ESP32 board with battery and nearby antenna

How To Easily Set Up Secure OTA Firmware Updates On ESP32

After an electronic IoT device has been deployed into the world, it may be necessary to reprogram or update it. But if physical access to the device (or devices) is troublesome or no longer possible, that’s a problem.

OTA updates allow a device to download new firmware, install it, and reboot itself into the new version. Convenient? Yes. Secure? It definitely needs to be.

Fortunately, over-the-air (OTA) firmware updates are a thing, allowing embedded devices to be reprogrammed over their wireless data connection instead of with a physical hardware device. Security is of course a concern, and thankfully [Refik] explains how to set up a basic framework so that ESP32 OTA updates can happen securely, allowing one to deploy devices and still push OTA updates in confidence.

[Refik] begins by setting up a web server using Ubuntu Linux, and sets up HTTPS using a free SSL certificate from Let’s Encrypt, but a self-signed SSL certificate is also an option. Once that is done, the necessary fundamentals are in place to support deploying OTA updates in a secure manner. A bit more configuration, and the rest is up to the IoT devices themselves. [Refik] explains how to set things up using the esp32FOTA library, but we’ve also seen other ways to make OTA simple to use.

You can watch a simple secure OTA firmware update happen in the video, embedded below. There are a lot of different pieces working together, so [Refik] also provides a second video for those viewers who prefer a walkthrough to help make everything clear. Watch them both, after the break.

Continue reading “How To Easily Set Up Secure OTA Firmware Updates On ESP32”

Even More Firmware In Your Firmware

There are many ways to update an embedded system in the field. Images can fly through the air one a time, travel by sneaker or hitch a ride on other passing data. OK, maybe that’s a stretch, but there are certainly a plethora of ways to get those sweet update bytes into a target system. How are those bytes assembled, and what are the tools that do the assembly? This is the problem I needed to solve.

Recall, my system wasn’t a particularly novel one (see the block diagram below). Just a few computers asking each other for an update over some serial busses. I had chosen to bundle the payload firmware images into the binary for the intermediate microcontroller which was to carry out the update process. The additional constraint was that the blending of the three firmware images (one carrier and two payload) needed to happen long after compile time, on a different system with a separate toolchain. There were ultimately two options that fit the bill.

The system thirsty for an update

Continue reading “Even More Firmware In Your Firmware”

Putting The Firmware In Your Firmware

Performing over-the-air updates of devices in the field can be a tricky business. Reliability and recovery is of course key, but even getting the right bits to the right storage sectors can be a challenge. Recently I’ve been working on a project which called for the design of a new pathway to update some small microcontrollers which were decidedly inconvenient.

There are many pieces to a project like this; a bootloader to perform the actual updating, a robust communication protocol, recovery pathways, a file transfer mechanism, and more. What made these micros particularly inconvenient was that they weren’t network-connected themselves, but required a hop through another intermediate controller, which itself was also not connected to the network. Predictably, the otherwise simple “file transfer” step quickly ballooned out into a complex onion of tasks to complete before the rest of the project could continue. As they say, it’s micros all the way down.

The system de jour

Continue reading “Putting The Firmware In Your Firmware”

OTA ESP32 GUI Makes Updates Simple

One of the disadvantages of having cheap WiFi-capable boards like those based on the ESP32 is that you have to update them. If you have even a few in every room of your house, it can be a pain to pull them out and connect them to a cable for programming. Over the air programming is a great answer, and [Kevin] shows how you can control the update via a simple GUI. You can see a video demonstration of how it works below.

[Kevin] uses a ready-made OTA library to do the work, but creates a GUI configuration and downloader tool. There is a manual step to force the board into the OTA mode, which might be a mild inconvenience, but it improves security since you need physical access to the device to do an update.

Continue reading “OTA ESP32 GUI Makes Updates Simple”

Library Makes ESP Over The Air Updates Easy

Potentially, one of the great things about having a device connected to the network is that you can update it remotely. However, how do you make that happen? If you use the Arduino setup for the ESP8266 or ESP32, you might try [scottchiefbaker’s] library which promises to make the process easy.

Adding it looks to be simple. You’ll need an include, of course. If you don’t mind using port 8080 and the path /webota, you only need to call handle_webota() from your main loop. If you want to change the defaults, you’ll need to add an extra call in your setup. You also need to set up a few global variables to specify your network parameters.

Continue reading “Library Makes ESP Over The Air Updates Easy”

SMART Response XE Gets Wireless Bootloader

A few months back we first brought word of the progress being made in unlocking the SMART Response XE, an ATmega128RFA powered handheld computer that allowed teachers to create an interactive curriculum in the days before all the kids got Chromebooks. Featuring 2.4 Ghz wireless communication, a 384×160 LCD, and a full QWERTY keyboard, schools paid around $100 each for them 2010. Now selling for as little as $5 on eBay, these Arduino-compatible devices only need a little coaxing and an external programmer to get your own code running.

The previous post inspired [Larry Bank] to try his hand at hacking the SMART Response XE, and so far he’s made some very impressive progress. Not only has he come up with his own support library, but he’s also created a way to upload Arduino code to the devices through their integrated 802.15.4 radio. With his setup, you no longer need to open the SMART Response XE and attach a programmer, making it much easier to test and deploy software.

[Larry] has written up a very detailed account of his development process, and goes through the trouble of including his ideas that didn’t work. Getting reliable communication between two of these classroom gadgets proved a bit tricky, and it took a bit of circling around until he hit on a protocol that worked.

The trick is that you need to use one SMART Response XE attached to your computer as a “hub” to upload code to other XEs. But given how cheap they are this isn’t that big of a deal, especially considering the boost in productivity it will net you. [Larry] added a 5 x 2 female header to his “hub” XE so he could close the device back up, and also added a physical power switch. In the video after the break, you can see a demonstration of the setup sending a simple program to a nearby XE.

Between this wireless bootloader and the Arduboy compatibility covered previously, we’d suggest you get your SMART Response XE now. We wouldn’t be surprised if the prices of these things start going up like they did with the IM-ME. Continue reading “SMART Response XE Gets Wireless Bootloader”

Over The Air Updates For Your Arduino

An Arduino and a data radio can make a great remote sensor node. Often in such situations, the hardware ends up installed somewhere hard to get to – be it in a light fitting, behind a wall, or secreted somewhere outdoors. Not places that you’d want to squeeze a cable repeatedly into while debugging.

[2BitOrNot2Bit] decided this simply wouldn’t do, and decided to program the Arduinos over the air instead.

Using the NRF24L01 chip with the Arduino is a popular choice to add wireless communications to a small project. By installing one of these radios on both the remote hardware and a local Arduino connected to the programming computer, it’s possible to remotely flash the Arduino without any physical contact whatsoever using Optiboot.

The writeup is comprehensive and covers both the required hardware setup for both ends of the operation as well as how to install the relevant bootloaders. If you’re already using the NRF24L01 in your projects, this could be the ideal solution to your programming woes. Perhaps you’re using a different platform though – like an Arduino on WiFi? Don’t worry – you can do OTA updates that way, too.