Secure the Internet of Things Software Updates with Ethereum Blockchain

Abstract

Internet of Things (IoT) is a growing technology that is projected to have over 41.6 billion connected devices by 2025. The IoT idea is about connecting the unconnected things (sensors, clothes, refrigerators and others) to the existing network infrastructure. Across industries ranging from agriculture to manufacturing, organizations are rapidly growing business value with the IoT. However, many organizations are hesitating to further invest in IoT initiatives due to the fear of inadequate security. Security is a very critical consideration where everything becomes connected to the Internet. However, security in IoT is still a very open area that is yet to receive much attention. One challenge in IoT is ensuring the security of firmware updates on deployed IoT devices. Hackers can perform man-in-the-middle attacks to compromise an update procedure and take control of deployed devices if they do not use proper security mechanisms. This means that it is imperative to architect secure by design mechanisms to ensure security in IoT. Blockchain is an emerging technology that is touted as a potential cybersecurity transformational force. This work proposes the use of blockchain to provide a mechanism for nodes to verify the authenticity and integrity of firmware before downloading and ensures high availability of the firmware. A proof of concept system was implemented. The prototype illustrates how secure IoT firmware update can be realized through the use of smart contracts. Furthermore, we show that it is possible to check for authentic software by verifying it through blockchain smart contracts.