In the below presentation on security Rohini Pandhi mentions the problem of keeping your device updated.
Unconnected consumer items used to be simply build, distributed and sold with no process for doing any updates. Embedded systems did have options for updating but often this needed to be done by a trained field service engineer or by returning the item to the factory. Small issues spotted post production were fixed in new versions but often not patched in older versions. If there was a significant fault with a system then they would need to be an expensive product recall.
With connected devices there is the added issue of security. When there is a security issue these often need to be patched faster or there might be problems for the end users.
The fact that the device is connected means that patches can be downloaded and applied more easily as is done with mobile phones and PC.
For embedded products there are additional challenges
- Lack of user interface
- Always on
- Power requirements (flashing a ROM could use a lot of power)
- Handling failures
- Automating the installation process
I've not really looked into these issues for my project so would be interested to know what other peoples thoughts are?
References
The 10 challenges of securing IoT communications | Atmel | Bits & Pieces
Meraki firmware updates while you sleep
Open source solutions ease process of updating leg - AMD – Aerospace Manufacturing and Design