V. Hunter Adams' Raspberry Pi RP2040 Bootloader Spreads Like a Worm — But with Good Intentions

Lecturer of aerospace and electrical engineering V. Hunter Adams has built a custom bootloader for the Raspberry Pi Rp2040 microcontroller, and it boasts an unusual feature: a "worm" mode in which it can spread a flashed program from controller to controller over infrared.

"A computer worm is a program that replicates and propagates itself across a network. Typically associated with malware, this project deploys a worm for good," Adams explains. "In applications that involve a large number of independent microcontroller-based devices (e.g. swarm robotics or virtual cattle fencing), the bottleneck in the research and development process can be the time that it takes to plug-in/reprogram each individual device.

"One scalable approach to reprogramming a huge collection of devices is to reprogram a single device, and to have that program spread (like a virus or a computer worm) to other devices that it encounters. You then get an exponential spread of firmware updates across the swarm."

This worm-like proposal requires that the microcontrollers targeted are able to communicate with each other, which in Adams' implementation takes place through the addition of infrared capabilities — though, the maker notes, the bootloader could easily be modified to transmit itself over Bluetooth Low Energy (BLE), LoRa, or any other mechanism.

"This serial bootloader lives directly above the stage two bootloader in RP2040 memory, and receives new executable programs via a wireless UART interface," Adams explains of the original custom bootloader. "This bootloader has the ability to replace existing user application code, and it has the ability to detect and branch to valid programs in flash memory. The user can force the device into bootloader mode via a GPIO [General-Purpose Input/Output] port, or an application program can force the device into bootloader mode by writing to a watchdog scratch register and then executing a soft reset."

In the modified variant, though, the bootloader can be told to automatically spread a program, either through a manual button-press or using a watchdog peripheral. When triggered, the bootloader opens a UART bus and begins driving an infrared LED via pulse-width modulation (PWM). The receiving unit picks up the LED's signal and accepts an Intel hex file for writing to flash storage, overwriting its existing contents. This can then, in turn, spread the worm further — delivering on the promise of manually updating a single device and having it propagate automatically.

The full project write-up is available on Adams' blog, along with a description of the original custom bootloader on which it's based; the source code has been published to GitHub under an unspecified open source license.