% ----------------------------
\section{Process Updates}
\subsection{swupdate}

% ----------------------------
\begin{frame}{Overview}
\begin{center}
\includegraphics[width=8cm]{images/update_swupdate_overview.png}
\end{center}
\end{frame}

% ----------------------------
\begin{frame}{Features I}
\begin{itemize}
\item Open-Source (GPLv2)
\item Bootloader, OS, FPGA images
\item Streamable Updates
\item Multi-Target Updates
\item Powerfail Safe
\item Crypto Support
 \begin{itemize}
 \item Image signing (Integrity)
 \item Image encryption (Protection)
 \end{itemize}
\item Fully Customizable
\item Extendable
\end{itemize}
\end{frame}

% ----------------------------
\begin{frame}{Features II}
\begin{itemize}
\item build-in Handlers
 \begin{itemize}
 \item raw
 \item File-based
 \item MTD
 \item UBI
 \end{itemize}
\item build-in Deployment Interfaces
 \begin{itemize}
 \item Local Files
 \item Network (pull)
 \item Web Interface (push)
 \item hawkbit Deployment Server (push)
 \end{itemize}
\end{itemize}
\end{frame}

% ----------------------------
\subsection{Streaming}

% ----------------------------
\begin{frame}{Update Container}
\begin{itemize}
\item Update Container Format:
 \begin{itemize}
 \item serialized
 \item streamable
 \item 1st Element: Description
 \item 2nd Element: Description Signature
 \end{itemize}
\item Description Elements
 \begin{itemize}
 \item Image Format
 \item Image Size
 \item Image Hash
 \item Install Target
 \item Install Handler
 \end{itemize}
\end{itemize}
\end{frame}

% ----------------------------
\begin{frame}{Update Container Format}
\begin{columns}[onlytextwidth]
 \begin{column}{0.45\textwidth}
 \begin{itemize}
 \item File Format: cpio
  \begin{itemize}
  \item open file format
  \item widely used
  \item indexed
  \item good tooling support
  \item supports seek (e.g for Streaming)
  \end{itemize}
 \end{itemize}
 \end{column}
 \begin{column}{0.45\textwidth}
  \begin{center}
  \includegraphics[height=0.7\textheight]{images/update_swupdate_format.png}
  \end{center}
 \end{column}
\end{columns}
\end{frame}

% ----------------------------
\subsection{Security}

% ----------------------------
\begin{frame}{Update Verification}
\begin{itemize}
\item Update Signature Verification Enforcement
\item Signature ensures Integrity of Update Description
 \begin{itemize}
 \item Integrity Verification early in Update Process
 \item hash-based Image and Script Validation
 \item No Image Download on Integrity failures
 \end{itemize}
\end{itemize}
\end{frame}

% ----------------------------
\begin{frame}[fragile]
\frametitle{Signed Update Layout}
\begin{beamerboxesrounded}[shadow=true]{sw-description}
\begin{scriptsize}
\begin{verbatim}
[...]
stable =
{
  sys_a =
  {
    images =
    (
      {
        filename = "rfs.ext3.gz";
        sha256 = "32df9a4057c858abd2ce64b8bffd2722bd2502d257f221b15295bd9fb85c325b";
        [...]
      }
    );
    scripts =
    (
      {
        filename = "10_markB.sh";
        sha256 = "cbe23f93b00fb758690fc09867c9758b74a15d10522bcc5a4a51f881d2dde0a6";
        type = "postinstall";
      }
    );
  };
[...]
\end{verbatim}
\end{scriptsize}
\end{beamerboxesrounded}
\end{frame}