Authors: Tarun Chand, Michael Jurczyk

Abstract:

With the increasing need and popularity of IoT devices and how integrated they are becoming in our daily lives and industries; these devices make for a very lucrative target for malicious actors. And since these devices have such limited resources, the implementation of robust security features is a tradeoff to be made for the actual functionality the device was intended for. This makes them an easy target with high returns. Several frameworks for the secure firmware update of these devices have been recently proposed in the literature. They focus on methods such as blockchains and distributed file systems to secure firmware updates, but do not go into the details of the actual implementation of these frameworks and the lower-level interactions among these methods used. This work integrates some of these security measures into one overall framework and details the actual lower-level implementation of this framework in a virtual dockerized testbed running on AWS.

Keywords: Blockchain, Ethereum, Geth, IPFS, secure IoT-firmware update, virtual testbed development

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 69

References:

[1] M. A. Uddin, A. Stranieri, I. Gondal, and V. Balasubramanian, “A survey on the adoption of blockchain in IoT: Challenges and solutions,” Blockchain: Research and Applications, p. 100006, June 2021.
[2] M. Antwi, A. Adnane, F. Ahmad, R. Hussain, M. H. Rehman, and C. A. Kerrache, “The case of hyperledger fabric as a blockchain so- lution for healthcare applications,” Blockchain: Research and Applications, p. 100012, March 2021.
[3] W.-J. Tsaur, J.-C. Chang, and C.-L. Chen, “A highly secure IoT firmware update mechanism using blockchain,” Sensors, p. 530, 2022.
[4] R. Bielawski, R. Gaynier, D. Ma, S. Lauzon, and A. Weimerskirch, „Cybersecurity of Firmware Updates (Report No. DOT HS 812 807),” National Highway Traffic Safety Administration, Oct. 2020.
[5] X. He, S. Alqahtani, R. Gamble and M. Papa, “Securing Over-The-Air IoT Firmware Updates using Blockchain,” Proceedings of the International Conference on Omni-Layer Intelligent Systems (COINS’19), Crete, Greece, pp. 164-171, 2019.
[6] N. S. Mtetwa, N. Sibeko, P. Tarwireyi and A. M. Abu-Mahfouz, "OTA Firmware Updates for LoRaWAN Using Blockchain," 2020 2nd International Multidisciplinary Information Technology and Engineering Conference (IMITEC), pp. 1-8, 2020.
[7] J. Clemens, R. Pal, and B. Sherrell, “Runtime state verification on resource-constrained platforms,” MILCOM 2018 IEEE Military Communications Conference (MILCOM), pp. 1–6, 2018
[8] Hyperledger Fabric: https://www.hyperledger.org/
[9] S. Nakamoto, “Bitcoin: A peer-to-peer electronic cash system,” Decentralized business review, p. 21260 , 2008
[10] V. Buterin, “A next-generation smart contract and decentralized application platform,” White Paper, 2014
[11] Ethereum - Geth Documentation: https://geth.ethereum.org/docs/
[12] IPFS Official Website: https://www.ipfs.com/
[13] Storj Official Website: https://www.storj.io/
[14] Sia Official Website: https://sia.tech/