Thesis:

Architecting OTA update systems for Iot: a quality-attribute-driven systematization

The rapid expansion of Internet of Things (IoT) applications requires robust mechanisms to ensure the security, reliability, and maintainability of embedded software throughout its lifecycle. Over-the-Air (OTA) update systems play a central role in enabling the continuous evolution of IoT deployments. Despite their importance, OTA solutions are often designed in an ad-hoc manner, supported by fragmented guidelines that lack a structured basis for selecting mechanisms and techniques aligned with the quality needs of IoT systems. This thesis presents a consolidated catalog for designing OTA update systems in IoT environments, developed through a review of academic and industrial literature. The catalog comprises 34 techniques organized into six OTA update mechanisms, each with representative use cases and a mapping to relevant quality attributes that make beneficial and adverse impacts explicit. The catalog was evaluated through a controlled industrial experiment involving 10 engineers, balanced between novices and experts, who designed an OTA update system for a real application scenario using either their prior knowledge and experience or the catalog. This thesis offers five contributions: (1) it defines six mechanisms that structure the end-to-end update process; (2) it introduces DeOTA-IoT, a novel catalog of 34 techniques for designing OTA update systems for IoT, systematically organized into the six OTA update mechanisms defined; (3) it clarifies the notions of technique and mechanism within the OTA context, providing precise architectural definitions that have been missing from previous studies; (4) it reports an experimental validation conducted in an industrial setting, using real subjects and tasks to assess the catalog's practical usefulness; and (5) it provides a quality-attribute trade-off analysis that evaluates each technique across key attributes such as security, scalability, performance, availability, interoperability, reliability, privacy, energy management, flexibility, and evolvability, using a 5-point Likert-style bipolar scale. Together, these contributions establish a coherent foundation for systematic and quality-aware OTA update system design.