5.9.3 Using Host File Download for MCU OTA

Host File Download allows an application to download a file from a remote location. The link to the file can be through a secure connection and once the file is downloaded, it is stored in the WINC's Flash and the Application is notified about it. The files to download can be of any kind and are not limited to MCU binaries, making this feature both flexible and powerful. One example would be the download of text files, which can hold, for instance, a file checksum, which can later be used by the Application to verify the integrity of the downloaded binary. An Host MCU OTA requires the following steps:

  • Provide an http/https link to the file to tell WINC to download the file from a specific remote location, which can be done using API m2m_ota_host_file_get.
  • Read the image from the WINC using spi_flash_read. There is currently a limitation where the bootloader also needs to perform m2m_wifi_init, m2m_ota_init and only then it will do m2m_ota_host_file_read_spi to read the image from WINC. m2m_ota_host_file_read_hif and m2m_ota_host_file_read_spi are not used in the ASF Example for MCU OTA to keep the driver footprint small while working around the limitation described above. However, this limitation is only present when the Application needs to be reset, or in this case switch to a bootloader, the WINC driver will lose track of the file handler and will have to load it again through the initialization process. If no reset or shutdown need to be performed and if no different Application needs to be loaded after downloading the file, these two APIs can be used.
Figure 5-7. Example Host File Download for MCU OTA
Other steps that must be considered by the Application Developer are:
  • It is recommended to verify the integrity of the image using a checksum calculation and match it against a previously known checksum. The user can design the validation mechanism since no predefined file format is enforced for MCU OTA.
  • There is an option to erase the file from Flash. Although this is not mandatory before requesting a new download, it can be useful for security purposes, ensuring that sensitive data is unavailable after its use.
    Note: The WINC does not perform any integrity check of any of the downloaded files via Host File Download and that must be checked by the application.