A decentralized approach towards secure firmware updates and testing over commercial IoT Devices
share
Internet technologies have made a paradigm shift in the fields of computing and data science and one such paradigm defining change is the Internet of Things or IoT. Nowadays, thousands of household appliances use integrated smart devices which allow remote monitoring and control and also allow intensive computational work such as high end AI-integrated smart security systems with sustained alerts for the user. The update process of these IoT devices usually lack the ability of checking the security of centralized servers, which may be compromised and host malicious firmware files as it is presumed that the servers are secure during deployment. The solution for this problem can be solved using a decentralized database to hold the hashes and the firmware. This paper discusses the possible implications of insecure servers used to host the firmwares of commercial IoT products, and aims to provide a blockchain based decentralized solution to host firmware files with the property of immutability, and controlled access to the firmware upload functions so as to stop unauthorized use. The paper sheds light over possible hardware implementations and the use of cryptographically secure components in such secure architecture models.
READ FULL TEXT