Latest Nordic nRF5 SDK introduces secure and signed OTA firmware updates
In addition, the SDK now supports the Arduino development kit used with the Nordic nRF52832 SoC-based Arduino Primo base board, features a CMSIS configuration Wizard that allows graphical configuration in Keil, offers Bluetooth low energy Continuous Glucose Meter (CGM) profile support, and provides optimized Floating Point Unit execution.
In operation, a classic public/private key security structure is employed whereby public keys are distributed and private keys remain solely with the sending party, thus ensuring one-to-one security. Using ciphers to create keys in the Nordic nRF5 SDK v12.0 can be done in various ways and Leonard says the company invested great effort in allowing developers flexibility to create ciphers in whichever way they prefer. This includes Nordic-authored examples using, for example, ECDH using the P256 curve to establish secure connections in Bluetooth® low energy. (Nordic has also reserved two dedicated 16-bit UUIDs with the Bluetooth SIG for use with signed and unsigned firmware.)
Nordic also supports secure DFU application development with a suite of cross-platform PC tools and additionally mobile tools for Android and iOS.
Furthermore, if a secure OTA-DFU is interrupted, a ‘resume-from-failure’ feature is said to allow updates to resume from the last know good point and complete instead of re-starting the entire upgrade process from scratch.
“Security is of paramount importance amongst companies involved in the Internet of Things (IoT) and you need to know that something as important and fundamental as a firmware upgrade in a product is what it says it is and comes from a trusted source,” comments John Leonard, Product Marketing Manager at Nordic Semiconductor.
“For the majority of manufacturers software development is a complex, multi-team, deadlined task whose challenges unfortunately open the door to bugs being present in shipped products in the field. At the same time manufacturers also want to be able to introduce the newest and most improved product features that have their products performing at their best to maintain customer engagement.
“This means the ability to perform software and firmware updates is an absolute necessity, and the easiest and safest way to do this in Bluetooth low energy products is via secure, signed OTA-DFU updates which is what our latest nRF5 SDK v12.0 is all about.”
If you enjoyed this article, you will like the following ones: don't miss them by subscribing to :
