Client – Who are they/what do they do
130 years established medical care products manufacturer and services provider
Challenge – What did they need us to do
The client has a range of medical care products, and their newest one needed support for secure over-the-air firmware updates for two embedded microprocessors from different manufacturers. The project goal was to architect an end-to-end solution that enabled cloud-to-embedded-device updates via mobile devices without risk of failure or corruption. The solution required integration with the client’s existing cloud and mobile application infrastructure, as well as a secure wireless BLE implementation for communication between the mobile app and the embedded product.
Solution – How did we solve it for the client
At the project’s start, remote virtual meetings were held with the managers, the embedded software technical lead, and the cloud/mobile technical lead to better understand the general project aims and any technical constraints imposed by the existing software architecture design and implementation. These meetings provided an ideal forum for candid feedback and brain-storming sessions. Reviews of existing design documents, hardware schematics, microprocessor datasheets, and source code were carried out to gather technical information and understand the hardware design constraints.
Following this, a solution was architected, and a proof-of-concept was carried out on the embedded aspect of the update process, using two development kits connected together via a UART serial interface. The two microprocessors were programmed with customized bootloaders needed to perform the firmware update operation, as well as the public signing and secret encryption keys and a simplified representative user application.
With the preparations complete, the firmware update process was initiated using a test application running on a mobile device equipped with Bluetooth. The OTA service allowed download of the update image to the device. The device was then rebooted into the bootloader and if the image was proven to be authentic and successfully decrypted, it was written into the flash. Otherwise, the update was abandoned, and the device was reset to execute the previously programmed application.
The same sequence was repeated for the second microprocessor, but the data transfer was assisted by the application running on the first microprocessor, which was the only device with a Bluetooth module. All received data was forwarded to the second microprocessor via the UART serial interface.
The solution was a success and met the client’s original brief. The proof of concept was handed over to the internal development teams to integrate with the existing product application and development tools.
A summary findings document was produced explaining how the new firmware update process could be integrated into the existing production release process. Including key points such as when programming of specific information was required and potential areas for improvement. Throughout the project, status updates were provided to the client on a weekly basis, and unscheduled technical calls and chats took place using Microsoft “Teams.” The client’s program manager managed all project activities.
