Firmware: To upgrade or not to upgrade?

Sebastian Hultqvist

I recently installed a new smart home hub. After an undisclosed number of hours well spent, I got it integrated nicely with appliances throughout the house. By the time I emerged from under my duvet, roused by the daylight which flooded in when my shutters automatically opened, my coffee machine was happily bubbling away, and the radio news was keeping me well informed.

Over the next couple of weeks all my family and our guests had to do was listen to how marvelously this worked, and they only had to fake their interest a little. But then one morning we woke up in darkness and silence with – worst of all – no coffee, and my family’s appreciation for our smarter home dropped quite rapidly.

Apparently, the smart home hub had performed a firmware upgrade during the night and broken my previously perfect integration.

This shines light on one of the major contradictions in the security industry today: whether firmware updates help or hinder the integrity of systems. Many abstain from firmware upgrades as, once they have purchased a system and it fulfils the purpose, they reason that there is no need to undertake a costly upgrade and risk system compatibility issues.

The reluctance to perform upgrades is understandable. New firmware might require an update of third-party software to maintain compatibility and – guess what – that new version requires a new OS which is not supported by your current hardware. It is enough to have been down this road once to understand why the motivations for an upgrade will be scrutinized.

However, by not updating the system, over time businesses are exposing themselves to an increasing risk. If their system is not regularly maintained through an update, the firmware will gradually become more susceptible to security vulnerabilities which can cause serious financial damage or system down time. Firmware updates return security to the same or a higher level as the original. The last few years have seen an increasing number of cyberattacks. Unpatched systems are one of the first things targeted. In addition, not updating firmware also causes businesses to miss out on stability improvements, preventing them from reaping the full benefits of their equipment.

Damned if you do and damned if you don’t

There’s a practical requirement for a solution that mitigates risks and vulnerabilities encountered from ignoring a system upgrade. Ideally, such a system should allow businesses to obtain regular maintenance for the system, without disrupting the existing system compatibility. It is not enough to have a long period of guaranteed software support, you also need to be confident that each upgrade will not create havoc with your system.

The IT industry has for long been exposed to this problem and the concept of Long-term Support (LTS) releases is known as a good remedy, and one which we have been providing for five years now. Specific LTS tracks receive only security and stability improvements but no new features, keeping compatibility changes to a minimum. This allows quicker patching without the need to re-qualify the entire system. With the correct firmware track adopted, the fear of upgrading can be effectively addressed and in the long run regular firmware maintenance is a beneficial investment to make.

My hope is that eventually firmware upgrades in the security industry will be viewed with less drama. Adopting best-practice solutions like LTS, which resolves many of the concerns raised, make the question in the title of this post redundant, and hopefully supplies hot coffee for everyone.

Find more information about Axis LTS release tracks.

Click here!