make” command in Buildroot, because
we use SWUpdate, we also must configure this tool by
make raspberrypi0w_defconfig
make menuconfig
entering the “make swupdate-menuconfig” command and
make selecting the settings in Listing 5. Suricatta feature adds
support for hawkBit with SSL.
Listing 3.Buildroot commands
SSL implementation to use (OpenSSL)
Here we will focus on the Raspberry Pi Zero W board Suricatta
which we have used to implement our update system. First Features SSL support
command sets up the default configuration in Buildroot for Server Type (hawkBit support)
our board, the second is used to make specific Image handlers
Raw
configuration and the third simply builds the Linux system.
Listing 5.SWUpdate settings.
The specific configuration that we chose for Buildroot is
listed in Listing 4. The settings are self explanatory. In the “board/raspberrypi0w” folder, the “genimage-
raspberrypi0w.cfg” was set such that we have a symmetric
Build options
Enable Compiler Cache (fast recompile)
update system with three partitions: one with boot loader
Toolchain plus dtb, and two with rootfs (to which we’ll automatically
Toolchain type ---> external toolchain add kernel and dtb, by using a post build script). We have
Toolchain (Bootlintoolchains) downloaded from the device a U-boot saved environment
Toolchain origin (Toolchain to be downloaded and named “uboot.env” and made it available with the project
installed)
C library (glibc) sources. A “rpi-firmware” folder must be built on Buildroot
System configuration “output/images” path and its contents set as shown in
Init system Listing 6.
systemv
/bin/sh bash image boot.vfat {
Run a getty login prompt after boot vfat {
Kernel files = {
Defconfig name (bcm2835_defconfig) “bcm2835-rpi-zero-w.dtb”,
In-tree Device Tree Source file names “rpi-firmware/bootcode.bin”,
(bcm2835-rpi-zero-w) “rpi-firmware/cmdline.txt”,
Target Packages “rpi-firmware/config.txt”,
Networking applications “rpi-firmware/fixup.dat”,
wpa_supplicant - Enable 80211 support “rpi-firmware/start.elf”,
dropbear “rpi-firmware/overlays”,
ntpd # for SWUpdatelibcurl “u-boot.bin”,
ntpdate “uboot.env”
Compression and decompression }
zlib support #for SWUpdate }
Crypto size = 32M
libsha1 }
openssl support image sdcard.img {
ssl library (openssl) hdimage { }
openssl binary partition boot {
openssl additional engines partition-type = 0xC
Hardware handling bootable = “true”
Firmware image = “boot.vfat”
rpi-firmware }
rpi-wifi-firmware partition rootfs1 {
rng-tools partition-type = 0x83
u-boot tools image = “rootfs.ext2”
mkimage size = 1024M
fw_printenv }
Networking partition rootfs2 {
libcurl partition-type = 0x83
curl binary image = “rootfs.ext2”
Shell and utilities size = 1024M
bash }
System tools }
SWUpdate Listing 6.The “genimage-raspberrypi0w.cfg” script
(package/SWUpdate/SWUpdate.config)
SWUpdate configuration file U-Boot (also written as Uboot) is an open source boot
watchdog loader. It is used in embedded systems to boot the target
Filesystem images
ext2/3/4 operating system kernel [13]. Ue used version 2020.10. In
exactsize 300M the same “board/raspberrypi0w” folder we wrote the
Boot loaders “uboot-fragment.config” file which defines variables in U-
U-boot
((rpi_0_w_defconfig) Board defconfig
boot boot loader at system build time. Its contents are
Int. J. Advanced Networking and Applications 4991
Volume: 13 Issue: 03 Pages: 4988-4992(2021) ISSN: 0975-0290
shown in Listing 7. The BOOTCOMMAND sets the wrote to “/etc/hosts” the IP of the “laurPC-100”
default partition to boot Linux, to the second partition. host which is used in OpenSSL;
Also, the watchdog is enabled with a maximum delay of
set the DAEMON_ARGS variable in
30 seconds; if Linux does not boot in 30 seconds, the
“/etc/default/rngd” to "-o /dev/random -r
system will be reset. If the system will not boot well Linux /dev/urandom" (this is useful for developing
for 3 tries, then the ALTBOOTCOMMAND will be used speed where we used rngd to get faster random
to set boot parameters for U-boot instead of entropy);
BOOTCOMMAND.
CONFIG_BOOTCOUNT_LIMIT=y replaced in “config.txt” file of the boot partition
CONFIG_BOOTCOUNT_BOOTLIMIT=3 “zImage” with “u-boot.bin”, so the Raspberry Pi
CONFIG_SYS_BOOTCOUNT_MAGIC=0xB001C041 Zero W will boot first the U-boot bootloader
CONFIG_BOOTCOUNT_GENERIC=y instead of Linux;
CONFIG_SYS_BOOTCOUNT_ADDR=0x7000A000
CONFIG_BOOTCOMMAND=”setenvbootargs in “config.txt” we set “device_tree=bcm2835-rpi-
\”8250.nr_uarts=1 root=/dev/mmcblk0p2 rootwait zero-w.dtb” such that U-boot can find this device
console=tty1 console=ttyS0,115200\”; load mmc 0:2
$kernel_addr_rzImage ; load mmc 0:2 $fdt_addr_r tree blob;
bcm2835-rpi-zero-w.dtb ; bootz $kernel_addr_r -
$fdt_addr_r”
copy “zImage” and “bcm2835-rpi-zero-w.dtb” to
CONFIG_WATCHDOG_TIMEOUT_MSECS=30000 the root file system;
CONFIG_BCM2835_WATCHDOG=y
setup the path and length of “uboot.env” to
Listing 7. “uboot-fragment.config”. “/etc/fw_env.config” in order to have access to
In order for the watchdog to work in U-boot for Raspberry the U-boot BOOTCOUNT variable from Linux;
Pi Zero W, we needed to apply the Paolo Pisati’s patch to setting the Linux “watchdog-timeout” to 15
U-boot sources [14]. This was made by copying the seconds in “/etc/watchdog.conf”.
(slightly modified) patch to folder “boot/uboot/2020.10”
Buildroot folder. In the Buildroot “overlay” folder various files were
created:
In the Linux kernel the watchdog must also be enabled, by
setting CONFIG_WATCHDOG=y and “S30watchdog” and “S98swupdate” services
CONFIG_BCM2835_WDT=y. We also built a program available in “/etc/init.d” on the target;
tool which will reset the U-boot’s BOOTCOUNT variable
when Linux successfully boots; this program uses “postupdate.sh”, “swupdate.cfg” and other files
“fw_printenv” and “fw_setenv” commands to access U- available in “/etc/swupdate” on the target.
boot’s environment. software = {
version = "0.1.0";
The “config.txt” file from the boot partition needs to rootfs = {
contain “enable_uart=1” to use the UART for debugging rootfs-1: {
and “dtparam=watchdog=on” in order to use the watchdog. images: (
{
filename = "rootfs.ext4.gz";
III.3 The client system compressed = "zlib";
device = "/dev/mmcblk0p2";
On the embedded Linux targets we use the SWUpdate tool });
for remote software updates. In order to generate the }
rootfs-2: {
effective update file, a script named “SWUpdate- images: (
image.sh” was written (see Listing 8) which creates a cpio {
archive that SWUpdate will use to upgrade the system. filename = "rootfs.ext4.gz";
This script packs the “sw-description” file (see Listing 9), compressed = "zlib";
device = "/dev/mmcblk0p3";
which tells SWUpdate what are the updatable partitions, });
along with the file used to install the new root file system }
which is “rootfs.ext4.gz” and is generated by Buildroot. }
}
IMG_FILES="sw-description rootfs.ext4.gz"
for f in ${IMG_FILES} ; do Listing 9. The “sw-description” file.
echo ${f}
done | cpio -ovL -H crc>buildroot.swu The “S98swupdate” service does the following:
Listing 8.The “swupdate-image.sh” script. saves to a file “/root/mmc-part-id” the id of the
partition which Linux booted;
In the Buildroot folder “board/raspberrypi0w”, we wrote
the “post-build.sh” script and added a folder named gets and saves the target machine id (every
“overlay” which contains additional files to be written to Raspberry Pi board has associated a unique id,
the target’s root file system. see Listing 10);
In “post-build.sh” we made the following additions: starts the effective swupdate daemon and
specifies it the target id, target token, hawkBit
URL and the partition that booted Linux;
Int. J. Advanced Networking and Applications 4992
Volume: 13 Issue: 03 Pages: 4988-4992(2021) ISSN: 0975-0290
REFERENCES
[1] A. Sharif, J.P. Li, M.A. Saleem, “Internet of
Things Enabled Vehicular and Ad Hoc Networks for
Smart City Traffic Monitoring and Controlling: A
Review”, International Journal of Advanced
Networking and Applications, Volume 13, Issue 02,
pp. 4925-4930, 2021.
[2] M. Krak, The ultimate guide to software updates on
embedded Linux devices, pp. 12-18, FOSS-North
conference, 2018.
[3] V. Baillie, OTA updates for Embedded Linux, part 1
– Fundamentals and implementation,
https://www.embedded.com/ota-updates-for-
embedded-linux-part-1-fundamentals-and-
implementation, last accessed 2021/09/31.
[4] V. Baillie, “OTA updates for Embedded Linux, part
2 – A comparison of off-the-shelf update systems”,
https://www.embedded.com/ota-updates-for-