Reply
Highlighted
Posts: 19
Registered: ‎12-04-2016
Accepted Solution

Open source, secure OTA bootloader for EFR32/BGM111 using GCC and BLE 2.1.1.0

I have created an open source Github project for a secure bootloader I wrote for the BLE 2.1.1.0 stack. I wanted several things that the legacy OTA bootloader in 2.1.1.0 did not offer:

  • Build with GCC
  • Avoid proprietary file formats and tools
  • Preserve persistent storage data across application updates.
  • Secure encryption with customisable keys
  • Customisable OTA service UUID
  • Ability to add other features into the bootloader (e.g. manufacturing tests)

Some of these points appear to have been addressed by the 2.3.0.0 stack release, but it still uses proprietary file formats and tools and isn't customisable.

 

There is a companion Android app included as an APK in the project which will flash firmware files to the bootloader. The full source for this is not provided, but the source for code to read firmware files and send them to the bootloader is included.

 

There is no reduction of memory available to the application program, as the bootloader uses the ROM below 0x4000 which is otherwise unused. Encryption is done using AES-256, with SHA-256 to verify the programming. The encryption key and OTA service UUID are configurable, which ensures that only images suitable for the target can be flashed, and the debug lock word is automatically set to prevent the encryption key or code being read out of the chip.

 

The project uses CMake and does not require Simplicity Studio. If anyone else finds the project useful you are welcome to use and modify it.

 

https://github.com/clydebarrow/bgbootload

 

Clyde

 

 

 

 

Posts: 2,673
Registered: ‎09-01-2015

Re: Open source, secure OTA bootloader for EFR32/BGM111 using GCC and BLE 2.1.1.0

Thanks for sharing! I will definitely need to try this myself at some point.

 

One minor comment:

>> Preserve persistent storage data across application updates.

 

PS storage is preserved also by the Silicon Labs own OTA implementation, also in version 2.1.1. PS storage resides at the end of flash (two last sectors) and it is not touched during OTA.

 

(Note that I am marking this post as "solution" just to keep our statistics straight, to avoid reminders of unanswered questions...) 

 

 

Posts: 2,673
Registered: ‎09-01-2015

Re: Open source, secure OTA bootloader for EFR32/BGM111 using GCC and BLE 2.1.1.0

By the way, we have a separate section in the community for sharing projects:

http://community.silabs.com/t5/Projects/bd-p/9

 

Posts: 19
Registered: ‎12-04-2016

Re: Open source, secure OTA bootloader for EFR32/BGM111 using GCC and BLE 2.1.1.0

Ok, I saw a mention elsewhere on the Forum that persistent storage was erased after OTA upgrade, but on re-reading, I see it refers to the BLE113, so I guess that's different.

 

Thanks for the pointer to the projects forum, I'll use that in future.

 

Clyde