Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

An update on MCUBoot (The IoT Bootloader) - SFO17-118


Published on

Session ID: SFO17-118
Session Name: An update on MCUBoot (The IoT Bootloader)
- SFO17-118
Speaker: David Brown - Aditi Hilbert
Track: LITE

★ Session Summary ★
Last Connect, we introduced mcuboot, the IoT bootloader used by Zephyr and mynewt. Now that we’ve had a release, this session gives an update on the project, what’s been done, and what is coming.

The open source MCUBoot project hosted by Runtime to provide an operating system-agnostic secure boot loader for 32-bit microcontrollers has been ported to multiple operating systems, specifically, the Apache Mynewt OS, the Zephyr OS, and the Riot OS. An overview of the features in the first successful release of MCUBoot project will be presented along with the use cases that drive the requirements for them. The talk will touch on the utilities included in the project such as a tool to sign images, a simulator for testing and regression etc. It will discuss why MCUBoot, with its memory footprint, performance, security considerations, product-driven goals, and ease of porting, is a compelling choice for an OS on constrained IoT devices. Finally, the near and long-term feature roadmaps for the project will be presented.
★ Resources ★
Event Page:

★ Event Details ★
Linaro Connect San Francisco 2017 (SFO17)
25-29 September 2017
Hyatt Regency San Francisco Airport

Follow us on Social Media

Published in: Technology
  • Be the first to comment

An update on MCUBoot (The IoT Bootloader) - SFO17-118

  1. 1. MCUboot Followup: The IoT Bootloader David Brown
  2. 2. ENGINEERS AND DEVICES WORKING TOGETHER Introduction ● At BUD17 we gave an intro to MCUboot ● Since then, we’ve had a 1+ releases ● What’s been done, what have we learned ● The release process
  3. 3. ENGINEERS AND DEVICES WORKING TOGETHER Features ● Stable bootloader ● Two supported upgrade methods: ○ image swap ○ overwrite ● Digital signatures: RSA, ECDSA, (soon Ed25519) ● Modular design - Portable across OS’s
  4. 4. ENGINEERS AND DEVICES WORKING TOGETHER Project metadata ● Have a project website: ● JIRA for issue management: ● Code hosted at Github: ● Slack channel (see for invite link) ● Much thanks to for hosting
  5. 5. ENGINEERS AND DEVICES WORKING TOGETHER Releases ● Version 0.9.0 ○ Most features intended for 1.0 ○ Decided to release 0.9 to avoid stalling the process ● Version 1.0.0 ○ Important image format change ○ Most other requests pushed to future versions
  6. 6. ENGINEERS AND DEVICES WORKING TOGETHER Portability ● Can be built as an app for Zephyr or Mynewt ● Support for booting applications on Zephyr, Mynewt or Riot ● Porting abstraction layer based on Mynewt Flash HAL ● Zephyr uses devicetree to describe partitions, this is used by MCUboot built with it
  7. 7. ENGINEERS AND DEVICES WORKING TOGETHER ● Mynewt has ‘newt’ tool to build and generate images, and sign as well ● Wrote ‘’ for managing Zephyr (and other) images ○ keygen: Generate private/public keypairs to use for signing ○ getpub: Extract a public key as C source to be included in bootloader ○ sign: Add a signature to an image ● On Zephyr side ‘samples/zephyr’ Makefile can: ○ build MCUboot for a given platform, using Zephyr ○ build two “hello world” programs, also on Zephyr ○ sign each image with a distributed sample key ○ flash the various configurations to show upgrades
  8. 8. ENGINEERS AND DEVICES WORKING TOGETHER The Simulator ● Despite desire, MCUboot is still complicated ● We were finding bugs that were hard to reproduce ● So, we wrote a simulator ● Compiles on a host machine along with the simulation ● Is able to test various configuration of images, upgrades and signatures ● Tests recovery of untimely upgrade interrupts, simulating power loss ● Many fixes have gone in because of this ● Run by Travis on every pull request given to github
  9. 9. ENGINEERS AND DEVICES WORKING TOGETHER The future ● Open issues: ● Support external flash, run from internal, upgrade/scratch in external ● RAM loading support, for non XIP devices ● Ed25519 signatures ● Build as Riot app ● Porting to additional OS’s ● Queries about bootloader from running app (for OTA upgrades) ● Two stage bootloader, first stage entirely in ROM
  10. 10. Thank You #SFO17 BUD17 keynotes and videos on: For further information: