December 6, 2023
The rapidly evolving automotive industry is witnessing a significant shift towards connected, autonomous, and electric vehicles. A crucial component of this transition is having a system in place that supports the seamless interplay of software and hardware components to ensure enhanced user experiences, vehicle safety, and real-time feature upgrades. Due to their open-source nature and robustness, Embedded Linux Systems have become a linchpin in this paradigm, powering myriad automotive applications.
However, when it comes to implementing over-the-air (OTA) updates for Embedded Linux Systems there are many challenges that automakers must overcome. In this blog, we’ll explore the intricacies of OTA updates in Embedded Linux Systems and how partnering with adept solution providers like Sibros can be a game-changer for automotive Original Equipment Manufacturers (OEMs).
There are a couple of different ways to go about performing updates. Individual file updates allow modifications to a single file (or a group of files) without making a full image update, which is great for updating various configuration files. Embedded Linux Systems, however, often employ a dual partition scheme for updates, a mechanism that involves two root partitions, A and B. At any given juncture, the system boots from one partition, referred to as "active" while the other, usually not even mounted, could be updated at any time. When an update is initiated, the new software version is downloaded and installed onto the inactive partition.
Once the update is complete, the installer changes the bootable partition index so that the system boots up with the new version after restart. In the event of an update or boot-up failure, the bootloader scripts will detect and change the bootable partition index to roll back to the version stored on the previous partition, thus minimizing downtime and ensuring system reliability.
The following challenges highlight the intricacies involved in implementing OTA updates for Embedded Linux Systems in automotive applications.
Having the correct configuration of the underlying hardware is a prerequisite for a successful automotive OTA update process. However, achieving this can be complex due to the diversity of E/E architectures within the automotive realm. Each hardware configuration might have its own set of requirements and peculiarities that need to be accurately understood and addressed to ensure a smooth update process. Furthermore, any misconfiguration can lead to system failures or unsuccessful updates, making configuration management a critical, yet challenging step in preparing for OTA updates. The process requires a thorough understanding of both the hardware and the software involved, as any oversight can have detrimental effects on the update process and the system as a whole.
Although bootloader modification rarely happens independently of root partition updates, it still presents a significant challenge in the OTA update process. First, the bootloader is a fundamental component of the system that initializes the hardware and loads the operating system into memory; as such, any modifications to it must be executed with precision to prevent rendering the system unbootable. Second, embedded systems in automotive environments often have stringent safety and reliability requirements, making bootloader modifications a delicate operation. Third, Linux root partition updates quite often require the bootloader to be replaced at the same time, which means the update operation has to be atomic.
As previously discussed, there is also the possibility of different hardware platforms with unique bootloader configurations, necessitating a deep understanding of the specific hardware architecture and the associated bootloader. Thus, the need for expertise in both the bootloader and the hardware platform increases the complexity of modifications. Moreover, gaining access to modify the bootloader can be a hurdle if the hardware vendor has not provided the necessary access or documentation, which is often the case in proprietary or tightly controlled systems. Finally, ensuring that modifications to the bootloader do not adversely impact other system functionalities, especially the ability to roll back updates, adds yet another layer of complexity.
In instances where automotive OEMs wish to work with a new hardware supplier, they may encounter challenges if the hardware vendor does not provide access to their build system. Without access to the build system, it becomes difficult to make the necessary modifications to support OTA updates.
Having access to the vendor's OS build allows manufacturers and software partners to quickly test and develop iteratively on the automotive OTA software to ensure that updates work successfully. In other words, it allows the OEM to build versions of the operating system that contain essential updater components within it, which must be done as the operating system is built. Without this ability, a lot of back-and-forth is required with the vendor to build, deliver, and receive an OS with the correct software.
However, challenges arise when vendors are reluctant to provide access to their build systems or when there's a lack of existing partnerships. Given the variance of Linux systems in the market, establishing a collaborative framework with hardware vendors is crucial to expedite any OS rebuilding or changes required to suit the target environment. The absence of a cooperative relationship makes it difficult to tailor the update process to the specific hardware and exacerbates the challenge of implementing OTA updates.
Designing an automotive OTA solution requires a robust backend to manage the image repository on the cloud, an in-vehicle component to initiate and manage updates, and a seamless connection between these components. The challenge lies in ensuring that these components work in harmony, are secure, and are capable of handling the complexities of automotive software updates. Any disconnect or failure in one component can disrupt the entire update process, making end-to-end integration a complex endeavor. Moreover, ensuring a seamless user experience while maintaining high levels of security and reliability adds to the challenge. This level of integration requires a comprehensive understanding of both the software and hardware aspects, as well as a well-orchestrated coordination between the various components involved in the OTA update process.
Sibros offers a comprehensive solution that addresses the challenges associated with implementing automotive OTA updates for Embedded Linux Systems in the automotive domain. With Sibros Deep Connected Platform (DCP), automotive OEMs can leverage a full end-to-end solution offering cloud APIs, cloud management, firmware integration, custom update sequences, direct automotive applications, and more.
Sibros DCP allows OEMs to focus on system-specific details and re-use features provided by our solution, such as cloud support, safe and secure cloud interface, and Uptane compliance. It drastically reduces the time to market and overall cost of OTA updates and update support. DCP is tailored to meet the unique requirements of the automotive sector, encompassing both Embedded Linux Systems updates and non-Linux UDS updates. Additionally, with Sibros’ robust hardware and cloud partner networks, OEMs can make seamless bootloader and root partition modifications to suit their unique needs.
Our solution also allows automakers to integrate in small steps, for example starting with a single product, such as Deep Updater, and then scaling to include others, such as Deep Logger. It not only simplifies the update process, reducing the need for OEMs to manage multiple systems while accelerating the deployment of OTA updates, but it also enables full-vehicle data logging and remote diagnostic commands. Instead of having five different systems to orchestrate connected vehicle updates and management, automakers can have it all on one integrated solution, thereby driving operational efficiencies and enhancing vehicle performance and safety.
As the automotive industry continues its march towards greater connectivity and automation, the ability to efficiently manage and update Embedded Linux Systems becomes increasingly critical. By partnering with Sibros, automotive OEMs can overcome the inherent challenges associated with OTA updates, ensuring that their vehicles remain at the forefront of technological innovation while delivering superior performance and safety to end-users. Contact us today to schedule a demo.