Eclipse hawkBit Creation Review

End Date of the Review Period: 

Reviews run for a minimum of one week. The outcome of the review is decided on this date. This is the last day to make comments or ask questions about this review.

Wednesday, November 4, 2015


Parent Project: 

Updating software (components) on constrained edge devices as well as more powerful controllers and gateways is a common requirement in most IoT scenarios.

At the time being, this process is usually handled by the IoT solution itself, sometimes backed by a full fledged device management system. We believe that this approach generates unnecessary duplicate work in the IoT space, in particular when considering the challenges of implementing a safe and reliable remote software update process: the software update process must never fail and also must never be compromised as, at the one hand, it can be used to fix almost any issue/problem on the device but at the same time also poses the greatest security threat if mis-used to introduce malicious code to the device.

In addition we believe the software update process to be relatively independent from particular application domains when seen from the back end (cloud) perspective. Updating the software for an entire car may differ from updating the firmware of a single sensor with regard to the connectivity of the device to the cloud and also to the complexity of the software package update process on the device. However, the process of rolling out the software, e.g. uploading an artifact to the repository, assigning it to eligible devices, managing the roll out campaign for a large number of devices, orchestrating content delivery networks to distribute the package, monitoring and reporting the progress of the roll-out and last but not least requirements regarding security and reliability are quite similar.

Software provisioning itself is often seen as a sub process of general device management. In fact, most device management systems include functionality for triggering groups of devices to perform an update, usually accompanied by an artifact repository and basic reporting and monitoring capabilities. This is true for both systems specifically targeting IoT as well as systems originating from the mobile area.

Existing device management systems usually lack the capability to efficiently organize roll outs at IoT scale, e.g. splitting the roll out into sub groups, cascading them, automatically stopping the roll out after a defined error threshold etc. They are also usually restricted to a single device management protocol, either a proprietary one or one of the existing standard protocols like LWM2M, OMA-DM or TR-069. Even if they suppport more than one such protocol, they are often a result of the device management protocol they started with and restricted in their adoption capabilities to others.

At the same time the wide functional scope of a full fledged device management system introduces unnecessary (and unwanted) complexity to many IoT projects. This is particularly true for IoT solutions working with constrained devices where requirements regarding generic device management are often very limited only but a secure & reliable software provisioning process is still mandatory.

As a result we have the need for a domain independent solution

  • that works for the majority of IoT projects
  • that goes beyond the pure update and handles more complex roll out strategies needed by large scale IoT projects.
  • that at the same time is focused on software updates in the IoT space
  • and that is able able to work on its own for simple scenarios while having the capability to integrate with existing device management systems and protocols.

The scope of this project is to provide a software update management service for the Internet of Things. That includes the capability to provision software to devices directly or through federated device management systems. In addition it provides value adding processes to the provisioning, e.g. the management of large scale global roll outs, auditing capabilities, reporting and monitoring.

It is out of scope to provide a full blown device management and it is also out of scope to provide client solutions for handling software updates on the device.


Project hawkBit aims to create a domain independent back end solution for rolling out software updates to constrained edge devices as well as more powerful controllers and gateways connected to IP based networking infrastructure. Devices can be connected to the hawkBit server either directly through an optimized interface or indirectly through federated device management servers.

hawkBit is device and communication channel neutral by means of supporting:

  • Software and Operating system updates for M2M gateways (typically but bot necessarily running Linux) and
  • Firmware updates for embedded devices

both for

  • cable or
  • over the air (OTA) connected devices

Features at a glance:

  • A device and software repository.

  • Artifact content delivery.

  • Software update and roll out management.

  • Reporting and monitoring.

  • Interfaces:

    • for direct device control.

    • for IoT solutions or applications to manage the repository and the roll outs.

    • for device management federation (i.e. indirect device control)

    • and a user interface to operators to manage and run the roll outs.

Why Here?: 

We see the need for a solution that is open but focused on IoT that can be easily customized for the protocols and 3rd party systems used in the various IoT projects. That approach is currently unique in the industry and will benefit the Eclipse IoT community as other software update or device management systems are either not that flexible or simply not open to the OSS community.

Hosting this project in the Eclipse IoT community allows the project to quickly adapt to the various IoT scenarios out there, e.g. starting from LWM2M connected devices brought to the cloud by Eclipse Leshan down to OSGi empowered gateways enabled by Eclipse Kura.

Initial Contribution: 

The initial contribution will contain a ready-to-run software update server and an artifact download server structured into multiple maven modules based on Spring Boot.

The software update server is proven to run stand alone (fat jar) or in a Cloud Foundry environment (standard Java build pack).

The artifact download server is proven to run stand alone (fat jar) or as a Docker container.

The following interfaces will be included:

  • HTTP/REST interface for devices to integrate.
  • HTTP/REST interface for IoT solutions or applications to control the repository and the roll outs.
  • AMQP interface for device management connector integration.
  • and a Vaadin/GWT based user interface for operators.

The server depends currently on a relational database for the meta data repository (MySQL/MariaDB, H2 DDLs provided) and MongoDB for artifact hosting. Redis can be optionally used for inner cluster communication (central session cache planned for future development).

Copyright is with Bosch Software Innovations GmbH.



Detailed 3rd party licence list including licenses:


amqp-client-3.5.1.jar Apache License 2.0 
aopalliance-1.0.jar AOP Alliance Public Domain 
aspectjrt-1.8.5.jar Eclipse Public License 1.0 
aspectjweaver-1.8.5.jar Eclipse Public License 1.0 
atmosphere-runtime-2.2.7.vaadin1.jar Apache License 2.0 
classmate-1.2.0.jar Apache License 2.0 
commons-lang3-3.3.2.jar Apache License 2.0 
commons-logging-1.1.1.jar Apache License 2.0 
commons-pool2-2.2.jar Apache License 2.0 
ecj-4.4.2.jar Eclipse Public License 1.0 
evo-inflector-1.2.1.jar Apache License 2.0 
flexibleoptiongroup-2.2.0.jar Apache License 2.0 
flute-1.3.0.gg2.jar W3C Software Notice and License 
flyway-core-3.1.jar Apache License 2.0 
freemarker-2.3.22.jar Apache License 2.0 
gson-2.3.1.jar Apache License 2.0 
guava-16.0.1.vaadin1.jar Apache License 2.0 
guava-18.0.jar Apache License 2.0 
hibernate-validator-5.2.1.Final.jar Apache License 2.0 
jackson-annotations-2.5.1.jar Apache License 2.0 
jackson-core-2.5.1.jar Apache License 2.0 
jackson-databind-2.5.1.jar Apache License 2.0 
javax.json-1.0.4.jar Common Development and Distribution License 1.1 
javax.persistence-2.1.0.jar BSD 3-clause "New" or "Revised" License 
javax.servlet-api-3.1.0.jar Common Development and Distribution License 1.0 
javax.transaction-api-1.2.jar Common Development and Distribution License 1.0 
jboss-logging-3.2.1.Final.jar Apache License 2.0 
jcl-over-slf4j-1.7.12.jar MIT License 
jedis-2.5.2.jar MIT License 
jersey-client-1.18.1.jar Common Development and Distribution License 1.1 
jersey-core-1.18.1.jar Common Development and Distribution License 1.1 
jlorem-1.1.jar MIT License 
joda-time-2.5.jar Apache License 2.0 
jolokia-core-1.2.3.jar Apache License 2.0 
json-path-0.9.1.jar Apache License 2.0 
json-simple-1.1.1.jar Apache License 2.0 
json-smart-1.2.jar Apache License 2.0 
jsoup-1.8.1.jar MIT License 
jsr305-2.0.1.jar Apache License 2.0 
jul-to-slf4j-1.7.12.jar MIT License 
log4j-api-2.1.jar Apache License 2.0 
log4j-core-2.1.jar Apache License 2.0 
log4j-slf4j-impl-2.1.jar Apache License 2.0 
mapstruct-1.0.0.Beta4.jar Apache License 2.0 
mongo-java-driver-3.0.2.jar Apache License 2.0 
objenesis-2.1.jar Apache License 2.0 
org.eclipse.persistence.antlr-2.6.0.jar BSD 3-clause "New" or "Revised" License 
org.eclipse.persistence.asm-2.6.0.jar BSD 3-clause "New" or "Revised" License 
org.eclipse.persistence.core-2.6.0.jar BSD 3-clause "New" or "Revised" License 
org.eclipse.persistence.jpa-2.6.0.jar BSD 3-clause "New" or "Revised" License 
org.eclipse.persistence.jpa.jpql-2.6.0.jar BSD 3-clause "New" or "Revised" License 
rsql-parser-2.0.0.jar MIT License 
sac-1.3.jar W3C Software Notice and License 
slf4j-api-1.7.7.jar MIT License 
snakeyaml-1.14.jar Apache License 2.0 
spring-amqp-1.4.5.RELEASE.jar Apache License 2.0 
spring-aop-4.1.7.RELEASE.jar Apache License 2.0 
spring-aspects-4.1.7.RELEASE.jar Apache License 2.0 
spring-beans-4.1.7.RELEASE.jar Apache License 2.0 
spring-boot-1.2.5.RELEASE.jar Apache License 2.0 
spring-boot-actuator-1.2.5.RELEASE.jar Apache License 2.0 
spring-boot-admin-starter-client-1.2.2.jar Apache License 2.0 
spring-boot-autoconfigure-1.2.5.RELEASE.jar Apache License 2.0 
spring-boot-starter-1.2.5.RELEASE.jar Apache License 2.0 
spring-boot-starter-actuator-1.2.5.RELEASE.jar Apache License 2.0 
spring-boot-starter-aop-1.2.5.RELEASE.jar Apache License 2.0 
spring-boot-starter-cloud-connectors-1.2.5.RELEASE.jar Apache License 2.0 
spring-boot-starter-data-jpa-1.2.5.RELEASE.jar Apache License 2.0 
spring-boot-starter-data-mongodb-1.2.5.RELEASE.jar Apache License 2.0 
spring-boot-starter-jdbc-1.2.5.RELEASE.jar Apache License 2.0 
spring-boot-starter-log4j2-1.2.5.RELEASE.jar Apache License 2.0 
spring-boot-starter-tomcat-1.2.5.RELEASE.jar Apache License 2.0 
spring-boot-starter-web-1.2.5.RELEASE.jar Apache License 2.0 
spring-boot-vaadin-0.0.5.RELEASE.jar Apache License 2.0 
spring-cloud-cloudfoundry-connector-1.2.0.RELEASE.jar Apache License 2.0 
spring-cloud-core-1.2.0.RELEASE.jar Apache License 2.0 
spring-cloud-localconfig-connector-1.2.0.RELEASE.jar Apache License 2.0 
spring-cloud-spring-service-connector-1.2.0.RELEASE.jar Apache License 2.0 
spring-context-4.1.7.RELEASE.jar Apache License 2.0 
spring-context-support-4.1.7.RELEASE.jar Apache License 2.0 
spring-core-4.1.7.RELEASE.jar Apache License 2.0 
spring-data-commons-1.10.1.RELEASE.jar Apache License 2.0 
spring-data-jpa-1.8.1.RELEASE.jar Apache License 2.0 
spring-data-mongodb-1.7.1.RELEASE.jar Apache License 2.0 
spring-data-redis-1.5.1.RELEASE.jar Apache License 2.0 
spring-data-rest-core-2.3.1.RELEASE.jar Apache License 2.0 
spring-data-rest-webmvc-2.3.1.RELEASE.jar Apache License 2.0 
spring-expression-4.1.7.RELEASE.jar Apache License 2.0 
spring-hateoas-0.16.0.RELEASE.jar Apache License 2.0 
spring-jdbc-4.1.7.RELEASE.jar Apache License 2.0 
spring-messaging-4.1.7.RELEASE.jar Apache License 2.0 
spring-orm-4.1.7.RELEASE.jar Apache License 2.0 
spring-plugin-core-1.1.0.RELEASE.jar Apache License 2.0 
spring-plugin-metadata-1.2.0.RELEASE.jar Apache License 2.0 
spring-rabbit-1.4.5.RELEASE.jar Apache License 2.0 
spring-retry-1.1.2.RELEASE.jar Apache License 2.0 
spring-security-aspects-3.2.7.RELEASE.jar Apache License 2.0 
spring-security-config-3.2.7.RELEASE.jar Apache License 2.0 
spring-security-core-3.2.7.RELEASE.jar Apache License 2.0 
spring-security-web-3.2.7.RELEASE.jar Apache License 2.0 
spring-tx-4.1.7.RELEASE.jar Apache License 2.0 
spring-vaadin-0.0.5.RELEASE.jar Apache License 2.0 
spring-vaadin-eventbus-0.0.5.RELEASE.jar Apache License 2.0 
spring-vaadin-security-0.0.5.RELEASE.jar Apache License 2.0 
spring-web-4.1.7.RELEASE.jar Apache License 2.0 
spring-webmvc-4.1.7.RELEASE.jar Apache License 2.0 
springfox-core-2.0.3.jar Apache License 2.0 
springfox-schema-2.0.3.jar Apache License 2.0 
springfox-spi-2.0.3.jar Apache License 2.0 
springfox-spring-web-2.0.3.jar Apache License 2.0 
springfox-swagger-common-2.0.3.jar Apache License 2.0 
springfox-swagger2-2.0.3.jar Apache License 2.0 
streamhtmlparser-jsilver-0.0.10.vaadin1.jar Apache License 2.0 
swagger-annotations-1.5.0.jar Apache License 2.0 
swagger-models-1.5.0.jar Apache License 2.0 
tokenfield-7.0.1.jar Apache License 2.0 
tomcat-embed-core-8.0.23.jar Apache License 2.0 
tomcat-embed-el-8.0.23.jar Apache License 2.0 
tomcat-embed-jasper-8.0.23.jar Apache License 2.0 
tomcat-embed-logging-juli-8.0.23.jar Apache License 2.0 
tomcat-embed-websocket-8.0.23.jar Apache License 2.0 
tomcat-jdbc-8.0.23.jar Apache License 2.0 
tomcat-juli-8.0.23.jar Apache License 2.0 
vaadin-lazyquerycontainer- Apache License 2.0 
vaadin-push-7.5.6.jar Apache License 2.0 
vaadin-sass-compiler-0.9.12.jar Apache License 2.0 
vaadin-server-7.5.6.jar Apache License 2.0 
vaadin-shared-7.5.6.jar Apache License 2.0 
vaadin-slf4j-jdk14-1.6.1.jar MIT License 
vaadin-themes-7.5.6.jar Apache License 2.0 
validation-api-1.1.0.Final.jar Apache License 2.0 
xml-apis-1.4.01.jar Apache License 2.0 


Project Scheduling: 

Initial contribution expected: 10/2015

First working build expected: 11/2015

Future Work: 
  • Improve user experience for the community.
  • Further restructure the code base for easier integration and customization.
  • Multi tenancy ready authority store.
  • Provide off the shelf connectors with device management services in the market.
  • Improve scalability and efficiency of the implementation.
  • Implement complex roll out/campaign management.
Project Leads: 
Kai Zimmermann
Michael Hirsch
Interested Parties: 
  • Urs Gleim, Siemens AG
  • Regis Piccand, Verisign