Abstract
The present paper is concerned with the secure delivery of firmware updates to Internet of Things (IoT) devices. Additionally, it deals with the design of a safe and secure bootloader for a UHF RFID reader. A software implementation of a secure firmware update solution is performed. The results show there is space to integrate even more security features into existing devices.
Highlights
As the design is not new but is a finished device, we have focused on a SW security solution for its lower cost
A test bench is designed to validate the functionality of the bootloader and the bootloader with a FW image file encryption capability based on an existing AutoEPCIS UHF RFID reader v
It consists of an update terminal, the Internet of Things (IoT) device to be updated and a router (Mikrotik RB2011UiAS-2HnD-IN)
Summary
We distinguish several types of IoT devices based on applications, and each of these types requires a specific FW update solution. To access the Raspberry Pi from the Internet, a Transport Layer Security (TLS) cryptographic protocol with a unique certificate and a server and client key is proposed Another way to deliver updates is via an existing mobile network, as described in [6] where the update solution consists of GPRS modules connected on one side to a PC and on the other side to the device to be updated. This can, be broken, so Wi-Fi Protected Access (WPA) or WPA2 encryption is a better solution As this solution does not address the need to secure the content that is transmitted (i.e., a FW image file), it is not suitable for the remote update of FW. We need to select the most appropriate method for each specific configuration of devices, taking into consideration the required level of security, memory size, computing power and power supply, while reflecting the need to protect assets, maintain asset value and ensure the desired quality of service
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
