A leading automotive client approached iomico with a challenge: port a clean Android Open Source Project (AOSP) to the Compulab UCM-iMX8MP System-on-Module, with minimal reliance on NXP's Yocto-based tools.

The i.MX family of applications processors is an excellent platform for building high-performance, low-power, and cost-effective Android OS products.

The project was built on a robust hardware foundation featuring 8GB LPDDR4 RAM, eMMC storage on the SoM, u-Blox MAYA 260 (NXP IW612) Wi-Fi via SDIO, and a Sierra Wireless EM7595 LTE modem via USB/M.2, with development conducted on Ubuntu 20.04+ and full support for AHAB + AVB 2.0 + TrustZone Secure Boot, signed A/B OTA updates over HTTPS, and Android Auto via USB Accessory Mode with AOA 2.0.

The goal was to **port AOSP **and deliver a robust, updatable Android system tailored for automotive use cases. The iomico team has delivered the following:

1. **AOSP Device Integration **

• Defined BoardConfig.mk, Android.mk, and Android.bp files

• Added custom init scripts, boot parameters, and fstab configuration

• Enabled device-specific lunch combo for building

2. Kernel & Bootloader Support

• Ported and configured the Linux kernel 5.15 for Android

• Built and integrated U-Boot with Android Boot Image and Verified Boot support

• Integrated ARM Trusted Firmware (ATF) to complete the boot chain:
  U-Boot → ATF → Kernel + Ramdisk + dtb

3. Proprietary Firmware Integration

• Integrated essential firmware:

  • DDR training firmware

  • VPU firmware for hardware video encoding/decoding

  • Wi-Fi module: u-Blox MAYA 260 (NXP IW612 via SDIO)

  • LTE modem: Sierra Wireless EM7595 (USB/M.2) + userspace daemons

• Bundled firmware in the vendor partition following AOSP best practices

4. Android System Boot

• Brought up the Android console and home screen using standard AOSP startup flows

• Debugged and validated peripherals, including UART console, Ethernet, and USB

5. OTA (Over-the-Air) Update System

• Enabled OTA update support using AOSP’s ota_from_target_files

• Created scripts for full and incremental updates

• Enabled secure OTA delivery via HTTPS and implemented package signing

• Integrated AOSP Update Engine and verified end-to-end update functionality

6. Secure Boot Implementation

• Enabled NXP AHAB (Advanced High Assurance Boot) on i.MX8MP

• Digitally signed SPL, U-Boot, and kernel images

• Implemented Android Verified Boot (AVB 2.0) for system integrity

• Utilized ARM TrustZone for cryptographic operations and key storage

• Enabled "Factory Mode" support for secure provisioning and production locking

7. Android Auto Server Development

The Android Auto integration represented one of the most technically challenging aspects of this project, requiring deep expertise across multiple domains: USB protocol implementation, Android framework internals, real-time video encoding, and low-level kernel driver interaction.

Phase 1: Reference Implementation Analysis

Initial development began by adapting the AACS (Android Auto Client Server) open-source project for the target platform:

• Integrated video pipeline using Snowmix compositor and GStreamer for H.264 encoding

• Developed custom GStreamer sink plugin for Android Auto protocol packet encapsulation

• Implemented USB Gadget configuration using libusbg for FunctionFS-based AOA 2.0 protocol

• Statically linked multimedia dependencies to ensure consistent codec availability across configurations

Integration testing revealed platform-specific constraints requiring architectural adaptation. Through systematic USB traffic analysis and kernel-level debugging, we characterized the target environment:

• USB descriptor mismatches causing head units to reject connections

• FUNCTIONFS_SUSPEND events triggered by incomplete protocol handshakes

• Race conditions in the FunctionFS event handling requiring "pipe-to-self" synchronization patterns

Phase 2: Protocol Reverse Engineering

To resolve the persistent SUSPEND events, we performed deep protocol analysis:

• Instrumented OpenAuto (open-source Android Auto head unit emulator) to capture byte-level message sequences

• Analyzed encrypted mTLS communications by logging pre-encryption protobuf payloads

• Discovered critical protocol requirements: sequential request-response handshake (ChannelOpenRequest → ChannelOpenResponse → Setup → Config → VideoFocusIndication → StartIndication)

• Refactored video channel logic as a proper state machine, fixing the "fire-and-forget" anti-pattern in the original implementation

Phase 3: Native Android Integration

Recognizing the limitations of userspace gadget emulation on locked-down devices, we pivoted to a native Android architecture leveraging the platform's built-in AOA support:

• System service for USB handling: Implemented Android's official USB Accessory API to receive file descriptors from the platform's UsbDeviceManager

• Architected dual-component design: Invisible activity launcher forwarding to background service worker, following Android framework best practices

• Headless screen capture service: Implemented using DisplayManager.createVirtualDisplay() and ImageReader for zero-copy frame acquisition

• JNI bridge implementation: Converted standalone protocol handler to native library callable from Android services

Phase 4: AOSP Build System Integration

The final architecture required deep AOSP build system expertise:

• Resolved GStreamer initialization conflicts: Fixed class loading issues by adding Proguard keep rules and implementing correct initialization sequencing

• Fixed memory alignment requirements: Configured linker flags to meet AOSP's platform-specific page size constraints

• Configured Foreground Service: Implemented proper notification with connected device type and WakeLock acquisition to prevent process freezing

• Created prebuilt library modules: Integrated native libraries with correct dependency chains for SSL, protobuf, and statically-linked multimedia frameworks

Technical Achievements

The final implementation demonstrates mastery of:

• Low-level USB protocols: AOA 2.0 handshake, FunctionFS event handling, endpoint synchronization

• Android framework internals: Service lifecycle, Intent handling, JNI integration, system permissions

• Real-time video processing: GStreamer pipeline management, H.264 encoding with baseline profile constraints

• Protocol debugging: SSL/TLS interception, protobuf analysis, state machine design

• Cross-platform development: Yocto/BitBake, AOSP build system, CMake cross-compilation for Android NDK

The complete solution successfully establishes mTLS-encrypted connections with production head units, performs full protocol negotiation (VersionRequest → SSL handshake → ServiceDiscovery → VideoChannel setup), and delivers H.264-encoded video streams meeting Android Auto specifications.

8. Build System & Source Organization

• Created an isolated manifest.xml to manage project-specific repositories

• Maintained clean separation of AOSP and device-specific changes

• Developed build and flashing tools using uuu for streamlined deployment

Methodology & Engineering Excellence

This project demonstrates iomico's systematic approach to complex embedded Android development:

1. Layered problem-solving: From low-level kernel drivers to high-level Android services

2. Evidence-based debugging: USB traffic analysis, kernel tracing, protobuf inspection

3. Protocol expertise: Reverse-engineered proprietary Android Auto handshake through instrumented OpenAuto analysis

4. Cross-domain integration: Seamlessly bridged Linux kernel (USB gadget drivers), Android framework (Java services), and native code (JNI/C++)

Iomico focused on maintaining compatibility with upstream AOSP tooling to ensure long-term maintainability, clean firmware integration, and simplified OTA updates. By leveraging native AOSP infrastructure, we minimized dependencies on proprietary scripts and delivered a clean and flexible Android system for embedded automotive use.

The Android Auto server implementation showcases our ability to tackle novel challenges: no open-source device-side Android Auto server existed. Through systematic protocol analysis, kernel-level debugging, and iterative refinement, we delivered a working solution that successfully negotiates connections with production automotive head units.

Ready to Bring AOSP to Your Hardware?

Whether you need clean AOSP porting, custom Android system services, real-time video processing, USB protocol implementation, or secure boot infrastructure, iomico delivers production-grade embedded Android solutions.

Our expertise spans:

• Kernel & bootloader engineering (U-Boot, ATF, device trees, driver development)

• AOSP build system mastery (Android.mk/bp, SELinux policy, build variants)

• System-level Android (framework services, JNI integration, HAL implementation)

• Multimedia pipelines (GStreamer, MediaCodec, hardware encoding/decoding)

• Security implementation (verified boot, OTA signing, TrustZone integration)

• Protocol engineering (USB, network protocols, proprietary protocol reverse engineering)

Contact us to discuss your embedded Android project requirements.