I'm involved with Mender which focuses on OTA updates and does not limit the type of update you can deploy, some popular choices: * full system image (with robust a/b layout for rollback support, can also do delta…
Hi, I am also working with the Mender project and we have been in touch earlier. The device support for mender-convert will be drastically widened (actually, there will not be any limit as such) in the Mender 2.3…
Disclaimer: I work on the Mender project. Signing and verification in Mender is covered here: https://docs.mender.io/artifacts/signing-and-verification
Signing an archive would probably be good enough for many cases. Block level is a bit simpler (all or nothing) and thus less risk of mixing with unsigned parts (sideloading attacks). For security-sensitive embedded…
Yocto has quite large community and is growing fast. That said, think of Yocto as the first integration not the only - buildroot is surely interesting too but we had to start somewhere. :)
I work on Mender, so I can tell you how automated rollback works there. The update is written to the inactive rootfs partition, uboot is configured to boot from it and the device is rebooted. Using the bootcount feature…
It is not that uncommon for an updater to support both local and remote updates. For example, Mender has two modes of operation: standalone and managed [0]. Like you, many teams are still doing local updates, or…
Thanks! :) Yes, we have looked into it and the nice thing is that TUF seems to be quite easy to add as an additional security layer down the road. One interesting challenge is downgrade attacks. How do you allow…
Cryptographic signing and verification is in scope for Mender [0], and frankly it should be in scope for all updaters -- too many hacks have happened due to lack of codesigning. [0]…
I'm involved with Mender which focuses on OTA updates and does not limit the type of update you can deploy, some popular choices: * full system image (with robust a/b layout for rollback support, can also do delta…
Hi, I am also working with the Mender project and we have been in touch earlier. The device support for mender-convert will be drastically widened (actually, there will not be any limit as such) in the Mender 2.3…
Disclaimer: I work on the Mender project. Signing and verification in Mender is covered here: https://docs.mender.io/artifacts/signing-and-verification
Signing an archive would probably be good enough for many cases. Block level is a bit simpler (all or nothing) and thus less risk of mixing with unsigned parts (sideloading attacks). For security-sensitive embedded…
Yocto has quite large community and is growing fast. That said, think of Yocto as the first integration not the only - buildroot is surely interesting too but we had to start somewhere. :)
I work on Mender, so I can tell you how automated rollback works there. The update is written to the inactive rootfs partition, uboot is configured to boot from it and the device is rebooted. Using the bootcount feature…
It is not that uncommon for an updater to support both local and remote updates. For example, Mender has two modes of operation: standalone and managed [0]. Like you, many teams are still doing local updates, or…
Thanks! :) Yes, we have looked into it and the nice thing is that TUF seems to be quite easy to add as an additional security layer down the road. One interesting challenge is downgrade attacks. How do you allow…
Cryptographic signing and verification is in scope for Mender [0], and frankly it should be in scope for all updaters -- too many hacks have happened due to lack of codesigning. [0]…