Management Middleware

Device Configuration and Firmware Management

management middleware

Arcturus Management Middleware enhances embedded Linux devices by adding a versatile platform management capability.

The middleware is built around a central configuration database that stores factory and user settings. This database is coupled to a configuration engine that hooks existing OS subsystems and uses an internal set of policies to instantiate run-time configuration changes in a controlled way. Various higher-level methods are used to access the configuration database including a web user interface, REST, CLI, SNMP, XML and secure HTTP file-based provisioning. A set/get API is supported for application integration and a host protocol is available for compatibility with the Mbarx Secure IoT ecosystem.

Firmware management is handled using secure HTTP transport with the ability to push firmware packages to the device and pull firmware packages from a host machine or cloud service. Metadata contained inside the firmware package defines the payload compatibility, file integrity and target location within the filesystem. The firmware management service can update one or more filesystem partitions or on-board bootloader. Extensions to the firmware management service can support redundant filesystem images and fallback operation by managing kernel boot parameters. This allows for added protection by ensuring a bootable image is always present and can provide automatic recovery, should firmware fail to initialize.

Arcturus offers simple engagement packages to help get development moving quickly and services are available to brand, customize or support any middleware component.

WebUI Demo Management Middleware Factsheet Contact Us


Management Middleware Diagram


The database resides in non-volatile storage with a run-time copy maintained in RAM. The database contains user configuration and protected factory settings such as MAC addresses and serial numbers. Run-time access to the database is provided through higher-level methods and a kernel API. The act of modifying database values triggers the middleware engine which determines the service and configuration changes required. The database system consists of:

  • Berkley DB
  • MIB-II database objects
  • Independent factory and user objects
  • ASN1 object syntax
  • Kernel API to set and get objects and values


The middleware engine is executed during the Linux boot sequence and supervised by an independent control application. The engines processes changes made to the database through an internal system of policies and dependencies. The result is the controlled application of run-time configuration changes using the standard Linux methods to stop and start services and signal applications to reload configuration files. The management engine is a background process that consists of:

  • Initialization and supervision via application wrapper
  • Database change detection
  • Executable system of configuration policies and dependencies
  • System logging

Configuration Methods

Configuration methods provide higher-level access to the middleware database. These methods support user interaction or application integration with the middleware system. These may include:

  • Web User Interface (HTTPs)
  • Host Protocol (TLS)
  • File-based remote provisioning (HTTPs)
  • Interactive Voice Response (IVR) (voice products only)
  • SNMP v1, v2, v2C
  • REST (TLS)
  • XML (TLS)
  • Command line (typically for debug)

Firmware Management

The firmware management system supports methods to to push or pull firmware updates. These updates can be uploaded by a user through the web user interface, obtained from a provisioning server automatically, or can be managed at a system-level using the Mbarx Secure IoT tools. The firmware management system consists of:

  • Firmware package with metadata
  • Firmware package transports method (HTTPs)
  • Firmware management daemon with filesystem awareness (including partitioning)
  • Firmware package handler to check file integrity, payload compatibility and destination filesystem location
  • Optional image redundancy and failover


The middleware is fully integrated with common Linux services and interfaces allowing the configuration of network settings, system logging, access control, firewall, routing, VoIP, firmware management and administrative settings. The base platform is generally provided with a set of features and services representative of an embedded router platform:

    Linux Services Settings
  • DHCP client
  • DHCP server
  • Definable DHCP server address ranges
  • DHCP client reservations
  • Static IP address settings (netmask gateway, DNS)
  • PPP / PPPoE
  • Network bridging / bonding
  • NTP client
  • NTP server
  • NAT firewall and port forwarding
  • SPI and DOS protection
  • Common ALGs
  • Routing table and DMZ
  • Local Hosting
  • VLAN and TOS
  • Telnet (disabled by default)
  • SSH (disabled by default)
Voice and Media Middleware Settings
  • Announce LAN address (IVR)
  • Announce WAN address (IVR)
  • Announce current UID (phone number) (IVR)
  • VoIP account configuration
  • Failover server configuration
  • Calling modes
  • Audio settings
  • Codec selection
  • Phone book
  • Speed dials and push-to-call
  • DTMF methods
  • Incoming call handling
  • Outgoing call blocking rules
  • Signaling configuration
  • Self tests and reporting
  • Call quality reporting and handling
  • Multicast PA paging
Other Middleware Features
  • Admin login and password
  • Mac address cloning
  • Packet counters
  • Interface statistics
  • Ping and network tests
  • Gateway discovery
  • Diagnostic capture
  • Save configuration
  • Load configuration
  • System logging
  • Remote system logging
  • Hardware watchdog service support
  • CPU/thermal probe support
  • Reboot
  • Factory reset


The following architectures are supported. Middleware demos are provided with most embedded Linux development kits and can be bundled with OEM modules. Arcturus also provides a complete suite of services to support the middleware including; porting, customization, application development, product development, support and training.

Processors and Architectures
  • Arm® Cortex®-A53 (64-bit, Arm v8), Arm Cortex-A9 (32-bit, Arm v7), Power®, Blackfin, MIPS, Legacy 68K/ColdFire, SH, Arm 9, Arm 7
Operating System Support
  • Linux 2.4.x, 2.6.x, 3.x, 4.x
  • uClinux 2.4.x, 2.6.x, 3.x
  • glibc, uclibc
  • GCC