A Modular End-to-End Framework for Secure Firmware Updates on Embedded Systems

by   Solon Falas, et al.

Firmware refers to device read-only resident code which includes microcode and macro-instruction -level routines. For Internet-of-Things (IoT) devices without an operating system, firmware includes all the necessary instructions on how such embedded systems operate and communicate. Thus, firmware updates are an essential part of device functionality. They provide the ability to patch vulnerabilities, address operational issues, and improve device reliability and performance during the lifetime of the system. This process, however, is often exploited by attackers in order to inject malicious firmware code into the embedded device. In this paper, we present a framework for secure firmware updates on embedded systems. The approach is based on hardware primitives and cryptographic modules, and it can be deployed in environments where communication channels might be insecure. The implementation of the framework is flexible as it can be adapted in regards to the IoT device's available hardware resources and constraints. Our security analysis shows that our framework is resilient to a variety of attack vectors. The experimental setup demonstrates the feasibility of the approach. By implementing a variety of test cases on FPGA, we demonstrate the adaptability and performance of the framework. Experiments indicate that the update procedure for a 1183kB firmware image could be achieved, in a secure manner, under 1.73 seconds.



There are no comments yet.


page 1

page 4

page 7

page 10


ASSURED: Architecture for Secure Software Update of Realistic Embedded Devices

Secure firmware update is an important stage in the IoT device life-cycl...

Baseline functionality for security and control of commodity IoT devices and domain-controlled device lifecycle management

The emerging Internet of Things (IoT) drastically increases the number o...

How to make Firmware Updates over LoRaWAN Possible

Embedded software management requirements due to concerns about security...

Firmware Re-hosting Through Static Binary-level Porting

The rapid growth of the Industrial Internet of Things (IIoT) has brought...

Community-Based Security for the Internet of Things

With more and more devices becoming connectable to the internet, the num...

Secure and Computationally-Efficient Cryptographic Primitive based on Cellular Automation

Mageto, a random number generator based on one-dimensional cellular auto...

SkiffOS: Minimal Cross-compiled Linux for Embedded Containers

Embedded Linux processors are increasingly used for real-time computing ...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.