3 Steps to perform ESP8266 Secure OTA Update

As the previous follow up to the Magic 8 Ball with ESP8266, I am extending this to add the code for OTA (On The Air) update. This will ensure that we can update the code without having to plug the ESP8266 to the USB, but this is done through “On The Air” update. The OTA update seems to be a lot faster than the USB connection for some reason.

For Security purposes we don’t want random people who have access to our network being able to perform the update over the air, therefore we added an extra layer of security so that we need to enter the password before the OTA update can be done. Here are the steps how this can be achieved.

Step 1. Include the Arduino OTA Library

You can include the arduino OTA library as per the below code:

#include <ESP8266mDNS.h>
#include <ArduinoOTA.h>

Step 2. Setup() Section

Add the following code to the setup() section:

void setup (){
...
// OTA code
   ArduinoOTA.setHostname("MAGIC8Ball");
   ArduinoOTA.setPassword((const char *)"setyourpassword");
   ArduinoOTA.begin();
   ArduinoOTA.onStart([]() {
     display.clear();
     display.setFont(ArialMT_Plain_10);
     display.setTextAlignment(TEXT_ALIGN_CENTER_BOTH);
     display.drawString(DISPLAY_WIDTH/2, DISPLAY_HEIGHT/2 - 10, "OTA Update");
     display.display();
   });
   ArduinoOTA.onProgress([](unsigned int progress, unsigned int total) {
     display.drawProgressBar(4, 32, 120, 8, progress / (total / 100) );
     display.display();
   });
   ArduinoOTA.onEnd([]() {
     display.clear();
     display.setFont(ArialMT_Plain_10);
     display.setTextAlignment(TEXT_ALIGN_CENTER_BOTH);
     display.drawString(DISPLAY_WIDTH/2, DISPLAY_HEIGHT/2, "Restart");
     display.display();
   });  
...
}

The setHostname function allows you to set the name of the ESP8266 so that it is much easier to tell especially when you have a few devices in your network that support OTA.

The setPassword function allows you to password protect the OTA. The system will prompt you the second time you are trying to perform the OTA. This is shown in the following picture:

The onStart function will get called when the OTA process started. In this example of the Magic 8 ball with OLED screen we are showing the “OTA update” text on the OLED display when the OTA starts.

The onProgress function will get called in the middle of the OTA update, so this is the perfect location to put the OTA status indicator. In this example we are displaying the update progress in the OLED screen of the magic 8 ball.

The onEnd function will get called when the OTA update is completed. In this example we are showing the “Restart” text when the OTA process finished just before the ESP8266 restarted.

Step 3. Loop() function

In order the ensure that the ESP8266 always listen to the OTA we need to insert the following code in the loop function.

void loop(){
...
ArduinoOTA.handle();
...
}

That’s all and once you have modified the magic 8 ball code, and uploaded it to the device, you should have a working Magic 8 ball that supports OTA update. If you like to download the code that I have used for this tutorial, you can downloaded it here.

Other considerations

There are some requirements that needs to be fulfil for the OTA to works, first of all the Flash chip size needs to be big enough to hold the old code (the one that is currently running) and the new code (OTA) at the same time, so you will need to plan this to ensure that there is enough memory space to hold both. The other consideration is that the module that will be updated needs to be in the same network as the computer with Arduino IDE that will perform the OTA update. The disadvantage is then you are not able to use serial port to perform the code debugging if there is anything wrong with your code.

Hopefully you are finding this post useful and please drop me a line and don’t forget to subscribe for more regular update on other IoT circuits.