[riot-devel] Riot Software Update
Hi, yesterday in the IAB technical plenary, Hannes Tschofening stressed the need for system software maintenance. This raises the question: Have we spent enough thoughts on automated secure software updates for RIOT, are we approaching this subject? It might be some thing worth while considering?? Cheers, Thomas -- Prof. Dr. Thomas C. Schmidt ° Hamburg University of Applied Sciences Berliner Tor 7 ° ° Dept. Informatik, Internet Technologies Group20099 Hamburg, Germany ° ° http://www.haw-hamburg.de/inet Fon: +49-40-42875-8452 ° ° http://www.informatik.haw-hamburg.de/~schmidtFax: +49-40-42875-8409 ° -- Prof. Dr. Thomas C. Schmidt ° Hamburg University of Applied Sciences Berliner Tor 7 ° ° Dept. Informatik, Internet Technologies Group20099 Hamburg, Germany ° ° http://www.haw-hamburg.de/inet Fon: +49-40-42875-8452 ° ° http://www.informatik.haw-hamburg.de/~schmidtFax: +49-40-42875-8409 ° ___ devel mailing list devel@riot-os.org https://lists.riot-os.org/mailman/listinfo/devel
Re: [riot-devel] Riot Software Update
Hello, Indeed, that presentation was rather interesting. and secure updates indeed as part of security; Looking at the OTA, the discussions are excluding network protocol, so maybe one step in that direction would be to have some secure protocol for sending them ? Is there something already envisionned ? best regards, -- Cedric - Original Message - | From: Thomas C. Schmidt schm...@informatik.haw-hamburg.de | To: RIOT OS kernel developers devel@riot-os.org | Sent: Tuesday, March 24, 2015 10:01:01 AM | Subject: [riot-devel] Riot Software Update | | Hi, | | yesterday in the IAB technical plenary, Hannes Tschofening stressed | the | need for system software maintenance. This raises the question: Have | we | spent enough thoughts on automated secure software updates for RIOT, | are | we approaching this subject? | | It might be some thing worth while considering?? | | Cheers, | Thomas | -- | | Prof. Dr. Thomas C. Schmidt | ° Hamburg University of Applied Sciences Berliner | Tor 7 ° | ° Dept. Informatik, Internet Technologies Group20099 Hamburg, | Germany ° | ° http://www.haw-hamburg.de/inet Fon: | +49-40-42875-8452 ° | ° http://www.informatik.haw-hamburg.de/~schmidtFax: | +49-40-42875-8409 ° __ | devel mailing list | devel@riot-os.org | https://lists.riot-os.org/mailman/listinfo/devel | ___ devel mailing list devel@riot-os.org https://lists.riot-os.org/mailman/listinfo/devel
Re: [riot-devel] Riot Software Update
Hi Thomas, there are some initial efforts on-going in the community, such as [1] [2] [3], and upcoming GSOC projects on implementing LWM2M amd dynamic linking. However, this is not sufficient to get the whole nine yards. To have the full picture, there lacks security/crypto aspects, software updates (rrlated but different from firmware updates) and the automatic aspect, which also include a network/transport/distribution aspect. So in a nutshell: I think this aspect is of utmost importance indeed. Having a really good way to do that could be a decisive advantage of RIOT over other OS. In any case: the IoT will only become the IoT the day such evolutive mechanisms are in place and usable. I was thinking that this could/should be the main focus of RIOT in upcoming H2020 project proposals for instance. best, Emmanuel [1] https://lists.riot-os.org/pipermail/devel/attachments/20150211/7e2772a3/attachment-0001.pdf [2] https://github.com/RIOT-OS/RIOT/wiki/minutes-OTA-meetup-13.2.2015 [3] https://lists.stillroot.org/pipermail/devel/2015-January/001738.html Le 24 mars 2015 10:01, Thomas C. Schmidt schm...@informatik.haw-hamburg.de a écrit : Hi, yesterday in the IAB technical plenary, Hannes Tschofening stressed the need for system software maintenance. This raises the question: Have we spent enough thoughts on automated secure software updates for RIOT, are we approaching this subject? It might be some thing worth while considering?? Cheers, Thomas -- Prof. Dr. Thomas C. Schmidt ° Hamburg University of Applied Sciences Berliner Tor 7 ° ° Dept. Informatik, Internet Technologies Group20099 Hamburg, Germany ° ° http://www.haw-hamburg.de/inet Fon: +49-40-42875-8452 ° ° http://www.informatik.haw-hamburg.de/~schmidtFax: +49-40-42875-8409 ° -- Prof. Dr. Thomas C. Schmidt ° Hamburg University of Applied Sciences Berliner Tor 7 ° ° Dept. Informatik, Internet Technologies Group20099 Hamburg, Germany ° ° http://www.haw-hamburg.de/inet Fon: +49-40-42875-8452 ° ° http://www.informatik.haw-hamburg.de/~schmidtFax: +49-40-42875-8409 ° ___ devel mailing list devel@riot-os.org https://lists.riot-os.org/mailman/listinfo/devel ___ devel mailing list devel@riot-os.org https://lists.riot-os.org/mailman/listinfo/devel
Re: [riot-devel] Riot Software Update
Hi Ludwig! yes, we agreed that in order to get software updates we need a foundation for activating new firmware images first. The working assumption for the first incarnation/iteration of this is that an image has been saved to some memory of the device already. Okay, basically my question was: do the OTA task force wants to work on the actual update distribution mechanisms (including security) in a second step or would it make more sense trying to charter a task force that works on this in parallel? (If the latter, I would recommend to rename it.) Cheers, Oleg -- The bad thing about HTML DOM jokes is that everyone has their own interpretations, so you have to tell them 9000 different ways. pgpSFGlWeiziK.pgp Description: PGP signature ___ devel mailing list devel@riot-os.org https://lists.riot-os.org/mailman/listinfo/devel
