2024-09-02 | Katja Grünewald | 3 min read
Firmware Over The Air: We explain FOTA
In the dynamic landscape of industrial manufacturing, digitalisation plays a key role for success. Terms such as Industry 4.0 or IoT (Internet of Things) are no longer concepts for the future, but have been firmly established worldwide — both for modern production and for a smartly connected everyday life. Almost everyone uses technologies that are attributed to these terms, whether directly or indirectly.
Firmware over the air (FOTA) updates are a key tool in this constantly growing digital repertoire. They make it possible to comply with the latest (security) standards, bring features to market faster and even help protect the environment.
We also provide a concise overview of why FOTA is so essential not only for software developers, security managers and device manufacturers, but also for end users.
Key terms around FOTA
Internet of Things
The Internet of Things, or IoT for short, refers to the communication between different machines, systems and devices. The technology used for communication is irrelevant. From Bluetooth to 5G to the classic Internet, everything is included.
This type of communication allows automatic workflows to be defined and executed between different devices at different locations without the need for human intervention.
One example: Many homes now have smart devices that communicate with each other. Sensors measure the position of the sun, for example, and automatically close the shutters. This automatic shading allows the amount of light and heat to be directed into the various rooms. If there is also a link to an intelligent heating installation, the result is an extremely sustainable and energy-efficient system.
Hardware/Firmware/Software
IoT devices usually consist of several parts, which are assigned to three categories: Hardware, software and firmware.
Hardware refers to the physical component, the body of a device, so to speak. This can be touched, but can also be broken.
Firmware, on the other hand, describes the ‘invisible’ part (to be imagined as the electrical impulses of the brain)— so the code that communicates directly with the hardware and orchestrates which part performs which task and when.
Software describes the part of the code that no longer interacts directly with the hardware, but only with the firmware. Firmware is generally also referred to as embedded software.
Cyber Security
The (embedded) software described above is usually extremely complex and consists of thousands of lines of code written by different developers. This makes it almost impossible to keep firmware or software completely free of security vulnerabilities. These can be exploited to access the data stored on a device or to render the device unusable by hackers.
According to a recent report by Cybersecurity Ventures, the consequential costs of cyber crime amounted to just under USD 8 trillion in 2023 and will rise to USD 9.5 trillion in 2024. The trend is rising, even for 2025.
FOTA
To stay in the context of cyber security: If a security gap is found, it must be closed as quickly as possible to prevent criminals from exploiting it (if this is not already the case).
In the best case scenario, the gap will be closed in a few hours. However, the latest, secure version of the firmware still needs to be installed on the end device. This is known as an update. If the device is not connected to another device, such as a computer, this is known as a wireless update or OTA update (over the air update).
FOTA update therefore means nothing other than Firmware Over The Air Update and describes the wireless update of the firmware.
As described, these can be updates to solve security issues, but also other firmware adjustments; for example, to add current functions or to optimise device performance and service life.
Now that the terminology has been clarified, our upcoming blog posts will focus on the F-OTA process:
- What added value does the FOTA process have for companies and end users?
- What technologies and processes are behind the term?
- What can an XXL FOTA system look like?
- What is the Cyber Resilience Act?
- And above all: how do you get such a system?
We answer these and other questions in the Scandio article series Revolution in the IoT age: Firmware over the Air.
Here you can read more insights and download our free 1-pager device management.