Software Lifecycle Management

You develop your products for a life cycle of many years -
Your software too?

Overview

Security and data protection requirements are increasing - as are the number of attacks, security vulnerabilities and identified risks. You have to face these ever-changing security threats and ensure that your systems can be updated when they are connected to the Internet. The current IEC 62443 standard, for example, also requires this in the Patch Management in the Industrial Automation Control System Environment section. 

The PHYTEC Software Lifecycle Management Service supports you in this. Take advantage of our offer for sustainable and binding maintenance of the Board Support Packages for your customer-specific hardware. We test your hardware with the latest patches and updates throughout the entire product life cycle. If necessary, you can roll out your software quickly and easily.

1. Development of your BSPs

We develop a customerspecific BSP for your PHYTEC hardware, based on the preliminary work of the standard development. We integrate hardware and BSP into our test farm and the CI system.

2. Roadmap planning

Together with you, we create an update strategy for your product and determine the frequency of updates. In general, we agree on annual major updates of the Yocto Project and biannual updates of the LTS kernel version.

3. Update Integration

Two BSP statuses are maintained in parallel. The first is an up-to-date version of your BSP, which we constantly supply with security and bug fixes over an agreed period of time. The other is a version in which we continuously update your BSP to the latest development status of the Yocto Project and Linux kernel. This provides a perfect basis for your next stable software release.

4. Verification and testing

Nightly builds with automatic tests quickly detect and resolve conflicts with your BSP. At the same time, we continuously check that the BSPs comply with your specifications. All results are recorded for you in test protocols.

5. BSP Roll-Out

You get access to a current and tested BSP version at any time, without the risk of continuous updates in the field. You can test the BSP with your own software applications routinely or as soon as a relevant vulnerability is detected, and play it out promptly. 

The RAUC Robust AutoUpdate Controller, which is prepared in our BSPs, supports you in this. In addition, we provide you with updates of your BSP including current kernel and Yocto versions according to the agreed strategy.

General conditions

Prerequisites for software lifecycle management are the use of a Mainline-Linux based BSP and the existence of a BSP specification that covers the entire functionality of the platform. An automated test environment is used to test the complete functionality of the system according to the BSP specification. The tests primarily include the interfaces, drivers and connections created on the boards. Customer applications are usually not included in the test.

The standard tests include "common" interfaces according to the graph below. Special interfaces or special protocols can be added individually by extending the test specification; this may require the creation of special test hardware. For testing, the Jenkins-based Continuous Integration System is linked to the test environment for automatic hardware testing. This makes the setup ideal for the continuous integration of standard board support packages and customized BSPs.

Deployment made easy

We facilitate the roll-out of your software into the field by preparing the RAUC Robust Auto-Update Controller in all current BSPs. The update client ensures the reliable installation of signed BSP updates on the embedded systems and is supported by Yocto in the meta-rauc layer. BSP updates can be created, checked and modified on the host system using the tool. 

PHYTEC supports you both in implementing the update mechanisms and in creating the appropriate infrastructure - from RAUC configuration and setting up cloud services to protecting the hardware from installing malicious software.

Benefit from our further services

  • Hardening & Secure Boot
  • Security consulting for hardware & software design
  • Key and certificate handling at our production facility in Germany
  • Cloud platforms for the roll-out of updates