A Modular End-to-End Framework for Secure Firmware Updates on Embedded Systems
Permanent link to this recordhttp://hdl.handle.net/10754/672041
MetadataShow full item record
AbstractFirmware refers to device read-only resident code which includes microcode and macro-instruction-level routines. For Internet-of-Things (IoT) devices without an operating system, firmware includes all the necessary instructions on how such embedded systems operate and communicate. Thus, firmware updates are essential parts of device functionality. They provide the ability to patch vulnerabilities, address operational issues, and improve device reliability and performance during the lifetime of the system. This process, however, is often exploited by attackers in order to inject malicious firmware code into the embedded device. In this article, we present a framework for secure firmware updates on embedded systems. This approach is based on hardware primitives and cryptographic modules, and it can be deployed in environments where communication channels might be insecure. The implementation of the framework is flexible, as it can be adapted in regards to the IoT device’s available hardware resources and constraints. Our security analysis shows that our framework is resilient to a variety of attack vectors. The experimental setup demonstrates the feasibility of the approach. By implementing a variety of test cases on FPGA, we demonstrate the adaptability and performance of the framework. Experiments indicate that the update procedure for a 1183-kB firmware image could be achieved, in a secure manner, under 1.73 seconds.
CitationFalas, S., Konstantinou, C., & Michael, M. K. (2022). A Modular End-to-End Framework for Secure Firmware Updates on Embedded Systems. ACM Journal on Emerging Technologies in Computing Systems, 18(1), 1–19. doi:10.1145/3460234
SponsorsEU Horizon 2020 research and innovation programme Government of the Republic of Cyprus through the Directorate General for European Programmes, Coordination and Development