AB partitions: a path to robust OTA updates for Linux

At Embedded World Nuremberg 2025, Joël Guittet from The Embedded Kit and Josef Holzmayr from Mender discussed A/B partitioning, offering practical insights and best practices for firmware updates. Read the synthesis of their discussion below.

The importance of firmware and software update

Whether you’re building an EV charger, a medical device, or any other connected product, you’ll need regular firmware and software updates.

Why? Because during the product’s life, you’ll need to fix bugs, optimize performance (like reducing boot time), and add new features to keep users engaged.

Plus, regulations like the Cyber Resilience Act (CRA) and Radio Equipment Directive (RED) require you to fix vulnerabilities to ensure safety in the field.

So, how do we do that?

AB partition: a method to implement robust OTA updates

If you’ve been in this business for long, you probably remember copying files back and forth using shell scripts and hoping nothing breaks.

Spoiler: it usually does.

That’s why AB partitions were invented.

A/B partitioning, or active/inactive partitioning, means you have:

  • an A partition for the active root file system
  • and a B partition for the inactive one, which holds a copy of the system.
A/B partition

How does it work?

  1. The system runs on the A partition.

  2. A new full system update arrives. It gets written to the B partition without impacting the current operating system.

  3. If the writing process completes successfully, the update mechanism signals it’s time to reboot. The bootloader flips the A and B partitions, booting into the B partition.

  4. If the boot process is successful and all checks pass, the update is committed and reported as successful.

    If something goes wrong, like a failed startup routine or a bootloader issue, the system rolls back to the A partition, ensuring the device remains functional with the old software.

Tips & tricks

At The Embedded Kit, we recommend splitting the system to manage different parts of your device separately. Identify the partitions to update and divide the system accordingly.

For example, separate the boot directory, root file system, and application into different partitions, each with an A and B version. Once you’ve designed the system and identified the partitions, set up the necessary tools and integrate them with the bootloader.

AB partition organization

Testing is crucial to verify that updates are applied correctly or rolled back in case of failure.

You will also need to consider the conditions for marking updates as permanent, such as network connectivity and proper execution of the end-user application.

A/B partitioning best practices

Split data

Understanding your data and its modifications is key. Consider splitting your data into more fine-grained partitions rather than relying on a single data partition.

For example, use separate partitions for Docker containers, log data, and application data. This approach helps prevent issues like data partition overflow, which can disrupt the update process.

Bootloader considerations

Bootloaders are a single point of failure, so treat them as persistent and avoid changing them unless necessary. Plan for bootloader updates early in your product lifecycle, considering the hardware and starting process requirements.

Update confirmation

Last but not least, you’ll need to confirm that the update went well.

First, ensure that the system has properly started. Verify that applications are executing correctly and that databases have been migrated.

Next, check that connectivity is still functioning as expected. This ensures that the device is not unreachable and can still be updated again later.

Only confirm the update if all checks succeed. Otherwise, it is better to roll back to the previous image to avoid the device being blocked.

Update confirmation in A/B partitioning organization

Storage limitations

A/B partitioning requires twice the storage space, but this is manageable with today’s technology. For example, a 512 MB device can easily accommodate A/B partitions. However, remember to allocate space for future updates to avoid locking the system as it grows.

A/B partitions in a nutshell

AB partitioning involves a specific organization of your system where an update is installed on a passive partition, ensuring safety as the system is not actively running on it.

Once the update is complete, the bootloader switches the partitions.

Based on the results, the update is either confirmed as permanent or rolled back to the previous system, ensuring the device remains functional.

AB partitioning for robust OTA update

To go further on AB partition

For more information, watch the recorded session with the Mender team from Northern.tech.

Related content

Discover more from The Embedded Kit

Subscribe now to keep reading and get access to the full archive.

Continue reading