Abstract
Message Queuing Telemetry Transport (MQTT) is one of the dominating protocols for edge- and cloud-based Internet of Things (IoT) solutions. When a security vulnerability of an IoT device is known, it has to be fixed as soon as possible. This requires a firmware update procedure. In this paper, we propose a secure update protocol for MQTT-connected devices which ensures the freshness of the firmware, authenticates the new firmware and considers constrained devices. We show that the update protocol is easy to integrate in an MQTT-based IoT network using a semantic approach. The feasibility of our approach is demonstrated by a detailed performance analysis of our prototype implementation on a IoT device with 32 kB RAM. Thereby, we identify design issues in MQTT 5 which can help to improve the support of constrained devices.
Highlights
Providing firmware updates for Internet of Things (IoT) devices is one of the central questions to deal with IoT security issues
We present MYNO Update Protocol (MUP), a scalable and secure firmware update protocol for constrained IoT devices over Message Queuing Telemetry Transport (MQTT)
The measurements with the prototype implementation show that the transmission of a firmware image of 87.8 kB can be done within 81.54 s, close to the results of UpKit [15]
Summary
Internet of Things (IoT) devices (further referred to as devices) are cyber-physical objects which are equipped with sensors and actuators and are connected to the Internet They can be constrained in terms of computational power, memory, network bandwidth and energy. Since the edge node is a more powerful device compared to the IoT devices, it is suited to overtake more complex and energy-consuming tasks, for example to distribute firmware updates. The proposed MYNO Update Protocol (MUP) is suited for constrained devices which is demonstrated with our prototype on an IoT device with only 32 kB RAM and the firmware transmission over 6LoWPAN. Before we present and evaluate the MYNO Update Protocol (MUP) in Section 3, the section discusses the security properties of related update protocols from the literature and their suitability for constrained devices
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have