In-Band Firmware Update

[Ed Tanous]

> 
> We are going to investigate using the DFU protocol, as that
> also has host side tools already available.
> 

DFU doesn't completely solve the issue though, does it?  Presumably for 
security reasons you can't have the DFU device exposed to the host all 
the time.  If you did, I'm sure the penetration testers would hit it 
hard.  Assuming that leaving it available all the time is a non-starter, 
don't you need some command to activate the interface to allow the upload?

Assuming I'm not missing something there (I probably am) doesn't it make 
more sense to just expose a USB mass storage device when the "start" 
command is sent, as opposed to implementing the full DFU protocol?  It 
seems like that would require no utilities (aside from a simple nsh/bash 
script) and be very easy to replicate.

Is there any more details on this approach?