Fact-checked by Grok 2 weeks ago

Over-the-air update

An over-the-air (OTA) update, also known as over-the-air programming, is the wireless delivery of new software, firmware, or configuration data to a connected device, such as a smartphone, vehicle, or Internet of Things (IoT) endpoint, without the need for physical connections or manual installation by the user.^[1] This process typically involves downloading the update package over a network like cellular, Wi-Fi, or satellite, followed by automated verification, installation, and rebooting to apply changes. OTA updates enable manufacturers to push bug fixes, security patches, performance optimizations, and new features directly to devices in the field, transforming traditional one-time deployments into ongoing, lifecycle management strategies.^[2] The origins of OTA technology trace back to the late 1990s in mobile telecommunications, where it was initially used for provisioning services like SIM card configurations and basic firmware adjustments in cellular networks.^[1] Adoption expanded in the early 2000s with the rise of smartphones, as companies like Apple and Google integrated OTA mechanisms into operating systems such as iOS and Android to streamline app and system updates for billions of users.^[1] A pivotal advancement occurred in 2012 when Tesla deployed the first full-vehicle OTA update to its Model S fleet, marking a shift in the automotive sector by allowing remote enhancements to infotainment, autopilot features, and powertrain software. Since then, OTA has proliferated across industries, with regulatory bodies like the U.S. National Highway Traffic Safety Administration (NHTSA) recognizing its role in addressing vehicle safety recalls through software modifications.^[2] In contemporary applications, OTA updates are integral to smart vehicles, where they support everything from engine control tweaks to advanced driver-assistance systems (ADAS) improvements, reducing the need for dealership visits and extending vehicle longevity.^[3] For consumer electronics and IoT devices, OTA facilitates rapid vulnerability patching—critical as connected ecosystems face escalating cyber threats—with protocols ensuring atomic updates to prevent bricking devices during installation.^[4] Key benefits include cost savings for manufacturers through minimized physical service interventions, enhanced user satisfaction via seamless feature rollouts, and proactive security by enabling quick responses to emerging risks without disrupting device functionality.^[2] For instance, in automotive contexts, OTA has been credited with reducing warranty expenses by resolving issues remotely.^[2] Despite these advantages, OTA updates introduce significant challenges, particularly in security and reliability. Wireless transmission exposes updates to interception, tampering, or denial-of-service attacks, necessitating robust cryptographic measures like digital signatures and blockchain-based verification to ensure integrity and authenticity.^[5] In vehicles, incomplete or faulty updates could compromise safety-critical systems, prompting standards from organizations like the International Organization for Standardization (ISO/SAE 21434) to mandate risk assessments and rollback capabilities.^[6] Bandwidth limitations in remote areas and compatibility issues across device generations further complicate deployment, while privacy concerns arise from the telemetry data often collected during updates.^[7] Ongoing research focuses on hybrid unicast-broadcast methods and AI-driven anomaly detection to mitigate these risks, ensuring OTA remains a cornerstone of resilient, connected technologies.^[8]

Fundamentals

Terminology

An over-the-air (OTA) update refers to the wireless delivery of new software, firmware, or other data to a device, typically via cellular or Wi-Fi networks, without requiring physical access or connections.^[1] This method contrasts with traditional wired updates, which necessitate physical connections such as USB cables or removable media like SD cards or DVDs to transfer and install the update data directly to the device.^[9] Related terms include firmware updates, which involve modifying the low-level software embedded in hardware to control its basic operations and often address security or performance issues.^[10] A software patch is a targeted modification to existing code, usually to fix specific bugs, vulnerabilities, or add minor features, whereas a full update replaces the entire software or firmware image with a new version.^[11] Delta updates, also known as incremental updates, transmit only the differences between the current and new versions, reducing data size and bandwidth requirements compared to full updates.^[12] Common acronyms in this domain include FOTA (Firmware Over-The-Air), which specifically denotes wireless updates to firmware, and SOTA (Software Over-The-Air), referring to wireless delivery of higher-level software components.^[13] OTA updates serve to enable remote fixes and enhancements, improving device functionality without user intervention at a service center.^[1]

Purpose

Over-the-air (OTA) updates primarily enable remote bug fixes, allowing manufacturers to correct software errors in connected devices without requiring physical intervention, often with minimal user intervention. They facilitate feature enhancements by delivering new capabilities wirelessly after the initial deployment, keeping devices relevant and functional. Security patching is a core purpose, as OTA updates permit the swift distribution of vulnerability fixes to mitigate cyber threats in real time. Additionally, these updates support performance optimization by refining software efficiency and resource management autonomously. The adoption of OTA updates yields significant benefits for manufacturers and users alike. By obviating the need for physical recalls and service visits, they substantially reduce logistical costs; for example, projections indicate that automakers could save up to $1.5 billion annually by 2028 through OTA-based recall resolutions.^[14] Users benefit from an improved experience via seamless, background installations that minimize disruptions and downtime. Furthermore, OTA updates extend device lifespan by maintaining software viability, thereby delaying obsolescence. OTA updates are instrumental in meeting regulatory requirements for connected devices, particularly those involving cybersecurity. The European Union's Cyber Resilience Act mandates that manufacturers of products with digital elements provide ongoing security updates, often via OTA mechanisms, for a defined support period of at least five years to ensure resilience against evolving threats.^[15] In the medical sector, the U.S. Food and Drug Administration's guidelines on postmarket cybersecurity emphasize secure update processes to address vulnerabilities and sustain device safety.^[16] Environmentally, OTA updates help minimize electronic waste by prolonging the operational life of devices through continuous software improvements, reducing the frequency of hardware replacements and associated resource consumption.

History

Early Developments

The concept of over-the-air (OTA) updates originated in the telecommunications and broadcasting sectors during the 1980s and 1990s, where remote configuration and management of devices became feasible through wireless signals. Early OTA-like systems emerged in satellite television broadcasting, particularly for conditional access mechanisms that controlled subscriber viewing rights. In these systems, access management messages, including authorization keys and updates to descrambling parameters, were broadcast over the air to set-top receivers, enabling operators to remotely address and modify smart cards without physical intervention. This approach, known as over-air addressing, was outlined in international standards as early as 1990, allowing broadcasters to manage subscription changes and security updates dynamically across large networks of receivers.^[17] In parallel, OTA programming gained traction in mobile communication devices during the 1990s, with Motorola pioneering its application in pagers. Motorola's pagers, such as the Advisor series using the POCSAG protocol, supported remote configuration of settings like capcodes and alerts directly over paging networks, eliminating the need for manual reprogramming. This capability, advanced for the era, was formalized in Motorola patents by the late 1990s, allowing fleet managers to update thousands of units efficiently from a central station. Such systems marked an early shift toward wireless device management in personal communications, building on pager adoption that peaked in the mid-1990s.^[18] In the late 1990s, OTA updates were introduced for provisioning Subscriber Identity Module (SIM) cards in Global System for Mobile Communications (GSM) networks. This allowed telecom operators to remotely configure services, such as personalization and security parameters, on SIM cards without physical access, leveraging the SIM Toolkit standard developed under 3GPP specifications starting in 1996.^[19] By around 2000, OTA updates began appearing in consumer mobile devices, with Nokia leading the way through firmware delivery via Short Message Service (SMS) and emerging data protocols. Nokia's implementation, rooted in the Wireless Application Protocol (WAP) framework developed in the late 1990s, allowed remote provisioning and basic software updates to handsets like the 7110 model released in 1999. These updates addressed configuration, security patches, and minor feature enhancements, marking the transition of OTA from infrastructure tools to end-user applications in the GSM ecosystem.^[20] Early OTA systems faced substantial challenges, primarily from limited bandwidth and reliability constraints inherent to analog and early digital wireless networks. In the 1990s, narrowband channels restricted update sizes to small payloads, often requiring multiple sessions and increasing vulnerability to interference or signal loss, which could corrupt transmissions and necessitate retries. Reliability issues, such as incomplete deliveries leading to device instability, shaped initial designs toward error-checking mechanisms and phased rollouts, prioritizing simplicity over comprehensive firmware overhauls. These limitations influenced the cautious adoption of OTA in bandwidth-scarce environments like pagers and early cellular links.^[21]

Modern Adoption

The adoption of over-the-air (OTA) updates surged in the 2010s, propelled by the explosive growth in smartphone usage and the global rollout of high-speed 4G and 5G networks. Smartphone penetration in the United States, for instance, rose from 35% of adults in 2011 to 91% by 2024, creating a vast ecosystem for wireless software distribution.^[22] These networks provided the bandwidth and reliability needed for downloading substantial update payloads, transforming OTA from a niche feature into a standard practice. By enabling faster transmission rates—up to 100 times those of 3G—4G and 5G significantly reduced update times and supported broader implementation across mobile devices.^[23] Pioneering implementations in major operating systems exemplified this shift. Apple introduced full OTA capabilities for iOS with version 5 in 2011, allowing wireless delivery of major system updates without requiring a computer connection, which evolved into comprehensive ecosystem support for iPhones, iPads, and other devices by 2013.^[24] Android followed suit, initiating OTA firmware updates with version 1.5 (Cupcake) in 2009 and integrating them deeply into its framework for security patches and feature enhancements.^[20] These developments set benchmarks, encouraging competitors and fostering industry-wide standardization. Cloud computing emerged as a critical enabler, centralizing update repositories and enabling scalable, on-demand delivery to always-connected devices. This infrastructure supported real-time monitoring, differential updates to minimize data usage, and automated rollouts, making OTA viable for billions of devices worldwide.^[25] Regulatory initiatives have reinforced this momentum. The European Union's Cyber Resilience Act, proposed in 2022 and formally adopted in 2024, requires manufacturers of connected products to provide ongoing OTA support for vulnerability fixes and security enhancements, promoting interoperability and long-term device resilience.^[26]

Technical Implementation

Core Mechanisms

Over-the-air (OTA) updates rely on a series of core mechanisms to ensure reliable remote delivery and application of software modifications to devices without physical access. These mechanisms encompass the preparation, transmission, verification, installation, and activation of updates, typically aimed at delivering security patches and functional improvements. The process operates within a client-server architecture, where update servers host the necessary files and device agents handle reception and execution. The OTA update process begins with preparation, where the update is packaged into a distributable format, such as a binary image or a set of files, often including metadata for compatibility and versioning. This is followed by wireless transmission, in which the device agent queries the server and downloads the package over a network connection. Upon receipt, verification occurs to confirm the update's integrity and authenticity, commonly using cryptographic hash functions like SHA-256 to compute checksums and detect any corruption or tampering during transit. Installation then applies the update to the device's storage, often employing rollback-capable methods to revert if issues arise, and concludes with activation, where the device reboots or switches to the new software version. A fundamental architecture for OTA updates is the client-server model, featuring centralized update servers that manage repositories and push notifications to connected devices, while client-side agents—software components embedded in the device—poll for available updates, manage downloads, and orchestrate installation. Storage management is critical for safety, with techniques like A/B partitioning dividing the device's flash memory into two independent slots (A and B): the active slot runs the current software, while the inactive slot receives the update; upon successful verification and installation, the bootloader activates the new slot, preserving the old one as a fallback. Device agents also handle temporary storage for downloaded packages to minimize resource usage during the process. OTA updates can be delivered as full images, which replace the entire firmware or software stack, or as differential updates, which transmit only the changes between versions to reduce bandwidth and time. Differential updates often leverage algorithms like Rsync, which efficiently identifies and synchronizes modified data blocks by comparing rolling checksums between source and target files, enabling compact delta patches. This approach is particularly valuable for large systems where only incremental modifications, such as security fixes, are needed. Error handling in OTA mechanisms includes retry protocols to address transient network failures, where the device agent automatically reattempts downloads after configurable intervals, and partial download resumption, allowing interrupted transfers to continue from the last successful point rather than restarting entirely. If installation fails—detected via post-installation integrity checks—the system rolls back to the previous version by switching to the preserved partition, ensuring device operability and preventing bricking.

Delivery Protocols

Over-the-air (OTA) update delivery relies on a variety of network protocols designed to ensure reliable, secure, and efficient transmission of firmware or software payloads from servers to devices across diverse environments, such as mobile networks, Wi-Fi, or low-power wide-area networks. These protocols handle the initial discovery, download, and initial verification stages, prioritizing compatibility with device constraints like limited bandwidth or intermittent connectivity.^[27] Common protocols for OTA delivery include HTTPS for secure file downloads in consumer devices like smartphones and automotive systems. In Android implementations, OTA packages are served over HTTPS to protect against interception during transit.^[28] Similarly, Apple's OTA profile delivery for iOS devices uses HTTPS to enable over-the-air configuration and updates.^[29] For IoT applications, lightweight protocols such as MQTT and CoAP are preferred due to their efficiency in resource-constrained settings. MQTT, a publish-subscribe messaging protocol secured with TLS, facilitates OTA updates in cloud-connected IoT ecosystems, as implemented in AWS IoT Core for firmware transfers.^[30] CoAP, optimized for constrained devices and networks, supports OTA in low-power scenarios like eSIM provisioning in mobile IoT, often paired with DTLS for security.^[31] Bandwidth optimization is critical for OTA delivery, especially in large-scale deployments where payloads can be substantial. Compression techniques reduce data size without compromising integrity; for instance, LZ4 provides fast, lossless compression suitable for real-time OTA processes in Android virtual A/B updates and Bluetooth Low Energy IoT scenarios, achieving decompression speeds over 500 MB/s on modern hardware.^[32]^[33] Additionally, multicast delivery enables simultaneous transmission to multiple devices, minimizing network load—for example, in LoRaWAN networks, multicast FUOTA (Firmware Updates Over The Air) allows efficient group updates for IoT fleets, reducing airtime and costs compared to unicast methods.^[34] Authentication during transit ensures that updates originate from trusted sources and remain unaltered en route. This is achieved through TLS/SSL handshakes, which establish encrypted sessions with mutual authentication; MQTT and HTTPS implementations in OTA systems, such as AWS FreeRTOS, mandate TLS to verify server identity via certificates during the initial connection.^[35] CoAP uses DTLS for analogous protection in constrained environments. Certificate pinning further enhances this by embedding expected public keys or hashes in the client, preventing man-in-the-middle attacks—Apple's guidelines recommend it for iOS apps handling sensitive OTA connections to specific servers.^[36] Scalability in OTA delivery is addressed through Content Delivery Networks (CDNs), which distribute payloads globally to handle high concurrency and reduce latency. AWS CloudFront, for example, supports OTA updates for IoT and software patches by automatically scaling to deliver large files at high transfer rates across edge locations.^[37] Akamai's OTA Updates service provides a dedicated network for automotive and IoT manufacturers, enabling efficient distribution to millions of devices while managing peak loads from simultaneous updates.^[38] These CDNs integrate with protocols like HTTPS to cache and route traffic optimally, ensuring reliable performance in diverse geographic and network conditions.

Applications by Industry

Smartphones

Over-the-air (OTA) updates have become integral to smartphone ecosystems, particularly for maintaining security and delivering timely improvements without requiring physical connections or user intervention beyond initial consent. In the Android ecosystem, Google Play System Updates serve as a dominant mechanism, providing monthly security patches and system enhancements directly through the Google Play Store since their introduction with Android 10 in 2019. These updates target modular components of the operating system, enabling faster deployment of fixes compared to full OS overhauls. Similarly, Apple's iOS employs OTA updates with staged rollouts, allowing developers to release versions gradually to subsets of users, starting from 1% and scaling to 100% over up to seven days, which helps monitor stability before full distribution. Beta testing via TestFlight further integrates OTA processes by enabling developers to distribute pre-release versions to invited testers for feedback.^[39]^[40]^[41] Key features of smartphone OTA updates emphasize user experience and seamless integration. Background downloads allow updates to fetch data over Wi-Fi or cellular without interrupting device use, with options for automatic installation during low-activity periods like overnight charging. User consent models require explicit approval before installation, often presenting notifications detailing the update's contents, such as security fixes or feature additions, to ensure transparency and control. These processes are deeply integrated with app stores: Android's Google Play handles system and app updates in a unified manner, while iOS's App Store facilitates OTA delivery for both OS and third-party apps, streamlining management through a single platform. This integration reduces friction, as users can enable auto-updates in settings, balancing convenience with security needs. OTA updates primarily serve to patch vulnerabilities promptly, minimizing exposure to exploits.^[42]^[43]^[44] A notable case study is Samsung's Knox platform, which extends OTA capabilities for enterprise environments on Galaxy devices. Knox E-FOTA (Enterprise Firmware Over-The-Air) allows IT administrators to schedule and delay rollouts of OS and security updates by up to 60 days, enabling compatibility testing and phased deployment across fleets without disrupting workflows. This feature supports Wi-Fi-only downloads and granular controls, such as pausing updates for specific groups, ensuring enterprise-grade reliability while leveraging Android's base OTA infrastructure.^[45] The impact of OTA updates on smartphones is profound, particularly in reducing vulnerability windows—the period during which devices are exposed to known exploits. For instance, Google Pixel devices achieve a 0-day delay in applying monthly security patches via OTA, compared to averages of 32–140 days for other manufacturers like Xiaomi, Oppo, and Samsung, effectively shortening exposure times by up to several months. A 2024 analysis of over 10,000 devices highlighted that OTA-enabled systems, such as those using Project Mainline, cut update delays by approximately 7 days on average across Android variants, contributing to faster overall patching. This has led to measurable security gains, with studies indicating that timely OTA deployment can reduce exploit success rates by enhancing patch coverage across billions of active devices.^[46]^[47]

Automotive

Over-the-air (OTA) updates in the automotive sector enable manufacturers to deliver software enhancements, bug fixes, and feature additions to vehicles wirelessly, minimizing the need for dealer visits and supporting the evolution of connected and software-defined vehicles. This capability is particularly vital for maintaining safety and performance in increasingly autonomous systems, where timely updates can address emerging issues in real-time. Unlike traditional mechanical recalls, OTA mechanisms allow for rapid deployment, but they demand rigorous safeguards due to the mission-critical nature of vehicle operations. Tesla has been a pioneer in full-vehicle OTA updates since 2012, starting with its Model S and expanding to include enhancements for Autopilot features such as improved lane-keeping and adaptive cruise control through subsequent software releases. Ford has implemented modular OTA updates, focusing initially on infotainment systems via its SYNC platform, with expansions to powertrain and other modules in models like the Mustang Mach-E to enable seamless feature additions without hardware changes. Safety protocols for automotive OTA updates emphasize compliance with ISO 26262, the international standard for functional safety in electrical and electronic systems, ensuring that updates to critical components like braking or steering maintain Automotive Safety Integrity Levels (ASIL) up to D. To mitigate risks, updates are typically staged, beginning with non-driving systems such as infotainment before progressing to safety-critical ones, allowing for monitoring and rollback if issues arise. Delivery often relies on secure protocols like HTTPS to protect against interception during transmission. Regulatory frameworks, including UNECE WP.29 Regulation 156 on software updates, mandate that all new vehicles in adopting regions must incorporate a certified Software Update Management System (SUMS) starting July 2024, requiring re-certification every three years and notification for updates affecting type approval. For instance, in 2024, General Motors issued an OTA fix for a software defect in the electronic brake control module affecting over 20,000 2023-2024 Cadillac Lyriq vehicles, resolving a potential loss of regenerative braking and anti-lock functions without requiring physical service visits.

Internet of Things (IoT)

Over-the-air (OTA) updates play a pivotal role in the Internet of Things (IoT) by enabling remote software and firmware enhancements across diverse, resource-constrained devices, ensuring ongoing functionality, security patches, and feature additions without requiring physical access. In smart home applications, devices like the Amazon Echo leverage AWS IoT services to deliver OTA firmware updates, which improve voice recognition, integrate new skills, and address vulnerabilities seamlessly over Wi-Fi connections.^[48] Similarly, wearables such as Fitbit trackers receive OTA updates through companion mobile apps, often via Bluetooth, to refine sensor accuracy, introduce health monitoring algorithms, and comply with evolving privacy standards.^[49] These updates are essential for maintaining interoperability in heterogeneous IoT ecosystems, where devices from multiple vendors coexist. A key challenge in IoT OTA implementations is accommodating low-power constraints, especially for battery-dependent devices that operate predominantly in sleep modes to conserve energy. OTA systems mitigate this by scheduling brief wake-up intervals for update notifications and downloads, using lightweight protocols to minimize power draw during transmission and verification phases.^[50] Fleet management for millions of units further complicates deployment, necessitating scalable cloud infrastructures that handle device heterogeneity, prioritize critical updates, and monitor rollout success across global networks.^[51] Techniques like delta updates, which transmit only incremental changes rather than full firmware images, briefly reference core mechanisms to reduce bandwidth and storage demands in these environments.^[52] Mesh networking protocols such as Zigbee and Thread facilitate efficient OTA propagation in IoT setups, where intermediary router devices relay update payloads through the network to reach end nodes, even in areas with poor direct connectivity. In Zigbee networks, the OTA upgrade client-server model divides firmware into manageable blocks for sequential transmission, enabling reliable updates in smart home meshes with dozens of nodes.^[53] Thread similarly supports unicast and multicast propagation for OTA images, allowing border routers to coordinate updates across low-power personal area networks, which is vital for scalable applications like connected lighting or environmental sensors.^[54] This mesh-based approach enhances update resilience and reduces infrastructure costs in large IoT deployments. The proliferation of OTA support in IoT reflects rapid ecosystem growth, with connected devices projected to surpass 29 billion globally by 2030, driving demand for automated management tools to sustain security and performance at scale.^[52]

Networking Devices

Networking devices, particularly routers, leverage over-the-air (OTA) updates to deliver firmware enhancements that ensure reliable connectivity and operational stability in both home and enterprise settings. These updates allow manufacturers to remotely push improvements for bug fixes, feature additions, and compatibility with evolving network standards without requiring physical access to the hardware.^[55] Major implementations include those from Netgear and TP-Link, which facilitate firmware updates through web interfaces or dedicated mobile apps. Netgear routers, such as models in the Nighthawk series, support OTA updates via the Nighthawk app or browser-based administration, where users can manually check for and apply new firmware versions.^[56] TP-Link Wi-Fi routers similarly enable OTA upgrades by accessing the device's web interface or Tether app, allowing the router to automatically download and install the latest firmware from TP-Link's servers once an update is detected.^[57] Key features encompass both automatic and manual update modes to balance convenience and control, with enterprise-grade routers prioritizing zero-touch provisioning (ZTP) for streamlined deployment. In automatic mode, Netgear devices schedule OTA updates during low-usage windows, such as between 1:00 a.m. and 4:00 a.m. local time, to minimize disruption.^[58] TP-Link routers offer similar automation when bound to a TP-Link cloud account, triggering updates without user input.^[57] For enterprises, ZTP extends these capabilities by enabling routers to self-configure and update firmware upon initial network connection, reducing setup time across large deployments; Juniper Networks' Junos OS, for instance, automates software upgrades during ZTP to ensure devices boot with the latest stable version.^[59] A notable example involves 2024 Wi-Fi 7 routers, which use OTA mechanisms to deploy protocol upgrades, such as refinements to WPA3 encryption protocols required by the Wi-Fi 7 specification for enhanced authentication and protection against vulnerabilities. The TP-Link Archer BE900 quad-band Wi-Fi 7 router, released in 2024, incorporates OTA updates directly through its management panel to apply these WPA3 enhancements, ensuring compliance and improved security without manual reconfiguration.^[60]^[61] Reliability during OTA processes is bolstered by dual-partition systems in many routers, which allocate separate storage banks for the active and new firmware images to avert bricking. This approach installs the update on an inactive partition, verifies integrity, and only then switches partitions upon successful reboot, enabling automatic fallback to the prior version if issues arise.^[62] Such measures maintain network uptime, particularly critical for enterprise environments where downtime can impact operations.

Cellular Infrastructure

Over-the-air (OTA) updates in cellular infrastructure enable remote software upgrades for critical components such as 5G base stations and radio access network (RAN) elements, minimizing physical interventions and operational disruptions. These updates are particularly vital for evolving 5G networks, where vendors like Ericsson provide solutions for upgrading RAN software without halting service, often through in-service software upgrade (ISSU) mechanisms that allow seamless transitions during live operations. For instance, Ericsson's ISSU capability supports the deployment of new features and patches to base stations via remote channels, ensuring compatibility with existing hardware while enhancing network performance and security.^[63] At scale, managing OTA updates across thousands of cellular sites demands advanced automation to achieve minimal downtime, typically leveraging Self-Organizing Networks (SON) as defined by 3GPP standards. SON facilitates automated configuration, optimization, and self-healing processes, enabling operators to coordinate software deployments across vast infrastructures efficiently—reducing rollout times and operational costs. This is essential for 5G, where frequent updates address dynamic spectrum allocation and interference management without manual site visits.^[64]^[65] A notable example is the 2023 collaboration between Elisa and Ericsson, which implemented ISSU in a live production 5G standalone network, marking the first such upgrade globally and improving spectrum efficiency through automated software enhancements without service interruption. Similarly, in 2025, MTN South Africa achieved a world-first automated ISSU on Ericsson's Packet Core for 5G, demonstrating scalability in core network updates. These deployments highlight OTA's role in maintaining high availability across distributed base stations.^[66]^[67] Integration with Network Function Virtualization (NFV) further streamlines OTA updates in 5G by virtualizing RAN functions, allowing rolling upgrades and container-based deployments that decouple software from hardware. In NFV-enabled environments, updates can be orchestrated across virtualized baseband units and core elements, supporting cloud-native models for faster iteration and reduced downtime—key for handling the complexity of 5G slicing and edge computing. Ericsson's cloud-native solutions, for example, incorporate ISSU with NFV to enable continuous software evolution in virtualized infrastructures.^[68]^[69]

Standards and Protocols

OTA-Specific Standards

Over-the-air (OTA) updates rely on specialized standards to ensure reliable, secure, and interoperable management of device firmware and software across diverse ecosystems. The Open Mobile Alliance Device Management (OMA-DM) protocol, introduced in version 1.1 in December 2003, provides a foundational framework for mobile device management, including OTA firmware updates through its Firmware Update Management Object (FUMO).^[70] OMA-DM enables remote discovery, download, verification, and installation of updates via SyncML-based sessions, supporting billions of mobile devices for provisioning and maintenance.^[71] For resource-constrained Internet of Things (IoT) devices, the Lightweight Machine-to-Machine (LwM2M) protocol, approved in version 1.0 in February 2017, extends OTA capabilities with a compact, RESTful architecture built on CoAP.^[72] LwM2M's Firmware Update Object (/5) standardizes the state machine for OTA processes, including querying current versions, downloading packages, applying updates, and reporting success or failure, facilitating scalable management in low-power networks.^[73] This object supports both client-initiated and server-initiated updates, with enhancements in later versions for multi-package handling without deviating from core compatibility.^[74] In the automotive sector, the AUTOSAR (AUTomotive Open System ARchitecture) standard incorporates an OTA module through its Update and Configuration Management (UCM) functional cluster, first detailed in Release 19-11 in 2019. This module enables over-the-air firmware updates for Electronic Control Units (ECUs) during runtime, using a master-subordinate mechanism where a central ECU coordinates downloads and installations across the vehicle network while maintaining operational safety.^[75] AUTOSAR's approach supports seamless integration with vehicle gateways for secure ECU reprogramming, emphasizing backward compatibility and fault-tolerant execution.^[76] For cellular infrastructure, the GSMA's Network Equipment Security Assurance Scheme (NESAS), established to certify secure network elements, mandates robust OTA update policies as part of its baseline security controls.^[77] NESAS requires vendors to implement timely delivery of security patches via OTA, including vulnerability detection, authenticated downloads, and post-update verification, ensuring compliance for mobile network operators deploying updates to base stations and core equipment.^[78] These standards have evolved to support 5G networks, with updates by 2024 enhancing compatibility for high-bandwidth, low-latency OTA deliveries. OMA-DM and LwM2M incorporate 5G-specific features like edge computing integration and enhanced bootstrapping for non-3GPP access, as outlined in OMA roadmaps.^[79] AUTOSAR's UCM module now accommodates 5G connectivity for vehicle-to-cloud updates, enabling faster ECU reprogramming in software-defined vehicles.^[75] LwM2M version 1.2.2, released in June 2024, further refines firmware update objects for 5G-IoT scenarios, supporting massive device fleets with improved queue management.^[80] The Session Initiation Protocol (SIP) supports signaling for OTA updates in VoIP-integrated systems by enabling devices to request and receive notifications about available software updates. Through SIP's SUBSCRIBE method, a terminal subscribes to update events from a server, which responds via NOTIFY messages when new firmware is ready, allowing the device to initiate the download using SIP REFER or complementary protocols like HTTP or FTP. This mechanism is particularly useful in communication endpoints that combine voice services with remote upgradability, reducing network overhead compared to polling-based approaches.^[81] WebSockets facilitate real-time bidirectional communication for monitoring OTA update status, especially in web-based management interfaces for IoT devices. By establishing a persistent connection over HTTP, WebSockets enable servers to push live progress updates—such as download completion or installation verification—to clients without repeated requests, improving responsiveness in applications like embedded system dashboards. This is commonly implemented in platforms supporting wireless firmware uploads, where developers use WebSockets alongside HTTP endpoints for seamless status tracking.^[82]^[83] The File Transfer Protocol (FTP) served as a foundational method for delivering firmware in early OTA implementations, particularly in legacy wireless systems where modules like 4G or WiFi enabled remote binary transfers to resource-constrained devices. However, FTP's unencrypted nature exposed updates to interception risks, prompting its evolution to Secure File Transfer Protocol (SFTP), which integrates SSH for encrypted authentication and data integrity. SFTP has become the preferred secure alternative for upgrading legacy IoT and embedded systems, ensuring protected firmware distribution while maintaining compatibility with older infrastructures.^[84] Bluetooth Low Energy (BLE) enables short-range OTA updates in wearables by leveraging its low-power, wireless profile for efficient firmware provisioning between devices and companion applications. In ecosystems like smartwatches and fitness trackers, BLE facilitates the transfer of update payloads via GATT services, minimizing energy consumption during the process. Standards such as oneM2M extend BLE's capabilities for interoperable OTA in wearable IoT, allowing seamless integration with broader networks for device management.^[85] Cross-industry applications of these protocols highlight their role in meeting performance demands.

Security and Challenges

Security Measures

Digital signatures are a fundamental security measure in OTA update pipelines, ensuring the integrity and authenticity of firmware by verifying that updates have not been tampered with during transmission. Algorithms such as the Elliptic Curve Digital Signature Algorithm (ECDSA) are widely adopted for this purpose due to their strong security properties and efficiency in resource-constrained environments.^[86] End-to-end encryption complements digital signatures by protecting the confidentiality of update payloads, preventing unauthorized interception or modification over untrusted networks. This layered approach uses symmetric or asymmetric encryption to secure data from the server to the device, ensuring only authorized recipients can decrypt and install the updates.^[87] Secure boot chains extend verification beyond the update itself, establishing a chain of trust where each boot stage authenticates the next using cryptographic hashes and signatures. This prevents execution of compromised code by validating the entire firmware loading process from the initial bootloader onward.^[88] At the device level, a hardware Root of Trust, such as Trusted Platform Modules (TPMs), provides an immutable foundation for validating OTA updates prior to installation. TPMs store cryptographic keys and perform attestation, ensuring that only verified firmware can be applied and booted.^[89] Best practices for maintaining long-term security include regular rotation of signing keys to minimize the impact of potential key compromises and secure over-the-air provisioning of new keys to devices without physical access. These practices reduce the attack surface by limiting key lifespan and enabling dynamic updates to the trust base.^[90]^[91] The NIST Special Publication 800-193 outlines comprehensive frameworks for resilient platform firmware, including OTA updates, by recommending mechanisms for protection against unauthorized modifications, detection of anomalies, and recovery from corruption. This standard emphasizes building redundancy and verification into the update lifecycle to enhance overall system resilience.^[92]

Common Risks and Mitigations

Over-the-air (OTA) updates face several prevalent security risks that can compromise device integrity and user safety across industries. Man-in-the-middle (MITM) attacks occur when adversaries intercept communication between the update server and the device, potentially altering update data in transit.^[93] Update poisoning involves injecting malicious payloads into legitimate updates, allowing attackers to distribute malware that could control devices or exfiltrate data.^[2] Denial-of-service (DoS) attacks during delivery disrupt update processes by overwhelming networks or servers, preventing timely patching of vulnerabilities and leaving systems exposed.^[94] To counter these threats, various mitigations enhance OTA resilience. Anomaly detection using artificial intelligence (AI) monitors update traffic and device behavior in real-time, identifying deviations from normal patterns that may indicate tampering or unauthorized access.^[95] Rollback capabilities enable devices to revert to a previously verified firmware version if an update fails or introduces issues, minimizing downtime and risk in connected ecosystems like vehicles and IoT.^[28] For critical systems, air-gapped validation isolates update verification processes from networked environments, ensuring integrity checks occur offline before deployment.^[96] Notable case studies illustrate the impact of these risks. The 2016 Mirai botnet exploited unpatched vulnerabilities in IoT devices due to inadequate OTA mechanisms, infecting hundreds of thousands of devices with weak credentials and launching massive DDoS attacks that disrupted major internet services.^[97] In 2024, a vulnerability in Kia's owner portal exposed connected vehicles to potential remote control, including unlocking doors and starting engines, highlighting risks in connected vehicle systems that could extend to OTA channels for manipulating functions.^[98] In July 2025, a vulnerability in ECOVACS DEEBOT vacuum robot base stations (ICSA-25-135-19) allowed malicious over-the-air firmware updates due to lack of validation, enabling attackers to send insecure updates and compromise device control.^[99] Looking ahead, quantum computing poses emerging threats to OTA encryption by enabling rapid decryption of current standards like RSA, potentially exposing update payloads to interception and modification.^[100] Preparations include adopting post-quantum cryptography (PQC) protocols, such as Dilithium for secure signing of OTA updates, to maintain confidentiality against these advanced attacks.^[101]

References

[1]
What is OTA update (over-the-air update)? | Definition from TechTarget
Dec 9, 2022 · An over-the-air (OTA) update is the wireless delivery of new software, firmware or other data to mobile devices.
[2]
[PDF] Cybersecurity of Firmware Updates | NHTSA
Abstract Over-the-Air (OTA) software and firmware updates are widely considered essential for networked devices. In the automotive industry, OTA firmware ...
[3]
Over-the-air Updates Using IoT: What Are They and How Do ... - PTC
Jul 1, 2024 · Learn about IoT over-the-air updates: their history, how they work, benefits, and challenges. Discover how they streamline IoT operations ...
[4]
What Is Over-the-Air (OTA)? - Aptiv
Jun 4, 2020 · In the automotive industry, over-the-air (OTA) refers to the rapidly growing practice of distributing software updates wirelessly to ...
[5]
Automotive Software Self Reprogramming OTA - IEEE Xplore
Over-the-Air (OTA) software updates will be highly important for future connected vehicles. The OTA update will enable upgrading the vehicle functionalities or ...Missing: definition | Show results with:definition
[6]
[PDF] Federal Automated Vehicles Policy - Department of Transportation
Agency envisions that manufacturers and other entities will likely update the vehicle's software through over-the-air updates or other means. For model updates, ...
[7]
An OTA-oriented Protocol for Security Protection - IEEE Xplore
OTA technology has brought many benefits to vehicles, but at the same time, it has brought tremendous challenges to the security of vehicles. Based on the ...<|control11|><|separator|>
[8]
Secure OTA Software Updates for Connected Vehicles Using ...
This significantly reduces downtime and operational costs while keeping vehicular software up-to-date against emerging threats and technological advancements.
[9]
Firmware Updates over the Air via LoRa: Unicast and Broadcast ...
We define it as the time required for updating a whole project, including a number of IoT devices, assuming that the update is completed safely (i.e., the ...
[10]
Beware the OTA: The Dangers of Over the Air Updates - ByteSnap
Feb 14, 2024 · Unlike traditional “wired” software updates that require a physical connection, OTA updates allow for wireless delivery of new code directly to ...
[11]
What is Firmware? Definition, Types and Examples - TechTarget
Nov 12, 2024 · Firmware updates consist of code that tells the hardware how to behave in a new or modified way. Firmware updates are often issued to fix bugs, ...
[12]
Understanding Patches and Software Updates | CISA
Feb 23, 2023 · What are patches? Patches are software and operating system (OS) updates that address security vulnerabilities within a program or product.
[13]
Saving bandwidth with delta firmware updates - Interrupt - Memfault
Aug 9, 2022 · One solution is to implement delta updates, a technique that allows devices to download only the bits and pieces they need rather than full system images.Missing: definitions | Show results with:definitions
[14]
What Are Over-The-Air (OTA) Updates? - NinjaOne
Jul 24, 2025 · What Are Over-The-Air (OTA) Updates? ; FOTA (Firmware Over-The-Air): · SOTA (Software Over-The-Air): ; Incremental OTA Updates: · Full OTA Updates: ...
[15]
[PDF] General characteristics of a conditional-access broadcasting system
In conditional access broadcasting systems, the access management messages may be broadcast. This is known as "over-air addressing". The cycle time associated ...
[16]
Tech Flashback: Motorola Advisor POCSAG 512/1200bps Pager
Jan 15, 2016 · The text prompts have been customized as well, and it seems that the unit is capable of over-the-air programming which is pretty advanced for ...
[17]
TECHNOLOGY; Can Cellular Phone Companies Agree On a New ...
Sep 16, 1990 · The big advantage of C.D.M.A. is that it would allow cellular companies to set up new cells without sending technicians to reset radio base ...Missing: OTA | Show results with:OTA
[18]
The Evolution of Over-the-Air Firmware Updates - Very Technology
Explore the evolution of over-the-air firmware updates, from WAP to AI-powered advancements. Learn how this technology keeps devices secure.
[19]
Over-the-air (OTA) update best practices for industrial IoT ... - Mender
May 15, 2025 · An over-the-air (OTA) update is the secure deployment of an update to a connected product or device over the internet or network. Variations ...
[20]
Mobile Fact Sheet - Pew Research Center
Nov 13, 2024 · The vast majority of Americans – 98% – now own a cellphone of some kind. About nine-in-ten (91%) own a smartphone, up from just 35% in the Center's first ...
[21]
Global 5G adoption surges four times faster than 4G to reach 2.25 ...
Apr 1, 2025 · The data shows that the 5G industry has expanded four times faster than 4G LTE did in a comparable period – when LTE had just surpassed 500 ...
[22]
OTA Updates - The Apple Wiki
OTA updates, introduced with iOS 5, allow devices to download and install the latest software wirelessly via Settings > General > Software Update.OTA Update contents · OTA updates list · Apple TV · Apple Watch
[23]
The future of automotive computing: Cloud and edge - McKinsey
Oct 6, 2022 · OTA updates are typically delivered via a cloud data center and downloaded via Wi-Fi when it is least disruptive, and infotainment content ...
[24]
The role of over-the-air (OTA) updates in EU CRA compliance
Oct 21, 2024 · A complete guide on complying with the European Union Cyber Resiliency Act, and the foundational role of over-the-air (OTA) updates to ...
[25]
Over the Air Updates Market Report | Global Forecast From 2025 To ...
This expansion is projected to continue with a compound annual growth rate (CAGR) of 15.6%, reaching an anticipated value of USD 8.7 billion by the year 2032.Missing: percentage | Show results with:percentage
[26]
RFC 9019 - A Firmware Update Architecture for Internet of Things
Dec 20, 2022 · This document provides the motivation for the standardization of a manifest format as a transport-agnostic means for describing and protecting firmware updates.
[27]
A/B (seamless) system updates - Android Open Source Project
Oct 9, 2025 · If an OTA update is applied but fails to boot, the device will reboot back into the old partition and remains usable. The client is free to re- ...
[28]
Over-the-Air Profile Delivery and Configuration - Apple Developer
Apr 9, 2018 · Describes how to build a server that generates profiles and delivers them to iPhone devices over the air.
[29]
Prerequisites for OTA updates using MQTT - FreeRTOS
Beginning with version 201912.00, FreeRTOS OTA can use either the HTTP or MQTT protocol to transfer firmware update images from AWS IoT to devices.
[30]
[DOC] SGP.32-1.0-1.docx - GSMA
May 26, 2023 · Over The Air. PSMO ... The ESipa interface binding over CoAP SHALL follow the ESipa interface binding over HTTP described in section 6.1.
[31]
Implement Virtual A/B - Android Open Source Project
Oct 9, 2025 · OTA packages can be tuned for different performance metrics. Android provides several supported compression methods ( lz4 , zstd , and none ) ...Build flags · XOR compression · Boot control HAL · OTA compression algorithmsMissing: techniques | Show results with:techniques
[32]
lz4/lz4: Extremely Fast Compression algorithm - GitHub
LZ4 is lossless compression algorithm, providing compression speed > 500 MB/s per core, scalable with multi-cores CPU. It features an extremely fast decoder ...Releases 31 · Lz4 · Issues 40 · Pull requests 14
[33]
Perform firmware update over-the-air (FUOTA) for LoRaWAN ...
Using multicast FUOTA, you can significantly reduce the time and bandwidth required for firmware updates, ensuring your IoT deployments remain up-to-date and ...
[34]
Running OTA over MQTT - FreeRTOS™
The OTA Data Protocol defines the format used to transfer data over-the-air to and from the device. Currently MQTT and HTTPS are supported. This option is ...
[35]
Identity Pinning: How to configure server certificates for your app
Jan 14, 2021 · In most cases, pinning is not necessary and should be avoided. By default, when your app connects to a secure TLS network, the system evaluates ...
[36]
Low-Latency Content Delivery Network (CDN) - Amazon CloudFront
Distribute patches and updates. Scale automatically to deliver software, game patches, and IoT over-the-air (OTA) updates at scale with high transfer rates.Pricing · FAQs · Media Streaming Tutorials · Amazon CloudFrontMissing: scalability | Show results with:scalability
[37]
[PDF] akamai-services-descriptions.pdf
OTA Updates: OTA Updates supports connected vehicle OEMs, IoT device and equipment manufacturers, and software developers by providing a scalable network ...
[38]
Android Security and Update Bulletins
Jun 10, 2025 · This Section contains the available Android Security Bulletins, which provide fixes for possible issues affecting Android devices.Pixel Update Bulletins · Android Security Advisories · System and kernel security
[39]
Release a version update in phases - App Store Connect - Help
In Apps, select the app you want to view. · In the sidebar, click the app version you want to submit. · On the right, scroll down to the Phased Release for ...Missing: OTA | Show results with:OTA
[40]
TestFlight - Apple Developer
TestFlight makes it easy for testers to give feedback on your apps, games, and App Clips across Apple platforms before you publish.Release notes · TestFlight overview · Get started with TestFlight · Add internal testersMissing: staged | Show results with:staged
[41]
https://developer.apple.com/testflight/
[42]
OTA updates | Android Open Source Project
Android devices in the field can receive and install over-the-air (OTA) updates to the system, app software, and time zone rules.
[43]
https://source.android.com/docs/core/ota
[44]
Managed software updates - Samsung Knox Documentation
Mar 7, 2025 · Delay operating system (OS) upgrades and maintenance releases for up to 60 days. Allow firmware download over Wi-Fi only. Beyond Android ...
[45]
[PDF] A Device-Centric Analysis of Android Security Updates
- Google provides monthly security updates for a fixed period of 3 years. - Samsung's security update behavior varies depending on various factors. - Oppo and ...
[46]
Capacitor OTA Updates: Targeting iOS vs Android - Capgo
Mar 24, 2025 · Explore the differences in OTA update strategies for iOS and Android, focusing on deployment, security, and user requirements.
[47]
AWS IoT Over the air (OTA) library - FreeRTOS
The AWS IoT Over-the-air (OTA) update library enables you to manage the notification, download, and verification of firmware updates for FreeRTOS devices using ...Introduction · Features · Example usage
[48]
https://docs.aws.amazon.com/freertos/latest/userguide/ota-update-library.html
[49]
Over-the-Air (OTA) Updates in Embedded Microcontroller Applications
An over the air update replaces the software on the microcontroller or microprocessor of the embedded system with new software.Missing: mechanisms | Show results with:mechanisms
[50]
Challenges With Device OTA Updates and Their Solutions - SoftServe
May 23, 2025 · The fundamental challenge lies not only in ensuring a device performs correctly after an update, but in ensuring that the update process itself ...Missing: bandwidth 1990s 2000s
[51]
OTA IoT Breakdown: What OTA Is and How It Works in IoT - Memfault
Apr 1, 2025 · Over-the-Air (OTA) updates allow IoT devices to receive firmware and software updates remotely via the cloud, eliminating the need for manual access.
[52]
ZigBee OTA Firmware Update information - Digi International
Mar 25, 2025 · The OTA firmware update algorithm consists of 4 steps: Firmware updates are performed by sending the entire contents of an .ebl file to a remote device in the ...
[53]
Thread Tutorial: Practical guide for device upgrade OTA
Jun 7, 2019 · As mentioned in the introduction of this tutorial there are two methods of propagating our packets on to the Thread network, unicast and ...
[54]
Firmware Explained: The Key to Device Security & Performance
The NETGEAR Nighthawk firmware update process is easy using the Nighthawk App. Or if you're using Orbi Mesh systems use the Orbi app for Firmware updates. 1.Missing: implementation | Show results with:implementation
[55]
How do I update the firmware on my NETGEAR router?
Sep 2, 2025 · Update the firmware on your NETGEAR router with the Nighthawk app or with a web browser. This article will show you how to do both methods.Missing: OTA | Show results with:OTA
[56]
How to upgrade the firmware on the TP-Link Wi-Fi Routers
Jun 20, 2025 · This article will guide you to upgrade firmware on TP-Link Wi-Fi routers step by step. First of all, please check whether your TP-Link router supports TP-Link ...
[57]
How do I make sure that automatic firmware updates happen in the ...
Jul 7, 2025 · Automatic firmware updates happen between 1:00 am and 4:00 am local time. To avoid firmware updates starting at an inconvenient time, make sure that your ...<|separator|>
[58]
Zero Touch Provisioning | Junos OS - Juniper Networks
Zero Touch Provisioning (ZTP) allows you to provision new Juniper Networks devices in your network automatically, with minimal manual intervention.Understanding Zero Touch... · Configuring Zero-Touch... · Monitoring Zero Touch...Missing: OTA | Show results with:OTA
[59]
Archer BE900 | BE24000 Quad-Band Wi-Fi 7 Router | TP-Link Canada
Set up a separate WiFi for IoT devices and overlay HomeShield and advanced WPA3 ... OTA updates simplify firmware upgrades with a click in the management panel.
[60]
[PDF] Security Enhancements in Wi-Fi 7 - White Paper - Arista
Aug 1, 2025 · Introduction. Wi-Fi 7 introduces enhanced authentication, encryption and protection mechanisms to ensure secure and reliable communication.Missing: routers 2024 OTA
[61]
How to Handle Firmware Updates in the Field Without Bricking ...
Mar 7, 2025 · One of the most effective ways to prevent bricking is to use a dual-bank firmware storage approach. This involves maintaining two separate ...
[62]
In-Service Software Upgrade: A relief planning for 5G - Ericsson
Dec 2, 2019 · The In-Service Software Upgrade (ISSU) comes into play. It's a capability we see as one of the main operational cost reduction functionalities.
[63]
Self-Organising Networks (SON) - 3GPP
Jun 17, 2024 · A self-organizing network (SON) is an automated technology which is designed to help the management of mobile networks.Missing: OTA infrastructure<|separator|>
[64]
From SON to centralized automation - Ericsson
May 31, 2022 · SON focuses on three key areas of radio access network management: self-configuration, self-healing and self-optimization and is driven by the ...<|separator|>
[65]
Elisa and Ericsson launch ISSU for 5G standalone network
Jun 12, 2023 · Elisa and Ericsson launch In-Service Software Upgrade in Live Production 5G Standalone Network. Elisa becomes the first service provider in ...
[66]
MTN SA expands core network upgrades with Ericsson
Sep 29, 2025 · MTN South Africa has become the first operator globally to go-live with automated In-service Software Upgrade (ISSU) on Ericsson Packet Core ...
[67]
Network Functions Virtualisation (NFV) - ETSI
Enhancing NFV automation and capabilities, covering aspects such as: improving life-cycle management and orchestration, introducing more policy-based management ...Missing: OTA | Show results with:OTA
[68]
Accelerate your 5G strategy with virtualized RAN (vRAN) - Red Hat
Dec 20, 2019 · The virtualized foundation lets users easily upgrade and add new services and technologies like 5G and IoT, using the same underlying ...
[69]
[PDF] OMA Device Management Protocol - Open Mobile Alliance
Jun 17, 2008 · A.1 Approved Version History. Reference. Date. Description. OMA-SyncML-DMProtocol-V1_1_2-. 20031203-A. 03 Dec 2003. Initial OMA release. OMA-TS ...
[70]
[PDF] TELECOM AND AUTOMOTIVE— ThROUGh STANDARDS - OMA Wiki
Apr 19, 2016 · For the past decade, OMA DM has been successfully used on billions of mobile devices to deliver software updates over the air securely. Adopting ...
[71]
[PDF] OMA-TS-LightweightM2M-V1_0-20170208-A - Open Mobile Alliance
Feb 8, 2017 · This document is a Lightweight Machine to Machine Technical Specification, approved as version 1.0 on 08 Feb 2017.
[72]
[PDF] LwM2M advanced firmware update - Open Mobile Alliance
Jun 14, 2022 · The LwM2M specifications defines a Firmware Update Object, which allows a LwM2M Server to determine the firmware version running on the device, ...
[73]
OMA-TS-LightweightM2M_Core-V1_1_1-20190617-A_full
Jun 17, 2019 · This document describes the LwM2M messaging layer, which is the application layer communication protocol between a LwM2M Server and Client, ...
[74]
[PDF] Explanation of Firmware Over-The-Air - AUTOSAR.org
The term “(FOTA) update” is used to indicate a whole update procedure of an ECU. (or multiple ECUs in case of other dependent ECU updates). It contains all ...
[75]
[PDF] Specification of Update and Configuration Management - Autosar
This software specification contains the functional description and interfaces of the functional cluster Update and Configuration Management which belongs ...
[76]
[DOC] FS.31-Baseline-Security-Controls-v2.0.docx - GSMA
Feb 5, 2020 · Deliver security critical software updates to vulnerable mobile devices with minimal delay. Deliver security patches to vulnerable devices ...<|separator|>
[77]
[DOC] FS.31-Baseline-Security-Controls-v3.0.docx - GSMA
Deliver security critical software updates to vulnerable mobile devices with minimal delay. 1. When it is the responsibility of the operator, make available ...Missing: smartphones faster
[78]
[PDF] OMA Lightweight M2M (LwM2M) - Ready For 5G
Nov 12, 2019 · OMA Device Management and Service Enablement Working Group (DMSE WG) has an active work item for 5G in its roadmap (Including for example 5G ...
[79]
OMA-TS-LightweightM2M_Core-V1_2_2-20240613-A_full
Jun 13, 2024 · The OMA Lightweight M2M enabler includes device management and service enablement for LwM2M Devices. This device management protocol was ...
[80]
RFC 6665 - SIP-Specific Event Notification - IETF Datatracker
The purpose of this extension is to provide an extensible framework by which SIP nodes can request notification from remote nodes indicating that certain ...
[81]
ESP32 OTA (Over-the-Air) Updates - AsyncElegantOTA Arduino
In this guide, you'll learn how to do over-the-air (OTA) updates to your ESP32 boards using the AsyncElegantOTA library. This library creates a web server ...
[82]
OTA over websocket · Issue #357 · Links2004/arduinoWebSockets
Aug 14, 2018 · Hello, do you think it would be possible to make OTA update with usage of websockets? I know there are libraries to do OTA via http server, ...
[83]
Over the Air Programming (OTA) | Libelium - Cloud
OTA with 4G/WiFi modules via FTP. It is possible to update the Waspmote's program using Over The Air Programming and the following modules: 4G or WiFi module.
[84]
https://cloud.libelium.com/app/docs/waspmote/over-the-air-programming-ota
[85]
[PDF] ITU-T Rec. Technical Paper (30 April 2021) FSTP.SS-OTA ...
Apr 30, 2021 · This Technical Paper is prepared to develop a better understanding of the various efforts in organizations concerning the technology to remotely ...
[86]
Secure firmware updates with code signing - Interrupt - Memfault
Sep 8, 2020 · Several algorithms can be used to sign firmware, including RSA, DSA, and ECDSA. In this post, we focus on ECDSA for a few reasons: Security: ...
[87]
[PDF] Securing the IoT Update Process Contents
Executing a basic, over- the-air update can be done without including any enhanced update process security features, however such an update may be vulnerable to ...
[88]
Secure bootloader chain - Technical Documentation
Apr 30, 2025 · By using this secure bootloader chain, you can ensure that all code being executed has been authorized and that your application is protected against running ...
[89]
TPM Enables Secure Over-the-air Software Updates for Vehicles
Feb 26, 2018 · The physical hardware should incorporate a Trusted Platform Module or TPM. A TPM is a tiny chip that is used as a hardware Root of Trust.
[90]
Best Practices 2.1.0 - Uptane
All of these attacks can be mitigated by rotating any key associated with an external time in Root metadata, as described in Managing signing keys and metadata ...<|control11|><|separator|>
[91]
Over the Air Key Management for Flexible and Reliable IoT Device ...
Dec 16, 2024 · This approach fundamentally decouples device keys from the firmware features stored in flash memory, utilizing an intermediary server to ...
[92]
[PDF] Platform Firmware Resiliency Guidelines
May 2, 2018 · The document provides background information to help such readers understand the topics that are discussed. Page 10. NIST SP 800-193. PLATFORM ...
[93]
Cybersecurity Risks Of Automotive OTA - Semiconductor Engineering
Dec 1, 2022 · It is important to understand that OTA faces a growing list of attacks, including spoofing, unauthorized access, tampering, repudiation, man-in- ...
[94]
Cybersecurity Risks of Automotive OTA Updates - Apriorit
Aug 14, 2025 · An OTA update ecosystem relies on seamless interaction between cloud servers, several types of networks, and in-vehicle systems. Any unsecured ...
[95]
Excelfore Edge AI for Anomaly Detection in Connected Vehicles ...
Jan 30, 2025 · The Edge AI anomaly detection service enhances vehicle predictive maintenance and safety capabilities through advanced in-vehicle processing.
[96]
Secure OTA Updates | Secure-by-Design Handbook
This is most common in high-assurance, safety-critical, or air-gapped systems. The Argument: The risk of an attacker compromising the OTA update server and ...
[97]
Inside the infamous Mirai IoT Botnet: A Retrospective Analysis
Dec 14, 2017 · This post provides an analysis of Mirai, the Internet-of-Things botnet that took down major websites via massive DDoS using 100s of 1000s of ...
[98]
Secure OTA updates for automotive SDVs - T-Systems
Feb 28, 2025 · In 2024, security researchers discovered a vulnerability in Kia's owner portal website, which could have allowed attackers to remotely control ...
[99]
Post-Quantum Cryptography in Automotive - Apriorit
Jul 10, 2025 · With the help of quantum tools, attackers might decrypt or forge these updates to inject malicious code.
[100]
[PDF] Post-Quantum Secure Over-the-Air Update of Automotive Systems
We adjusted the OTA update protocol such that it uses the post-quantum secure Dilithium algorithm. For our experiments we utilized the Dilithium-2 pa ...