Skip to main content

Over-The-Air Update Solutions


Over-The-Air (OTA) update is a way to remotely update your software on an embedded system. In other words, it makes it possible to update and fix your software as well as deploy new features, and patch security vulnerabilities without physically interacting with the device. This allows customers to have a much better and streamlined experience and also helps you to comply with cyber-security regulations.

Torizon is the recommended approach for all customers looking for an OTA solution, through the Remote Updates feature. It was built from the ground up to be fully integrated with Toradex hardware, and also offers a companion set of tooling for a great developer experience.

A system working like this demands robustness. A faulty update, following a network issue or power loss while updating, can brick your device, demanding a complete recovery. Therefore, OTA updates should be carried out atomically, providing a rollback to the last working version in case an unexpected event occurs leading to failure. Also, a system like that demands security. Because it grants a way to change the entire filesystem over the internet, this structure has to implement security checking features, such as TLS communication, to ensure confidentiality, as well as signature hashes for integrity and authenticity checking.

The OTA update system can also provide some kind of versioning method, which allows updates to download only the delta (diff) instead of the full rootfs as this saves a lot of time and internet usage. Note that not only you can update the entire rootfs, but also single applications libs or even a mix between all of that, should you want to.

OSTree is a library - actually libostree - that handles updates for filesystem trees, that is, the entire Linux root filesystem. OSTree is the preferred technology to deploy Over-The-Air updates for Toradex Modules. OSTree is a key technology used by Torizon Remote Updates, which is based on Aktualizr.

Besides choosing to use an OTA Update platform, developers must also choose which one to pick. You can develop your own solution, implement existing, open-source software, or use paid, out-of-the-box services. Toradex offers a variety of solutions through operating systems, partners, and services. In this article, we will show solutions for Over-The-Air updates both provided by Toradex and third-party companies.

Torizon Remote Updates

Torizon Remote Updates is the OTA method provided by Torizon, our easy-to-use embedded Linux platform.

Torizon Remote Updates is a complete solution that covers both the device and the server side, providing seamless integration of hardware and software.

Device: our own Operating System, Torizon, makes use of OSTree: "a shared library and suite of command-line tools that combines a "git-like" model for committing and downloading bootable filesystem trees, along with a layer for deploying them and managing the bootloader configuration", as explained at the Torizon Remote Updates article. In this case, Aktualizr, an open-source implementation of Uptane (a very secure software update system design), is used as a supervisor, checking authentication and integrity, handling the security part of OTA.

Server: Toradex provides a hosted server for its customers, the Our solution is integrated with the Torizon Cloud which makes it easy to keep the Torizon OS up-to-date with the latest software from Toradex, as well as make it easier to manage and deploy both system updates and containerized applications to remote devices.

Torizon Remote Updates web app

To learn more, visit the Torizon Remote Updates article.

Third Party Solutions

Android Update Factory - Kynetics

Kynetics is a software development company providing customized U-Boot, Secure Boot, Drivers, Linux Kernel, Android HAL, and embedded Android and Linux Operating Systems. In addition, to help speed up development to production timelines, Kynetics offers an over-the-air embedded OS builds delivery platform: Update Factory, which remotely updates your Android or Linux OS: kernel, userspace system and applications. For more information visit:

Kynetics also provides a Partner Demo Image that you can install and test the Update Factory directly with Toradex Easy Installer. For more information visit:

Mender is an end-to-end open source software updater for embedded Linux devices that allows secure image-based updates using HTTPS and the A/B partitioning method. It includes both the client and management server providing tools to build, deploy and manage your software OTA. They offer a commercial solution named Hosted Mender, it is a cloud implementation for the server-side part of Mender.

Balena (

Balena, known in the past as, provides a set of tools for building, deploying, and managing fleets of connected Linux devices. Their core platform, balenaCloud, encompasses device, server, and client-side software, allowing you to push code to the Balena build servers, where it will be packaged into containers and delivered to your fleet.

Linux microPlatform OTA - offers Linux microPlatform. It is comprised of secure updatable firmware, kernel and a minimal distribution built using Open Embedded/Yocto, to run applications and Containers on SoCs.


Qt offers an OTA Module that enables OTA Updates functionality in embedded Linux images built with meta-boot2qt. This solution is based on OSTree and features atomic updates, GPG signing and pinned TLS, efficient Disk Space handling, optimized bandwidth usage and rollback support, among other things. To learn more, visit:

BlackBerry QNX Over the Air (OTA)

QNX is a secure and safe RTOS. BlackBerry, the owner of the operating system, also provides a full OTA solution named BlackBerry QNX Over the Air (OTA). This solution leverages field-proven BlackBerry security technology such as Certicom PKI and works seamlessly with the BlackBerry Jarvis binary static application security testing (SAST) platform.


Beyond Development: Torizon

Meeting the Challenge of OTA for Embedded Linux Systems

Send Feedback!