A Modular End-to-End Framework for Secure Firmware Updates on Embedded Systems
Name:
SecureFirmwareUpdatesJournal.pdf
Size:
6.196Mb
Format:
PDF
Description:
Accepted manuscript
Type
ArticleKAUST Department
Computer, Electrical and Mathematical Science and Engineering (CEMSE) DivisionElectrical and Computer Engineering Program
Resilient Computing and Cybersecurity Center
Date
2021-09-29Online Publication Date
2021-09-29Print Publication Date
2022-01-31Permanent link to this record
http://hdl.handle.net/10754/672041
Metadata
Show full item recordAbstract
Firmware refers to device read-only resident code which includes microcode and macro-instruction-level routines. For Internet-of-Things (IoT) devices without an operating system, firmware includes all the necessary instructions on how such embedded systems operate and communicate. Thus, firmware updates are essential parts of device functionality. They provide the ability to patch vulnerabilities, address operational issues, and improve device reliability and performance during the lifetime of the system. This process, however, is often exploited by attackers in order to inject malicious firmware code into the embedded device. In this article, we present a framework for secure firmware updates on embedded systems. This approach is based on hardware primitives and cryptographic modules, and it can be deployed in environments where communication channels might be insecure. The implementation of the framework is flexible, as it can be adapted in regards to the IoT device’s available hardware resources and constraints. Our security analysis shows that our framework is resilient to a variety of attack vectors. The experimental setup demonstrates the feasibility of the approach. By implementing a variety of test cases on FPGA, we demonstrate the adaptability and performance of the framework. Experiments indicate that the update procedure for a 1183-kB firmware image could be achieved, in a secure manner, under 1.73 seconds.Citation
Falas, S., Konstantinou, C., & Michael, M. K. (2022). A Modular End-to-End Framework for Secure Firmware Updates on Embedded Systems. ACM Journal on Emerging Technologies in Computing Systems, 18(1), 1–19. doi:10.1145/3460234Sponsors
EU Horizon 2020 research and innovation programme Government of the Republic of Cyprus through the Directorate General for European Programmes, Coordination and DevelopmentDOI
10.1145/3460234arXiv
2007.09071Additional Links
https://dl.acm.org/doi/10.1145/3460234ae974a485f413a2113503eed53cd6c53
10.1145/3460234