Abstract

The Internet of Things (IoT) which creates a hyper-connected society is playing a major role in the 4th industrial revolution. The IoT is being leveraged across various fields of business globally and the number of IoT devices is causing serious security concerns. Since the firmware update of an IoT device is necessary for its lifecycle, secure firmware update of the IoT device is being brought as the first step in IoT security. The Internet Engineering Task Force (IETF) Software Updates for Internet of Things (SUIT) working group has started to specify a software update architecture for IoT devices. However, the current SUIT working group adopts a traditional client-server model to distribute firmware images, which potentially causes security risks. The current approach of the SUIT working group is unable to solve a targeting issue and an author-disappearing issue, which is suggested in this paper. Therefore, in this work, we introduce a distributed firmware update architecture based on the SUIT firmware update architecture applying blockchain. Our update architecture can prevent the issues we concern through the characteristics of blockchain, such as decentralization, transparency, and irreversibility. The blockchain network has registration nodes that process registration of manifest and firmware image files from authors, and retrieval nodes that process downloading manifest and firmware image files. The firmware image files are stored in a distributed file system and the hash values of firmware image chunks are stored on the blockchain with manifest files. The proposed architecture in this paper enables the irreversible downloads even in the author-disappearing state and tolerant to a single point of failure.

Highlights

  • The Internet of Things (IoT) implies the status of network connection for interactions between things of human beings via embedded communication systems

  • The IoT technology, which realizes a hyper-connected society through the interaction of things and humans, is regarded as a core technology of the 4th Industrial Revolution

  • Since the firmware update for IoT devices must be performed to the IoT devices, the secure firmware update is necessarily required

Read more

Summary

INTRODUCTION

The Internet of Things (IoT) implies the status of network connection for interactions between things of human beings via embedded communication systems. A firmware update offers a new service or security patch to IoT devices. Since it is necessarily required for the IoT device, the recent cyber-attacks are focused on the firmware level. Firmware updates for IoT devices are vulnerable against an author-disappearing issue that the IoT device manufacturers or firmware vendors are unable to provide firmware updates in time due to cyber-attacks or disappearing due to their funding problems. The proposed architecture is designed to provide a secure firmware update and to address the author-disappearing issue.

RELATED WORK
DISCUSSION
CONCLUSION

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.