• Our solutions
  • Secure firmware update solution

A secure firmware update solution

Scale your product reach

Innovate with balanced product cost

Reduce product maintenance costs

Proekspert has developed a secure firmware update solution to be used in two case scenarios. With the goals of long life and high uptime expectancy, some device maintenance and upgrading can be accomplished through software updates.

Case 1. Licensing device firmware

Device makers need control over software that is run on their devices. Proekspert has developed a hardware-level license verification solution to determine if an end-user is eligible for software updates or new features.

Case 2. Preventing unintended device firmware updates

Updating devices over the internet or on-site by a technician poses risks of malicious usage and simple human error and may render a device inoperable, causing enormous expense, especially when the device is in a difficult to reach or remote location. To give device manufacturers more control in the software update process, Proekspert has developed a hardware-level device firmware authenticity validation solution.

Common risks when updating device software

Lack of trained specialists

Updating device software manually on site is costly for maintenance service providers (trained personnel, travel costs, complex on-site conditions, etc.).

Malicious users

Enabling remote update functionality over the internet exposes a device to malicious users who may tamper with the device by altering the original firmware update package.

Unverified sources

Updating offline device software locally by a specialist or end-user requires confidence the updater has the specific firmware image coming from an authentic source which is built for the specific device.

Unintended features

Installing a software update can enable or disable features that were not meant for a specific user type or machine model. This may ruin the user experience or break important features.



How it works

Proekspert’s firmware authenticity verification software uses a crypto processor chip (TPM) integrated with a device’s motherboard to automatically verify an update file signature and/or decrypt a previously encrypted firmware update package. Each TPM is unique, so on the device software development side the firmware is signed or encrypted for devices one by one. When a device updater discovers firmware with an incorrect signature or encryption, the update process halts without altering already installed software.

Our solution enables

Protecting a device against manual invalid FW updates

Protecting a device against malicious usage and network attack

Offline mode updates are under better control

Ability to permit device-level software licenses

Secure FW update from a cloud service


Get in touch

Today, online connected devices are becoming more and more common. Also, device manufacturing companies are preparing for compliance with the forthcoming EU Cyber Resilience Act.

Proekspert has comprehensive expertise in developing custom industrial device security solutions. For 30 years we have helped our clients develop device security and update solutions. In addition of building custom firmware update solutions we are experienced in using over-the-air (OTA) and various industrial communication protocols and mediums.

If you’re looking for an experienced embedded software solutions development partner to improve your device security, feel free to contact us.

Please fill all the mandatory fields (marked with *).

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Thank You!

Your message has been sent. Our team will get back to you as soon as possible!

Jukka Antero Halttunen

Embedded Software and Systems Lead


Go smarter with Proekspert.

Please fill in the contact form below and we'll get back to you as soon as possible.

Thank You!

Your message has been sent. Our team will get back to you as soon as possible.

Close this window
Close icon