| > Can you provide an "enterprise class embedded OS" to device manufacturers and address post-deployment updates? There is already vxWorks, they don't have to start from scratch and they're already widely used in the industry. (There are others as well). Anyway: The devices in question are running some Linux with a custom web interface on top. Patching this specific flaw is just about having one engineer add a few lines to the webif git, trigger a rebuild, flash to a qemu VM (could happen automatically) and test if the interface still works. If that's the case (which is likely), put the firmware as "unsupported"/"alpha" on the company FTP. This assumes they have proper tooling (e.g. tagged git, automatic&deterministic build server, an efficient test environment,...). If they don't have, they probably wouldn't buy it (or, maybe they would?). Automatic post-deployment are only the end of the chain, and for cheap embedded consumer systems there are good reasons against it: "My router didn't react, so I powercycled it" is problematic if it was just applying an update (resilience against this costs money, which is tight). And then your 1st level support has to explain your grandma how to use tftp to flash the firmware via the bootloader (this is bad for 1st level support suicide rates). Did I mention all the crap should be cheap? What good is a well maintained IoShit device if it costs 4$ more than the poorly maintained competition? Chances are high you won't sell enough to sustain your company - unless you go into a premium segment and just charge twice as much as the competition, which might still be problematic (consumer expectations change a lot with price - cheap and vs. expensive and nice). Also, at the other end of the embedded spectrum: Industrial embedded systems should probably only be updated if really necessary, e.g. if something is broken due to bad firmware. Downtime is really expensive for huge manufacturing plants, especially if unscheduled (in addition to the machine[s] not producing value, your 500 workers a fiddling their thumbs), so you want to reduce the number of opportunities for this to happen. |