RDFM - open source framework for modular, configurable, multi-OS device OTA updates and fleet management

Antmicro’s involvement in building industrial devices for its customers often starts with designing hardware and developing customized Board Support Packages (BSPs) for operating systems like Linux or Android, which have been standard services in Antmicro’s business offering since the company’s inception. Once projects reach the stage of wider deployment, especially where numerous devices spread out in physical space are involved, the ability to manage the devices remotely, including secure Over-The-Air (OTA) software updates and fleet management, take the center stage. This is even more critical for edge AI scenarios which include AI model management and updates on top of typical software updates. While some solutions that solve those challenges are available on the market, they are often only supported in a single operating system, target a very specific platform, and they are typically either completely proprietary or hide their full functionality behind a SaaS paywall - thus not allowing customers to fully control their OTA/fleet management solution.

With this note, we present RDFM (Remote Device Fleet Manager), a fully open source Over-The-Air software updater and fleet manager for embedded devices that we have been developing across a range of customer scenarios. Read on to learn about the modularity, configurability and security of RDFM, get to know some of the details of the implementation, and see an example workflow for the tool in a CI environment.

Modular implementation and open API

RDFM is a system consisting of an application deployed on devices in a fleet, a server running in the cloud that the devices connect to and a manager application which lets users manage their devices. The server exposes an open API that allows the manager application to update and otherwise control their devices. The open API also makes the tool easily integrable with other systems, like automatic Over-The-Air update package upload from CI (GitLab, GitHub) or integration with pre-existing fleet management solutions.

RDFM can be used with any database compatible with SQLAlchemy - compatibility was tested using the SQLite and PostgreSQL systems.

As far as user management goes, they can be managed externally by using access management solutions like the open source Keycloak.

We are also working on a web UI alternative to the command line app using the same API.

As all the elements of RDFM are open, the management server can be deployed on-premise at our customer’s site or in the cloud and the application running on the devices is highly portable and extendable. In fact, we have been helping customers whose needs were not being met by other solutions, which they could not control and adjust to their requirements, adopt RDFM.

Linux, Android, Zephyr and more

Another strength of the way RDFM is architected lies in its support of multiple operating systems. As of now, we have released a Linux app as well as an Android implementation fully integrated with the system’s default update mechanisms.

A Zephyr RTOS implementation of RDFM is currently under development at Antmicro, to be followed by enabling systems that call for support in multi-node environments, e.g. handling scenarios involving multiple microcontrollers coupled with devices running Linux/Android for GUI capabilities (which again is not uncommon amongst our customers, especially in robotics or smart gateways).

RDFM’s security and configurability features

Security is definitely high on the agenda when developing management solutions for numerous, physically isolated devices. To ensure security when adding devices, RDFM requires manual pre-authorization registration for all devices. To handle device requests, the tool uses JSON Web Tokens and RSA key pairs, and the management system includes OAUth2 support for controlling read/write permissions.

There is also quite some flexibility as far as package storage is concerned - it can either be handled using a built-in server or an external server, e.g. the Amazon EC2 Compute Cloud or the Google Cloud Platform.

To take into account various real-life multi-device deployment scenarios, RDFM allows users to assign the devices in their fleets to groups be it for A/B testing, test/stable groups, or by geographical separation.

Another feature that often comes useful in practical scenarios is the ability to connect to the shell on the devices in your fleet, granting you a higher level of control.

RDFM in Continuous Integration

In the videos below, you can see an example workflow of RDFM in tandem with the GitLab CI environment. The first video illustrates the process from starting the RDFM server, through uploading packages using the CI system, to RDFM identifying the uploaded package.

In the second video, you can see the process of creating a device group in the manager, adding a device to the group, and deploying the update to the device. You can see the device successfully updated from v0 to v1.

Deploy scalable, secure, and adaptable open source solutions with Antmicro

This initial release marks the first broader announcement of this capability, but new features, integrations and use cases are on the way for RDFM. Through integration with our other open source tools such as Renode, Kenning or Visual System Designer, we are planning to enable a variety of customers to take control of their OTA and fleet management systems, expanding RDFM’s capabilities on the way.

With the flexibility offered by systems built on robust open source components, Antmicro can help you deploy safe, effective, and extensible OTA update and management solutions for your device fleets and even help you design entire systems and thoroughly test them thanks to simulation in Renode (which recently has been rapidly improving its Cortex-A support) and the rest of our open source toolkit.

Whether you would like to discuss developing completely new OTA-enabled systems or enhancing existing ones, feel free to reach out at contact@antmicro.com.