Re: [riot-devel] Riot Software Update
Hello, Indeed, that presentation was rather interesting. and secure updates indeed as part of security; Looking at the OTA, the discussions are excluding network protocol, so maybe one step in that direction would be to have some secure protocol for sending them ? Is there something already envisionned ? best regards, -- Cedric - Original Message - | From: Thomas C. Schmidt schm...@informatik.haw-hamburg.de | To: RIOT OS kernel developers devel@riot-os.org | Sent: Tuesday, March 24, 2015 10:01:01 AM | Subject: [riot-devel] Riot Software Update | | Hi, | | yesterday in the IAB technical plenary, Hannes Tschofening stressed | the | need for system software maintenance. This raises the question: Have | we | spent enough thoughts on automated secure software updates for RIOT, | are | we approaching this subject? | | It might be some thing worth while considering?? | | Cheers, | Thomas | -- | | Prof. Dr. Thomas C. Schmidt | ° Hamburg University of Applied Sciences Berliner | Tor 7 ° | ° Dept. Informatik, Internet Technologies Group20099 Hamburg, | Germany ° | ° http://www.haw-hamburg.de/inet Fon: | +49-40-42875-8452 ° | ° http://www.informatik.haw-hamburg.de/~schmidtFax: | +49-40-42875-8409 ° __ | devel mailing list | devel@riot-os.org | https://lists.riot-os.org/mailman/listinfo/devel | ___ devel mailing list devel@riot-os.org https://lists.riot-os.org/mailman/listinfo/devel
Re: [riot-devel] Riot Software Update
Hi, yes, we agreed that in order to get software updates we need a foundation for activating new firmware images first. The working assumption for the first incarnation/iteration of this is that an image has been saved to some memory of the device already. Cheers, Ludwig Oleg Hahm schrieb: Hi! I see the upgrade distribution process as mostly independent from the software infrastructure needed to activate new images. Do I get this right, that the OTA task force is excluding the OTA part of the software update from their work? Or are you just considering the single hop case? Cheers, Oleg -- My computer is so slow that sometimes it gets a timeout from http://localhost. ___ devel mailing list devel@riot-os.org https://lists.riot-os.org/mailman/listinfo/devel ___ devel mailing list devel@riot-os.org https://lists.riot-os.org/mailman/listinfo/devel
Re: [riot-devel] Riot Software Update
Hi Thomas, there are some initial efforts on-going in the community, such as [1] [2] [3], and upcoming GSOC projects on implementing LWM2M amd dynamic linking. However, this is not sufficient to get the whole nine yards. To have the full picture, there lacks security/crypto aspects, software updates (rrlated but different from firmware updates) and the automatic aspect, which also include a network/transport/distribution aspect. So in a nutshell: I think this aspect is of utmost importance indeed. Having a really good way to do that could be a decisive advantage of RIOT over other OS. In any case: the IoT will only become the IoT the day such evolutive mechanisms are in place and usable. I was thinking that this could/should be the main focus of RIOT in upcoming H2020 project proposals for instance. best, Emmanuel [1] https://lists.riot-os.org/pipermail/devel/attachments/20150211/7e2772a3/attachment-0001.pdf [2] https://github.com/RIOT-OS/RIOT/wiki/minutes-OTA-meetup-13.2.2015 [3] https://lists.stillroot.org/pipermail/devel/2015-January/001738.html Le 24 mars 2015 10:01, Thomas C. Schmidt schm...@informatik.haw-hamburg.de a écrit : Hi, yesterday in the IAB technical plenary, Hannes Tschofening stressed the need for system software maintenance. This raises the question: Have we spent enough thoughts on automated secure software updates for RIOT, are we approaching this subject? It might be some thing worth while considering?? Cheers, Thomas -- Prof. Dr. Thomas C. Schmidt ° Hamburg University of Applied Sciences Berliner Tor 7 ° ° Dept. Informatik, Internet Technologies Group20099 Hamburg, Germany ° ° http://www.haw-hamburg.de/inet Fon: +49-40-42875-8452 ° ° http://www.informatik.haw-hamburg.de/~schmidtFax: +49-40-42875-8409 ° -- Prof. Dr. Thomas C. Schmidt ° Hamburg University of Applied Sciences Berliner Tor 7 ° ° Dept. Informatik, Internet Technologies Group20099 Hamburg, Germany ° ° http://www.haw-hamburg.de/inet Fon: +49-40-42875-8452 ° ° http://www.informatik.haw-hamburg.de/~schmidtFax: +49-40-42875-8409 ° ___ devel mailing list devel@riot-os.org https://lists.riot-os.org/mailman/listinfo/devel ___ devel mailing list devel@riot-os.org https://lists.riot-os.org/mailman/listinfo/devel
Re: [riot-devel] Riot Software Update
Hi Ludwig! yes, we agreed that in order to get software updates we need a foundation for activating new firmware images first. The working assumption for the first incarnation/iteration of this is that an image has been saved to some memory of the device already. Okay, basically my question was: do the OTA task force wants to work on the actual update distribution mechanisms (including security) in a second step or would it make more sense trying to charter a task force that works on this in parallel? (If the latter, I would recommend to rename it.) Cheers, Oleg -- The bad thing about HTML DOM jokes is that everyone has their own interpretations, so you have to tell them 9000 different ways. pgpSFGlWeiziK.pgp Description: PGP signature ___ devel mailing list devel@riot-os.org https://lists.riot-os.org/mailman/listinfo/devel
