Abstract
Firmware refers to device read-only resident code which includes microcode and macro-instruction-level routines. For Internet-of-Things (IoT) devices without an operating system, firmware includes all the necessary instructions on how such embedded systems operate and communicate. Thus, firmware updates are essential parts of device functionality. They provide the ability to patch vulnerabilities, address operational issues, and improve device reliability and performance during the lifetime of the system. This process, however, is often exploited by attackers in order to inject malicious firmware code into the embedded device. In this article, we present a framework for secure firmware updates on embedded systems. This approach is based on hardware primitives and cryptographic modules, and it can be deployed in environments where communication channels might be insecure. The implementation of the framework is flexible, as it can be adapted in regards to the IoT device’s available hardware resources and constraints. Our security analysis shows that our framework is resilient to a variety of attack vectors. The experimental setup demonstrates the feasibility of the approach. By implementing a variety of test cases on FPGA, we demonstrate the adaptability and performance of the framework. Experiments indicate that the update procedure for a 1183-kB firmware image could be achieved, in a secure manner, under 1.73 seconds.
Highlights
A Modular End-to-End Framework for Secure Firmware Updates on Embedded SystemsA Modular End-to-End Framework for Secure Firmware Updates on Embedded Systems
With the advancement of Internet-of-Things (IoT) technology, Embedded Devices (EDs) have increasingly permeated our daily lives
We evaluate the security of the proposed framework against the following threats by examining our Secure Design Requirements (SDRs) and how they act as countermeasures
Summary
A Modular End-to-End Framework for Secure Firmware Updates on Embedded Systems. For Internet-of-Things (IoT) devices without an operating system, firmware includes all the necessary instructions on how such embedded systems operate and communicate. Firmware updates are an essential part of device functionality They provide the ability to patch vulnerabilities, address operational issues, and improve device reliability and performance during the lifetime of the system. This process, is often exploited by attackers in order to inject malicious firmware code into the embedded device. We present a framework for secure firmware updates on embedded systems. Additional Key Words and Phrases: Internet-of-things, embedded systems, firmware updates, hardware security, physical unclonable function
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: ACM Journal on Emerging Technologies in Computing Systems
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
