Bosch Thermotechnology: ensuring reliable updatability while meeting security requirements
With Bosch.IO providing the system update service for all generations of its devices, Bosch Thermotechnology has laid a foundation on which they can build further services for their connected products.
Intelligent control for HVAC systems
Bosch Thermotechnology provides several services for heating, ventilation and air conditioning (HVAC) devices: end customers can intelligently control their devices via a smartphone app, while heating contractors can rely on remote maintenance services. Since the service provider started its connectivity business, much has changed: by now, there are three different generations of connectivity devices. While older devices are simply boxes in the boiler room with no direct function for end customers, new gateways are sleek smart home devices that can quickly adjust the temperature.
Keeping it up to date? Updatability as a challenge
In the past, Bosch Thermotechnology provided software update services on its own.That worked well for a while, but as the number of connectivity gateways grew, it became increasingly difficult to keep them all up to date. By now, hundreds of thousands of devices from three different generations require regular and reliable updates. Further, neglecting older generations is not an option: since heaters have a long lifecycle, their gateways need to run just as long; the functionality of legacy devices (devices that aren’t produced anymore) must be ensured for up to 15 years and more. As Ulrich Schmitt, Excellence Owner IoT at Bosch Thermotechnology, recalls: “Providing updates for all of these devices from different generations forced us to operate outside our core service business.” With more and more devices, timing and performance problems also arose, resulting in high costs: “Keeping the software up to date and closing security gaps was no longer reliable or profitable.”
Adapting to the present
Bosch Thermotechnology turned to Bosch.IO to meet these challenges together. “A critical factor in our decision for Bosch IoT Rollouts was the willingness of Bosch.IO to also update our legacy devices,” says Schmitt. Since the legacy devices relied on communication protocols which weren’t compatible with Bosch IoT Rollouts, Bosch.IO needed to develop special software adapters. “The biggest challenge with these adapters lay in the volume of individual cases. The question was how to connect the individual devices and how to get the right expertise to the right place,” states Schmitt.
Today, Bosch IoT Rollouts provides the entire service for all software updates. The conversion took place gradually over several months and without any disruptions for customers: new devices were moved to Bosch IoT Rollouts first, followed by the legacy devices. Additionally, Bosch.IO and Bosch Thermotechnology developed a way to analyze the status of software updates: “With data on several hundred thousand devices, it was essential to find a way to sort it out,” says Schmitt. “We wanted to know the statistics: how many percent of the devices are already updated? What’s the problem with the devices that didn’t receive updates: did the update malfunction or was it rejected by the user?”
New encryption technology – a win-win collaboration
But the collaboration between Bosch.IO and Bosch Thermotechnology didn’t end with the conversion: the two partners are now working together closely to develop additional features for Bosch IoT Rollouts. One big factor: IT security. Not only does Bosch Thermotechnology have demanding IT security requirements, but there are also new, stringent EU directives that must be adhered to. As of 2022, for example, customers must confirm all software updates before they can be installed. Accordingly, Bosch.IO developed an in-app pop-up that asks for consent before each update. Furthermore, Bosch Thermotechnology requested the integration of additional IT security measures to encrypt underlying files: that way, if files are ever intercepted, they can’t be read. These innovations will now benefit other Bosch IoT Rollouts users, too: “Our experiences with the encryption and artifact signing have been truly enlightening. No matter if we’re talking about HVAC, e-bikes or other products – security requirements are the same across domains,” says Jeroen Laverman, Product Owner of Bosch IoT Rollouts.
Looking back, both Bosch Thermotechnology and Bosch.IO are more than satisfied with the collaboration: “We tackled and overcame every challenge together. Bosch.IO provided us with proactive and constructive advice,” says Schmitt. An additional benefit: as part of the Bosch universe, Bosch.IO knows all the legal requirements and is familiar with the internal processes. For Laverman, the use case is a prime example of Bosch.IO’s expertise as a co-developer: “At Bosch.IO, we see ourselves as enablers. By outsourcing the IT infrastructure to us, Bosch Thermotechnology can now concentrate fully on its key business and core strengths again.”