Described is a system and method in which software updates in the form of
self-contained, secure entities are applied to an embedded device's
non-volatile storage in a failsafe manner. Various types of software
updates may be applied, and updates may contain executable code and/or
data. Following a reboot, an initial program loader determines an update
mode, and if updating, boots to a special update loader. The update
loader processes update packages to apply the updates. Kernel partition,
system partition and reserve section updates may be updated with entire
files or binary difference files, with failure handling mechanisms are
provided for each type of update. Updates may be simulated before
committing them. Updates may be relocated in memory as appropriate for a
device.
