INTRODUCTION

The high-reliability connectivity project for the client is a sophisticated, large-scale IoT and telecommunications platform engineered to deliver secure, intelligent solutions for demanding environments. At its core, the solution integrates industrial-grade hardware with a robust firmware platform based on OpenWrt, enhanced by custom components for advanced networking, security, and remote management.

Beyond functional delivery, the project prioritizes long-term maintainability and scalability, ensuring the architecture remains future-proof as it evolves alongside the company’s ecosystem and shifting market needs.

BACKGROUND

Operating within the electronics and telecommunications sector, the partner provides connectivity solutions that demand absolute reliability and operational continuity. Their products are mission-critical for industrial, enterprise, and infrastructure deployments where communication stability is non-negotiable.

Prior to IOMICO’s involvement, the firmware ecosystem relied on a heavily customized OpenWrt fork. This legacy system presented significant strategic risks, including:

• High-risk upgrades: Difficult and unpredictable system updates.

• Security vulnerabilities: Delayed patching cycles.

• Inefficient workflows: Complex build and configuration processes.

• Technical debt: Tight coupling between custom logic and core system components.

This necessitated an architectural transformation - moving from a fragile, customized system to a clean, modular, and secure platform. Consequently, the initiative was positioned as both a product development and a platform modernization project.

BUSINESS OBJECTIVES

IOMICO was tasked with the following primary objectives:

• Modernize Firmware: Audit and refine existing solutions to ensure long-term stability and scalability.

• Architectural Alignment: Develop a firmware platform for a new product family based on modular reuse strategies.

• Resource Optimization: Minimize power consumption and maximize efficiency across FLASH, MCU, and system memory.

• Enhance Maintainability: Implement a clean architecture with a clear separation of responsibilities between system layers.

• Future-Proofing: Enable controlled updates and predictable behavior changes for safe future evolution.

• Standardization: Build a reusable firmware foundation compatible across multiple hardware generations.

BUSINESS PROBLEM/OPPORTUNITY: 

The project addressed several key market demands:

• Durability: The need for devices that maintain performance in extreme climates.

• Interoperability: A "SMART" maintainable solution using standardized digital interfaces.

• Scalability: The ability to scale rapidly from small deployments to global infrastructures.

• Ubiquity: Global data storage, monitoring, and transmission capabilities.

• Competitive Edge: Leveraging security and reliability as key market differentiators.

DEVELOPMENT APPROACH

To ensure predictable delivery, the project utilized the Scrum methodology.

Tools and Processes

• JIRA: Backlog management, sprint planning, and delivery control.

• Slack & Microsoft Teams: Real-time operational coordination.

• Google Meet: Daily stand-ups and weekly stakeholder reviews.

Delivery Strategy

IOMICO began with a comprehensive technical audit, encompassing build systems, security architecture, and dependency mapping. Rather than applying incremental patches, the team adopted a platform transformation strategy focused on modularization and the isolation of custom logic. This prevented the accumulation of technical debt and established a controlled path for future evolution.

TECHNICAL DETAILS

System Architecture

The platform is built on three primary hardware components:

• MediaTek MT7981 SoC: Main system-on-chip.

• Telit FN990 Modem: Cellular connectivity.

• STM MCU: Control and peripheral management.

The firmware is based on OpenWrt 23.05.5, extended with custom scripts and binaries that provide a competitive advantage while maintaining stability through numerous security patches. The architecture follows a layered model (Core, Networking, Services, Management, and UI) to ensure modularity.

KEY RESULTS & ACHIEVEMENTS

To date, the collaboration has achieved the following:

1. Successful Migration: Transitioned from a legacy fork to the official stable OpenWrt release.

2. Hardened Security: Integrated secure boot and image signing to verify system integrity.

3. Clean Codebase: Isolated custom logic into separate packages and kernel patches, simplifying future upgrades.

4. Optimized Build System: Resolved long-standing Makefile inconsistencies and configuration conflicts.

5. Vulnerability Management: Applied hundreds of security fixes and enabled advanced build-time security flags.

6. Modernized Firewall: Migrated logic to nftables to resolve UI and rule inconsistencies.

7. Reliability Features: Implemented advanced failover logic and stabilized StrongSwan-based VPN support.

8. Enterprise Wireless: Deployed WPA2/WPA3-Enterprise encryption using FreeRADIUS for certificate-based authentication.

9. Advanced Networking: Implemented IP Passthrough mode for transparent modem-to-client routing without NAT.

10. Hardware Porting: Successfully ported the LuCI web interface from the legacy hardware generation to the latest platform, ensuring full compatibility.

11. Remote Management: Integrated an automated modem firmware update mechanism and SNMP services for remote monitoring.

12. Custom Utilities: Developed C-based utilities for multicast status broadcasting and network surveys (AT#CSURV) with LuCI integration.

13. Dynamic Display: Enhanced an LCD application using the LVGL library for real-time system feedback.

14. eSIM Management: Integrated Telit lpa_sdk for full eSIM lifecycle management via a dedicated UI.

15. Modem Optimization: Replaced legacy connection managers with a custom utility to support QMAP and multi-PDN connections.

16. Traffic Separation: Implemented Dual APN mode via QMAP, isolating user traffic from VPN traffic for enhanced security.

LESSONS LEARNED

1. Analysis First: Hardware and driver audits must precede platform scaling.

2. Strategy over Speed: Technology choices must align with long-term goals.

3. Design for Maintenance: Maintainability is a primary requirement, not a secondary thought.

4. Modularity equals Safety: Isolated components allow for safer system evolution.

CONCLUSION

This project represents a strategic transformation that establishes a secure, scalable foundation for the client’s future. By replacing technical debt with a modular, modern architecture, IOMICO has enabled the partner to maintain its leadership in the telecommunications and IoT markets. This new platform is more than just a product - it is a sustainable technological engine for long-term growth.