Secure Firmware Updates for Constrained IoT Devices Using Open Standards: A Reality Check

Zandberg, Koen; Schleiser, Kaspar; Acosta, Francisco J.; Tschofenig, Hannes; Baccelli, Emmanuel

doi:10.1109/access.2019.2919760

Cited by 97 publications

(73 citation statements)

References 30 publications

(32 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Regarding attacks directed to edge devices, a fundamental principle of the model is that they operate intermittently. This option drastically reduces the time window for attacks; for instance, those that exploit Over The Air (OTA) capabilities [18].…”

Section: Discussionmentioning

confidence: 99%

Stateless IoT

Ciuffoletti

2020

Information

View full text Add to dashboard Cite

Energy consumption is a relevant matter in the design of IoT applications. Edge units—sensors and actuators—save energy by operating intermittently. When idle, they suspend their operation, losing the content of the onboard memory. Their internal state, needed to resume their work, is recorded on external storage: in the end, their internal operation is stateless. The backend infrastructure does not follow the same design principle: concentrators, routers, and servers are always-on devices that frustrate the energy-saving operation of edge devices. In this paper, we show how serverless functions, asynchronously invoked by the stateless edge devices, are an energy-saving option. We introduce a basic model for system operation and energy footprint evaluation. To demonstrate its soundness, we study a simple use case, from the design to a prototype.

show abstract

Section: Discussionmentioning

confidence: 99%

Stateless IoT

Ciuffoletti

2020

Information

View full text Add to dashboard Cite

show abstract

“…Costin et al [32] conducted large-scale dynamic analysis of firmware and found vulnerabilities related to a Web interface; however, the scheme could not identify vulnerabilities in other modules of the firmware. Zandberg et al [33] proposed the possibility of creating a secure, standards-compliant firmware update solution that uses security technology to secure IoT devices.…”

Section: A Iot Firmware Analysismentioning

confidence: 99%

FIRMCORN: Vulnerability-Oriented Fuzzing of IoT Firmware via Optimized Virtual Execution

Gui¹,

Hui²,

Kang³

et al. 2020

IEEE Access

View full text Add to dashboard Cite

The security situation of the Internet of Things (IoT) is particularly severe, and a large number of IoT devices are prone to vulnerabilities. In this study, we present FIRMCORN, the first vulnerability-oriented fuzzer for IoT firmware. Based on the novel technology of optimized virtual execution, FIRMCORN focuses on three typical problems of IoT firmware fuzzing: (1) high throughput required by fuzzing, (2) inaccuracy of emulation compared with real devices, and (3) instability of emulation due to lack of hardware. Here, we optimize the initial environment and the execution process of virtual execution to achieve faster, more accurate, and more stable fuzz testing. To improve the efficiency of vulnerability mining with FIRMCORN, a vulnerable-code search algorithm is designed to obtain the entry points of fuzzing according to the characteristics of IoT firmware; further, this vulnerability-oriented fuzzing is applied to IoT device firmware. Our evaluation results show that optimized virtual execution used by FIRMCORN can significantly improve the throughput, accuracy, and stability compared with conventional virtual execution. FIRMCORN runs for only 2 hours to mine two 0-day vulnerabilities on a machine. Thus, compared with the current state-of-the-art IoT firmware fuzzing framework, FIRMCORN can more effectively mine vulnerabilities in real-world devices.

show abstract

“…Some of them propose MQTT-based solutions ( [11][12][13]) and others propose customized/proprietary solutions [14,15]. Further, we discuss work in progress at the IETF [16][17][18].…”

Section: Related Workmentioning

confidence: 99%

“…Instead, our proposed MYNO Update Protocol uses a Nonce to avoid replay attacks. Zandberg et al [18] implemented and evaluated a prototype to compare the surveyed firmware update methods, among them the SUIT-OTA update. They use CoAP blockwise transfer to pull the firmware image onto the device.…”

Section: Related Workmentioning

confidence: 99%

MUP: Simplifying Secure Over-The-Air Update with MQTT for Constrained IoT Devices

Sahlmann

Clemens

Nowak

et al. 2020

Sensors

View full text Add to dashboard Cite

Message Queuing Telemetry Transport (MQTT) is one of the dominating protocols for edge- and cloud-based Internet of Things (IoT) solutions. When a security vulnerability of an IoT device is known, it has to be fixed as soon as possible. This requires a firmware update procedure. In this paper, we propose a secure update protocol for MQTT-connected devices which ensures the freshness of the firmware, authenticates the new firmware and considers constrained devices. We show that the update protocol is easy to integrate in an MQTT-based IoT network using a semantic approach. The feasibility of our approach is demonstrated by a detailed performance analysis of our prototype implementation on a IoT device with 32 kB RAM. Thereby, we identify design issues in MQTT 5 which can help to improve the support of constrained devices.

show abstract

Secure Firmware Updates for Constrained IoT Devices Using Open Standards: A Reality Check

Cited by 97 publications

References 30 publications

Stateless IoT

Stateless IoT

FIRMCORN: Vulnerability-Oriented Fuzzing of IoT Firmware via Optimized Virtual Execution

MUP: Simplifying Secure Over-The-Air Update with MQTT for Constrained IoT Devices

Contact Info

Product

Resources

About