Managing IoT Software Updates at Scale: Our Acquisition of Upswift

With the increasing proliferation of connected devices, it might be assumed that deploying software to devices, providing incremental updates, application security and IoT device management at scale are all rolled into companies’ DevOps pipelines as one big happy portfolio. Sadly, this has not been the case to date. Most IoT software updates and management solutions today are operated in a complete silo from corporations’ DevOps processes. 

Today, we are pleased to announce that we are moving boldly to invoke a change in the industry with our acquisition of Upswift. This acquisition will enable companies to extend their digital transformation initiatives and modern DevOps pipelines (which JFrog is already a main provider of) into new and growing domains of distributed edge computing and IoT. 

This move brings many DevOps and DevSecOps processes and principles – including automation, traceability and security – into the realm of deploying, monitoring and updating connected device software, which will now be fully integrated into a modern DevOps platform.  

This fills a gap in the market whereby deployment to – and ongoing management of – devices and software updates are now first-class citizens in the continuous software delivery story. 

Why Upswift?

As noted, most software development and DevOps solutions are optimized for CI/CD in cloud and datacenter environments and assume an immutable infrastructure that can be spun up and down from a template, and not to a fleet of well-known runtimes.

These tools are not optimized or built to deliver software updates into distributed edge and IoT environments, nor handle the scale and complexity of continuously delivering software to thousands (or even millions) of edge and IoT devices, which may or may not always be online and which normally do not allow any incoming connections.

The Upswift team’s expertise and approach are an ideal match for JFrog to effectively solve this issue in two categories: people and technology.

The People

The powerhouse team of Upswift is made up of innovative individuals with a singular focus of solving the challenges of managing any device in any environment as if it were located in the same office. Their engineering team is focused on remotely managing and updating any Linux-based IoT (or other IoT) device from anywhere. This team will immediately enhance the JFrog R&D group with IoT software update expertise, IoT edge management and device lifecycle management know-how. Additionally, the team has a proactive, agile, problem-solving culture that has burgeoned into a viable commercial platform in a short period of time. 

The Technology

Upswift boasts modern, proprietary device update and management technology, with the ability to not just deploy software to devices, but also provide remote control, continuous monitoring, visibility and security control of a wide range of edge and IoT devices. They currently manage edge devices across the globe, with customers in many different sectors. We were quite impressed with their technology’s maturity and prowess, and immediately noticed the following differentiators:

1. 1. Simplified edge application delivery to devices by providing a developer-first approach for coding and automating the update logic, integrated into existing DevOps workflows.
   2. The ability to provide both file-system updates and container updates to edge and IoT devices over the air (OTA) across distributed environments and unreliable networks.
   3. The ability to access and control devices remotely, allowing remote troubleshooting and support from a single web platform.
   4. Comprehensive distributed fleet management that provides visibility into security, versions, location, arrangement, log and other data across all devices.
   5. Edge device monitoring with the ability to rapidly understand the state, resource availability and performance of a device, with automatic anomaly detection.

What Does This Mean for JFrog Customers?

Using Upswift technology, developers and DevOps engineers already can fully automate IoT software updates.

As we integrate Upswift technologies into the JFrog Platform over time, they will be able to use JFrog’s end-to-end capabilities to manage a 360-degree complete release cycle of edge and IoT applications from coding and deployment, to maintenance and updates, including fleet management.

By integrating the two technologies, software releases managed in the JFrog Platform can be natively distributed to IoT edge devices, reducing deployment time and improving operational efficiency, while maintaining the full chain of custody of these releases across the CI/CD cycle under a single pane of glass. This data includes SBOM information, such as CI metadata (BuildInfo), release and deployment metadata (ReleaseInfo), and pipeline metadata (PipeInfo).

Simply, DevOps engineers and developers will be able to consolidate the management and automation of the release cycles of both backend and device software under the universal JFrog Platform.

By leveraging JFrog’s security technologies, the extended JFrog Platform will further allow security teams to broaden visibility, continuously monitor risks in software deployed in thousands of devices, identify attacks and remediate vulnerabilities in specific groups of affected devices. Visibility into updates, health, state and more will also be available from anywhere.  

Finally, the combined solution will not only provide a single platform for software updates, but also for runtime and edge management.

JFrog’s vision for an end-to-end solution based on our joint technology will provide:

• Delivery from code to device, with full automation capabilities across the DevOps process across development, security, distribution and device deployment
• Complete visibility of a binary’s release through the full DevOps pipeline, including deployments and incremental updates
• Full integration with JFrog Platform solutions to allow simplified, secure management of releases to the edge
• Extension of security to devices, delivering DevSec capabilities beyond just the DevOps pipeline processes onto the broad IoT landscape
• Simplification of OTA updates across large fleets of edge and IoT edge devices with secure updates from anywhere
• Device update management at scale, including real-time status of the device state, health and running applications
• Update abilities for software directly to the IoT edge, securely delivering file-system updates and container updates across a distributed fleet of connected IoT devices
• Monitoring and control for Linux-based devices across a distributed edge at scale from any browser, managing devices as though they are locally located
• Abilities to go beyond continuous deployment solutions that just “get it there” with an always-on agent, enabling behind-the-firewall delivery, monitoring, logging and customized alerts

How Is the Solution Different?

We believe alternative solutions in the market today can be boiled down to just a few categories:

1. Cloud providers currently offer some solutions for IoT or fleet management, but the process is most often siloed from the rest of the development cycle, which requires additional investment in “connecting the dots” and lends itself to expensive vendor lock-in.
2. Specific IoT or device management vendors solve isolated problems at the edge of software delivery, but have very opinionated and vendor-specific methodologies, even extending to OS installs and mandating the adoption of full runtime solutions. This is costly and also encourages vendor lock-in. 
3. Homegrown and cobbled-together solutions for IoT management most often utilize solutions not designed for fleet management or IoT updates at scale, focusing often on one aspect of the device update issue, such as software provisioning or delivering in the same way they might to a datacenter. This provides incomplete, internally-managed solutions at high cost and customized integrations.

Overall, these options do not natively integrate with the development cycle, can lend themselves to opinionated vendor lock-in that spans into the runtime, and do not have the agnostic flexibility across fleets.

The joint solution of JFrog and Upswift will allow the JFrog Platform to retain runtime flexibility/agnosticism and require only a very small, lightweight agent to be installed on the device itself, scaling rapidly while being delivered via current CI/CD processes.

The Future

JFrog’s Liquid Software vision demands completely secure, seamless, automated delivery of software updates from code to device – and back again. With Upswift technology, JFrog will provide the only DevOps solution that delivers a seamless, 360-degree impact on the entire DevOps cycle from developers to IoT devices.

I look forward to exploring the edge frontier and sharing our vision with you! Join Upswift CEO Amit Ezer and me on Oct. 7 at 10 a.m. PT for the webinar “JFrog and Upswift: Bringing IoT Software Updates to DevOps,” in which we’ll discuss the acquisition and the future of JFrog’s connected device technology.