Developers’ Guide to Ensuring 10-Year Product Maintenance

While IoT devices are increasingly becoming a part of everyday life, offering numerous benefits, they also come with a range of preventable and inexorable risks. This could affect development, disturb device operations, and impede routine maintenance. Consequently, building a loyal customer base for the product requires developers to ensure smooth operation in the long run.

Security as a Driver of Firmware Architecture Design

One trend IoT developers should prioritize regarding firmware architecture design is addressing security demands.

In late 2022, estimations suggested there were 14.3 billion connected devices. Now, the market is predicted to grow to $483 billion by 2027, which could result in more than 29 billion connected devices. However, hacks and bugs continue to raise consumer apprehensions while the adoption of these devices persists. It means that developers are expected to increase the reliability of their products.

When it comes to security, developers feel the demand from both end users and regulatory bodies. First, vulnerabilities are abundant across operating systems, microcontrollers, and connectivity stacks. Second, end users anticipate devices to protect their data. Therefore, governments are likely to enact stricter compliance and regulatory requirements. Existing examples of such regulations include the IoT Cybersecurity Improvement Act in the United States and the EU Cybersecurity Act.

Using DRE Tools for IoT Device Optimization

To facilitate the long-term maintenance of IoT products, developers can now leverage device reliability engineering (DRE) tools. DRE presents hardware engineers with data at both the individual device and fleet levels, streamlining the delivery of IoT and edge devices while reducing risks.

Fixing Bugs

Instead of relying on users’ bug reports on release days, it is more effective to incorporate regular fixes and updates into the device’s lifecycle. This solution will ensure that:

• Devices can be reset to their factory conditions.
• If not, a reset to an old firmware version is available.
• A minimal firmware rote can be established.
• Teams are empowered to follow a Day 0 workflow.
• Firmware can be maintained in a bare minimum state.

This approach enables teams to ship products with the confidence that algorithms can be continually enhanced, and devices can receive updates after shipping.

Traditionally, debugging has been a time-consuming and costly process requiring support teams to answer phone calls or respond to emails, organizations to collect feedback and convert it to logs for customers, and then send devices back to engineers.

Alternatively, it is possible on a remote basis, allowing devices to report issues automatically through a cloud pipeline, where data is analyzed, organized into error instances while removing duplicates, and subsequently distributed to the engineering team.

One common debugging technique is known as core dumps, which involves automatically capturing detailed diagnostics for any issues. It includes gathering logs, generating backtraces, and collecting memory information, providing engineers with data for issue resolution. Developers are typically tasked with assembling diagnostic data, uploading it, and making this information human-readable.

Improving Security

Shipping a product requires a plan for product updates, which are necessary in the event of breaches or vulnerabilities that need patching.

Additional security measures include:

• Requiring firmware on-device validation.
• Verifying that anti-rollback mechanisms are in place.
• Ensuring secure delivery and an unencrypted state in transit.
• Checking that third-party libraries stay up to date.

The significance of third-party code arises from its widespread use and its frequent involvement in critical functions, such as connectivity and cryptography. Developers need to have a comprehensive understanding of third-party code, which includes knowledge about its licenses and the availability of support resources.

Monitoring

Ensuring the fleet’s health and satisfying increasing users’ demands relies heavily on the vital practice of remotely monitoring devices in the field. The need for monitoring is met when the development cycle extends into the post-production phase.

For instance, the detection and resolution of issues could be achieved with minimal disruption to the user, often before they actually know this. It is possible through over-the-air (OTA) monitoring of metrics like:

• Battery life.
• Bluetooth connectivity.
• Memory usage.
• Sensor performance.
• Crash-free hours.
• Mean time between failures.

OTA Updates

An efficient way to sustain the operability of connected devices is OTA updates, i.e., wireless deliveries of new software, firmware, and other data. These updates are possible to make through support cohorts, staged rollouts, and firmware signing.

Support cohorts entail developers grouping their devices and then updating each group separately. It allows for testing releases, A/B testing, and experimenting in various ways. Furthermore, support cohorts are effective when collaborating with numerous industrial clients who require updates on varying schedules.

Staged rollouts are about introducing updates to the device fleet incrementally. It hampers any potential issue from affecting all customers simultaneously. In this context, developers may configure the system to channel reported issues into the OTA system. If no problems are reported, they can proceed to incrementally expand the rollout until the entire fleet receives the updates.

When there is a requirement to certify the authenticity of a file, ensuring it originates from a trusted source and has not been altered in any way, firmware signing is a suitable method. By assigning a verifiable signature to the file, developers check the legitimacy of a firmware update. This process is integrated into the bootloader, which decides whether to alert the user or take another action.

Conclusions

To sum up, ensuring the long-term maintenance of IoT products requires developers to adapt to evolving trends and give precedence to major aspects of product development.

Balancing firmware and design elements to meet user expectations and address security demands is crucial in a rapidly growing market. At the same time, the utilization of device reliability engineering (DRE) tools can optimize device management and reduce risks. It encompasses debugging, security measures, monitoring, and over-the-air (OTA) updates.

Regular bug fixes throughout the device’s lifecycle enhance reliability and customer satisfaction. At the same time, security measures like firmware on-device validation and anti-rollback are essential for safeguarding IoT devices.

Monitoring is aimed at assuring the fleet’s health and fulfilling users’ demands. Lastly, OTA updates enable seamless maintenance for devices to remain operational and up-to-date, ultimately building trust and loyalty among users.