Section: New Results

General-purpose Low-power Secure Firmware Updates for Constrained IoT Devices

Participants : Koen Zandberg [Inria / Freie Universität Berlin] , Kaspar Schleiser [Inria / Freie Universität Berlin] , Francisco Acosta [Inria] , Hannes Tschofenig [Arm Ltd., Cambridge, U.K] , Emmanuel Baccelli.

While the IoT deployments multiply in a wide variety of verticals, the most IoT devices lack a built-in secure firmware update mechanism. Without such a mechanism, however, critical security vulnerabilities cannot be fixed, and the IoT devices can become a permanent liability, as demonstrated by recent large-scale attacks. In this paper, we survey open standards and open source libraries that provide useful building blocks for secure firmware updates for the constrained IoT devices–by which we mean low-power, microcontroller-based devices such as networked sensors/actuators with a small amount of memory,among other constraints. We design and implement a prototype that leverages these building blocks and assess the security properties of this prototype. We present experimental results including first experiments with SUIT, a new IETF standard for secure IoT firmware updates. We evaluate the performance of our implementation on a variety of commercial off-the-shelf constrained IoT devices. We conclude that it is possible to create a secure, standards-compliant firmware update solution that uses the state-of-the-art security for the IoT devices with less than 32 kB of RAM and 128 kB of flash memory. Moreover, our prototype is general-purpose, in that it works out-of-the-box or with minimal adaptation on 80% of the hardware supported by RIOT (i.e. approximately 100 different types of IoT devices). As such, this work paves the way towards generic and secure low-power IoT firmware updates.

This paper was published in the IEEE journal IEEE Access  [8].