Memfault seems not to do the best work in advertising themselves though while I have to admit that this is the first time I hear about them despite of some quite extensive googling & reading around robust SW updates :).
A comment regarding the single copy + rescue approach. It seems that one additional drawback of that would be that the rescue will probably have almost similar security requirements as the main OS. That would mean that also Rescue has to receive regular security updates similar to main OS. That would then lead to having one more OS to be maintained and increase the risk of a non-atomic, no roll back update going south on field and all this to save couple of Euros on the flash cost.
Your comment about the single-copy-with-rescue approach is right. You will most certainly have to update the rescue system a few times during the lifetime of the product. And yes, the update is non-atomic and is a second OS to maintain on the system.
This is also a drawback of container-based OSs like Torizon OS. You need a simple OS that can run Docker containers. This simple OS needs updates, which are implemented differently to the updates of the containers.
Yes, Memfault is flying a bit under the radar. I became aware of them because I have been reading their excellent Interrupt blog (https://interrupt.memfault.com) for some years by now. Balena and Torizon could be other solutions besides Mender and Memfault.
Hi,
A very nice article!
Memfault seems not to do the best work in advertising themselves though while I have to admit that this is the first time I hear about them despite of some quite extensive googling & reading around robust SW updates :).
A comment regarding the single copy + rescue approach. It seems that one additional drawback of that would be that the rescue will probably have almost similar security requirements as the main OS. That would mean that also Rescue has to receive regular security updates similar to main OS. That would then lead to having one more OS to be maintained and increase the risk of a non-atomic, no roll back update going south on field and all this to save couple of Euros on the flash cost.
Hi Jussi,
Your comment about the single-copy-with-rescue approach is right. You will most certainly have to update the rescue system a few times during the lifetime of the product. And yes, the update is non-atomic and is a second OS to maintain on the system.
This is also a drawback of container-based OSs like Torizon OS. You need a simple OS that can run Docker containers. This simple OS needs updates, which are implemented differently to the updates of the containers.
Yes, Memfault is flying a bit under the radar. I became aware of them because I have been reading their excellent Interrupt blog (https://interrupt.memfault.com) for some years by now. Balena and Torizon could be other solutions besides Mender and Memfault.
Cheers,
Burkhard