OS 2.0.3 release notes
Our OS is a standardized operating system for IP cameras that include a supported system on a chip (SoC). It is based on the Android Open Source Project (AOSP) and has been customized for use in embedded devices by our hardware partners. It includes our APIs and OS components.
Our new release OS 2.0.3 comes with a number of new features, improvements and fixes.
New
- Azena OS now supports MediaTek MTK8192 SoC.
- Azena OS supports AOSP 10 (API level 29).
- Hardware acceleration of Machine learning models via Neural Networks API (NNAPI) is now available across supported devices.
- Video-FeedIn enables testing and benchmarking by injecting external test streams.
- New version of the WebHelpers Library released
- Added Message Ports as a device capability
Bugfixes
- Fixed strange colors on Altek RefCam due to faulty IR setting
- ADB is available in developer mode, after reboot
- Fixed loosing the deviceId after factory reset
- Fix boot fail for headless system.
New
- Camera calibration data can now be used by Apps from an OS-defined Calibration Service.
Apps can now relate pixel data to physical dimensions on a calibrated camera. The Calibration Service was introduced to make calibration data accessible. Some of the calibration data, such as horizontal and vertical pixel pitch, principal point, skew factor and distortion coefficients should be provided by the manufacturer. - Introduced Intrinsic Calibration Tool, for optional use by the user to (re)calibrate the camera.
- Introduced Calibration WebUI to access the Intrinsic Calibration Tool and status of the calibration, for both intrinsic and extrinsic calibration.
- New Coordinate system API to support multi-camera object tracking.
Easy mapping of points, lines, planes etc. between 2D and 3D space and exchanging real-world locations between Apps and cameras is now available by using the new Coordinate System API. Apps can use that API on calibrated cameras to enable object tracking over different cameras.
New
FrameMetadata
class is extended with lensfocalLength
.- The
DeviceProperties
class which contains device-related information has been introduced. For now it provides the device ID through thegetDeviceId()
method. - The
WebServerManager.setActiveCertificateForHostnames
has been introduced to add server name indication mappings between the hostnames of a certificate and the alias of that certificate itself. TheCN field
and/or the subject alternative names of a certificate are used as hostnames. TheWebServerManager.removeActiveCertificateForHostnames
has been introduced to remove all server name indications mappings to the specified certificate.
New
- Backing up and restoring App configuration is now supported by REST APIs.
To perform application data backups and restores, a set of APIs was introduced which can be used by Video Management Systems, the Device Management Tool (DMT), and other external clients.
Bugfixes
- Fixed race-condition that could cause the first application backup/restore after booting the device to fail.
Changes
- Based on AOSP 10.
- Supports networking for Apps.
- Boot animation update.
Bugfixes
- Fixed high CPU usage when booting on emulator.
Changes
- Introduced APIs in Event service to set/get/remove
EventDescriptions
.
Bugfixes
- APK snatch event is logged on IDS page.
New
- New I/O Commander enables you to assign control over external devices connected to the camera.
I/O Commander selection is now enabled. Applications that need to control I/O devices must register themselves as I/O Commanders. Users can choose among the registered commanders to grant control over the I/O devices in the camera. The default Commander is ONVIF. Calls made to the I/O devices from any application other than the selected I/O Commander will fail. - Package
com.securityandsafetythings.io
introduces a new interface,IController
. Manufacturer-owned system services can implement this interface to make their I/O HAL implementations available to theIoService
. By doing this, all calls from theIoService
to the lower layers are sent to the external system service, instead of the default (internal) GPIO HAL. - Introduced GPIO HAL3.0 that makes use of xsd template and xml file instead of
configstore
.
Bugfixes
- Delay field in action is shown and configurable only for activating relays in Monostable mode.
- Delay field in relay configuration is not applicable for I/O Switchboard and it is thus hidden from the user interface.
- Relay state is ensured to be deactivated when moving the mode of the relay from bistable to monostable.
- The device and action list immediately auto-refreshes after changing the configurations using I/O Switchboard user interface.
- Stabilized IO Service database initialization with more exception handling.
New
- Additional HTTP capabilities are now available to the IoT Gateway
REST IoT Gateway now supports custom HTTP headers and payload overriding. Users can specify their own HTTP headers while creating or updating the REST connection. Furthermore, users have the freedom to override the message payload before sending it out. - QoS capabilities are now available to the IoT Gateway
MQTT IoT Gateway now support payload overriding and QoS selection. Users can override the message payload and specify MQTT Quality of Service (QoS - QoS2 is the default) while creating or updating the MQTT connection. - Topic mapping to translate topic of the Outgoing/Incoming message to a new topic.
Changes
- In REST IoT Gateway, on server mode, returns an empty response for the Outgoing Topics that do not have a corresponding message published yet.
Bugfixes
- Mqtt Gateway Delete requires disconnecting to be clicked when auto-reconnect is set to false.
- In MQTT IoT Gateway, connections with auto-reconnect disabled can now be deleted when the connection with the MQTT broker is lost and the connection is in the disconnected state.
New
- Added Stream Provider.
- Added Streaming from Virtual Base Cameras.
- Live 555 Update.
Changes
- Stream Configuration is changed to contain the UUID of the associated Video Capture.
Bugfixes
- Fix for MediaService Crash Metadata Stream.
- Make RTSP server wait streaming until stream info is available.
New
- New Message Ports API for enhanced inter App communication.
Introduced Message Ports for inter App communication. Message Ports provides interfaces toOutPort
andInPort
enabling applications to send and receive messages. - New AppGraphBuilder to manage information flow between Message Ports.
Introduced AppGraphBuilder to manage and control information flow between message ports registered in the device. Apps on the device can now easily be connected. - Introduced APIs in Message class to get/set the timestamp for a message.
Bugfixes
- Fix for sporadic Messaging Service crash on app stop from the overview page.
- Comments in MessagingManifest.xml causes no errors.
New
- Factory default IP address added for improved camera setup.
Introduced a static IP fallback mechanism to make sure that the wired network interface has always an IP address on the first boot of the camera after a factory reset. If no IP address is assigned within 1 minute from booting, static IP address 192.168.0.111/16 is assigned. To later switch to a newly available DHCP service, modify the network settings via the WebUI and switch the IP assignment to 'automatic'.
New
- ONVIF Profile S and T are displayed by default.
- ONVIF Media2, Imaging, DeviceIO and AdvancedSecurity services displayed by default.
- Added support for retrieving the systems logs through
SystemLogHandler
. - Introduced full media profile handling through the Media and Media2 service.
- Completed TLS certificate management through Advanced Security service.
- The configuration of the OnvifServer (which ONVIF profile(s) and services are exposed) and the vendor specific device information can be configured through the vendor Configuration class.
- Introduced support for relay outputs through the Device Management service.
Changes
- Integrated Virtual Base Camera support.
- Made the OnvifService a persistent app.
- Implemented Imaging service support for getting the options, getting and setting the white-balance and exposure imaging settings.
- Added check whether password of the authenticated user needs to be updated. Forbidden (403) will be returned in that case. The only exception is the SetUser function, allowing the user to update the password.
- Applied various improvements related to namespace handling in event messages, video source and encoder configuration handling, streamUri extraction and snapshot handling.
- Extended
GetEventProperties
call to dynamically populate the event list in the response from onvif event descriptions configured in Event Service.
Bugfixes
- Fixed various bugs related to getting a snapshot which could return error code 500, handling Types in a Probe message optional and automatic adaption of parameters without returning an error for e.g.
RateControl
elements. - Fixed various bugs related to exposing media capabilities, providing the WSDL URL, namespace usage for the unsubscribe response message for pullpoint events and handling not parsable discovery messages correctly.
- Fix calculation of GovLength as exposed through ONVIF.
- Announce only default VideoSourceConfigurations.
- Add default `tt` namespace prefix for datatype values, which are defined with no namespaces, in the Type field in event messages.
New
- Support for Fisheye cameras with multiple dewarped sub-streams:
Feature ‘Virtual Base Cameras’ has been added, which allows splitting the sensor video feed into multiple streams that can be transformed through a pluggable Shader module. This feature is mainly intended for Fisheye type sensors that require the extraction of a region of interest and subsequent transformation before further processing. - Added support for Virtual Base Camera Shader Modules.
- Added System API for Virtual Base Camera creation and mapping to installed Apps.
- Added new System permission to access Virtual Base Cameras.
- Added support for a Secondary Privacy Mask, that is applied in initial stages of the Video Pipeline instead of at the end and is suitable for use with Virtual Base Cameras.
Changes
- The format of the Camera Configuration file is changed to accommodate Virtual Base Camera settings.
- Added API to switch between a Binder/Base Camera in run time.
- Watchdog improvements.
Bugfixes
- Fix for potential Videopipeline memory leak.
Changes
- The
X-Content-Type-Options
,X-XSS-Protection
andStrict-Transport-Security
HTTP headers are now set by the webserver and can not be set by the frontends for any outgoing response. - The default certificate is now configurable per product via a configuration file. An example configuration can be found in
/device/securityandsafetythings/base/configs
together with a validation schema and further information. - The WebServer now supports SNI (server name indication). New generated or imported certificates are automatically used for the hostnames if there is no active mapping for any of the given hostnames. The
CN field
and/or the subject alternative names from the certificate’s extensions are used as hostnames. To create or modify mappings, WebServer offersWebServerManager.setActiveForHostnames
. - Certificate Management: SNI and Custom Certificate Uploads extensions.
- Certificate Management: creating certificate signing requests with request attributes.
Bugfixes
- Fix for SNI Update on
CertUpload
.
New
- Camera Info page displays the “Device Type” that is specified as a build parameter by the manufacturer.
- Added VideoFeedIn feature, which allows configuring an external RTSP source as input stream, instead of using the sensor.
Changes
WiFi Connect
tab is only shown if the device supports WiFi.- In Developer mode it is now possible to use an RTSP stream as Video Input.
- Stream Configuration now shows the name of the virtual base camera of the Video Capture associated to each Stream.
- Improvements on login page, privacy mask, virtual camera and preview pages.
- Improvement for saving user settings.
- Improved DoS Protection for logging in with wrong credentials (IP-Based).
- Overview Tab now shows “Advanced Features”.
Bugfixes
- Solved a problem in which under low memory conditions the WebUI is not accessible.
- Fix for unresponsive WebUI.
- Fixed user-permission check in WebUI backend for CloudRestEndpoint.
Security
- ONVIF Server now supports TLS certificate management (through Advanced Security service)
- Block all web-access (return 403) when password needs to be updated (except for SetUser function, allowing the password update).
- WebServer improvements in requesting and managing Certificates
- WebServer enforces more strict HTTP header rules
- CVEs patched from Android Security Bulletin:
- CVE-2021-0870
- CVE-2021-0687
- CVE-2020-11264
- CVE-2020-11301
- CVE-2021-1972
- CVE-2021-1976
- CVE-2021-0507
- CVE-2021-0516
- CVE-2021-0473
- CVE-2021-0474
- CVE-2021-0475
- CVE-2021-0430
- CVE-2021-0397
- CVE-2021-0326
- CVE-2022-23852