How OS Malevich updates

How OS Malevich updates

OS Malevich is a real-time operating system that manages the operation of Ajax systems control panels and range extenders.

Updates are an integral part of product development and improvement. They enhance the stability and security of an Ajax hubs operating system, optimize its performance, ensure compatibility with new devices, and expand its capabilities.

System updates do not follow a fixed schedule. We release updates whenever necessary to introduce new features, improve system stability, and provide higher security.

Hub operating system update

1. The hub checks for operating system updates on the server

Ajax Cloud

The encrypted firmware file for the hub is stored on the Ajax Cloud server, which does not know the keys and file encryption type. Access to the firmware database is provided only to a limited number of people in the company from the internal network of Ajax Systems. Since they have different access levels, no one can make critical changes and sabotage the system. All actions are logged and monitored, so the Ajax team knows exactly who made the changes and when. Internal safety regulations prohibit the use of passwords to access the firmware database. SSH keys are used instead.

The hub exchanges data with the server using the encrypted proprietary communication protocol. The authentication and verification system protects the server against spoofing.

The hub checks for operating system updates every 5 minutes. If the automatic update option is enabled in the hub settings, the update will start when the system is disarmed and connected to an external power source. If this option is disabled, the mobile app can install the update. If the security system is armed when the hub detects new firmware, the update is loaded in the background and installed after disarming the system. This does not affect the system operation at all.

Protection technologies:

  • access to the firmware database by SSH keys only;
  • access privileges and logging of changes to the server;
  • server authentication and verification systems;
  • using the encrypted proprietary communication protocol.

2. Transferring the update file from the server to the hub

Ajax Cloud

When the hub detects the update file, it downloads the firmware to the external flash memory. For this process, the hub uses any available communication channel with the server: Ethernet, Wi-Fi, or GSM. The download is done in the background, not affecting the system operation.

The time for downloading the update file may vary depending on the hub communication channel and the number of connected range extenders. The approximate firmware downloading time is shown in the table:

Only hub

Hub and 1 range extender

Additional range extender

10–20 min*

up to 1 hour

+ 40 min for each range extender

*Downloading time may be extended if the hub has only a 2G GSM communication channel.

The data transmitted between the hub and the server are protected by NIST-validated encryption within the closed binary protocol.

Protection technologies:

  • authentication;
  • encryption.

3. Checking the update file

Ajax Hub

The hub firmware is encrypted and signed with a checksum. If the firmware file is corrupted (intentionally or due to transmission errors), the update is ignored because the checksums will not match.

The checksum inside the decrypted firmware file will still not match the signature, even if the intruder corrupts the encrypted firmware file and substitutes the checksum. Therefore, the hub will reject the update file.

At most, the firmware file can be read from the external flash memory of the hub. However, it will take thousands of years to decrypt this file with the capabilities of modern computers.

The firmware file includes a system of markers and properties that are checked before the installation. Information about them is available to a limited number of people to prevent sabotage. If any marker or property fails validation, the update is canceled. Thus, the Hub will not install the firmware from Hub Plus.

Protection technologies:

  • verification of checksums, markers, and properties;
  • encryption.

4. Hub firmware update

Ajax Hub

During the update, the bootloader in the device microcontroller’s ROM reads the encrypted firmware file from the external flash memory of the hub.

The firmware is decrypted only inside the microcontroller, which cannot be accessed from the outside, so there is no possibility to read or substitute the firmware. After the firmware file is decrypted, the checksums are verified once more. This allows you to ensure that no data was corrupted during the decryption.

The bootloader inside the hub also controls the correct operation of the hub with new firmware. If critical errors or malfunctions are detected, the hub deletes the corrupted firmware version and reflashes to the latest stable release.

Only a limited number of people know how stable firmware is selected and how the correctness of its operation is controlled. This makes sabotage much more difficult. The bootloader itself is not updated, preventing sabotage of the firmware rollback mechanism.

Protection technologies:

  • checksum verification after decryption;
  • critical error control;
  • control the correct operation of the hub with a new firmware.

5. Required conditions for firmware update

To ensure successful and seamless system firmware updating, the following conditions must be observed before the start and during the procedure:

  • stable external power supply to a hub during the update;
  • stable internet connection while downloading the update (if connection is unstable, downloading may be interrupted and restarted);
  • a security system is disarmed (if the system is armed, updating will start once the system is disarmed);
  • Ajax fire detectors have no alarms triggered on the hub with OS Malevich 2.14 or higher.

If the system has ReX or ReX 2 range extender, the following conditions must be observed additionally to successfully update its operating system:

  • stable external power supply to a range extender during the update;
  • stable connection between the hub and a range extender.

👉 Range extenders operating system update

6. How to update a hub manually

Hubs are updated automatically by default. However, you can check for hub updates manually:

The function is available in the hub settings in the Ajax app (Hub → Settings → Services → Firmware update → Check for the new version).

After firmware update

The firmware update and the subsequent reboot of the hub take up to 10 seconds. After that, the hub reconnects to the server. The connection time depends on the number of active communication channels and does not exceed 30 seconds. Notifications about alarms and events are stored in the events feed even during the hub update.

An Ajax app displays the following notifications to inform about the start and the end of hub firmware update:

The automatic update is optional and can be disabled. To do this, go to the service settings of the hub (Devices → Hub → Settings (⚙️) → Service) and disable the Firmware Auto-Update option

After that, the hub will continue checking whether there are new firmware versions, but they will not be installed automatically. When new firmware is available, you will see a button to install the update in the app.

We release security updates for hubs for at least two years of the warranty period.

👉 The latest updates of the hub operating system

Ranges extender operating system update

Radio signal range extender update differs only in obtaining the firmware file. First, the file is downloaded from the Ajax Cloud server to the hub and then transferred to the range extender via the Cargo protocol that is based on the Jeweller radio communication protocol.

The firmware file transfer takes approximately 40 minutes for ReX and 30 minutes for ReX 2. During this period, the security system continues to operate in normal mode. As soon as the range extender receives the firmware file and the security system is disarmed, ReX will install the update. The firmware installation and subsequent ReX reboot take up to 5 seconds. Events and alarms of the security system devices do not get lost during the update.

Automatic updating of the range extender is controlled with the same setting as automatic updating of the hub. To disable the automatic updating, go to the menu: Devices → Hub → Settings (⚙️) → Service.