Abstract
Embedded devices are going to be used extremely in Internet of Things (IoT) environments. The small and tiny IoT devices will operate and communicate each other without involvement of users, while their operations must be correct and protected against various attacks. In this paper, we focus on a secure firmware update issue, which is a fundamental security challenge for the embedded devices in an IoT environment. A new firmware update scheme that utilizes a blockchain technology is proposed to securely check a firmware version, validate the correctness of firmware, and download the latest firmware for the embedded devices. In the proposed scheme, an embedded device requests its firmware update to nodes in a blockchain network and gets a response to determine whether its firmware is up-to-date or not. If not latest, the embedded device downloads the latest firmware from a peer-to-peer firmware sharing network of the nodes. Even in the case that the version of the firmware is up-to-date, its integrity, i.e., correctness of firmware, is checked. The proposed scheme guarantees that the embedded device’s firmware is up-to-date while not tampered. Attacks targeting known vulnerabilities on firmware of embedded devices are thus mitigated.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Gartner (2014) Gartner says 4.9 billion connected things will be in use in 2015, Gartner Newsroom
Firmware—Wikipedia. https://en.wikipedia.org/wiki/Firmware
Choi B-C, Lee S-H, Na J-C, Lee J-H (2016) Secure firmware validation and update for consumer devices in home networking. IEEE Trans Consum Electron 62(1):39–44
Lee B, Malik S, Wi S, Lee J-H (2016) Firmware verification of embedded devices based on a blockchain. In: Proceedings of the Qshine 2016
Jurkovi G, Sruk V (May 2014) Remote firmware update for constrained embedded systems. In: Proceedings of the MIPRO 2014
Nakamoto S (2009) Bitcoin: a peer-to-peer electronic cash system
Blockchain Bitcoin Wiki. https://en.bitcoin.it/wiki/Block_chain
Hu Y, Perrig A, Johnson DB (2003) Efficient security mechanisms for routing protocols. In: Proc. NDSS03
Badev A, Chen M (2013) Bitcoin: technical background and data analysis. Federal Reserve Board
Bider D, Baushke M (2012) SHA-2 data integrity for the secure shell (SSH) transport layer protocol. IETF RFC 6668
Cohen B (2003) Incentives build robustness in bitorrent. In: Proceedings of the 1st Workshop on Economics of Peer-to-Peer Systems
Wiki Theory—Bittorrent Protocol Specification v1.0. https://wiki.theory.org/BitTorrentSpecification
Antonopoulos, Andreas M (2014) Mastering Bitcoin: unlocking digital crypto-currencies. OReilly Media
Alouneh S, Bsoul H, Kharbutli M (2016) A software tool to protect executable files from buffer overflow attacks. Int J Internet Technol Secur Trans 6(2):133–166
Ahamad S, Al-Shourbaji I, Al-Janabi S (2016) A secure NFC mobile payment protocol based on biometrics with formal verification. Int J Internet Technol Secur Trans 6(2):103–132
Author information
Authors and Affiliations
Corresponding author
Additional information
This work was supported by Basic Science Research Program through the National Research Foundation of Korea (NRF) funded by the Ministry of Science, ICT and Future Planning (NRF-2014R1A1A1006770).
Rights and permissions
About this article
Cite this article
Lee, B., Lee, JH. Blockchain-based secure firmware update for embedded devices in an Internet of Things environment. J Supercomput 73, 1152–1167 (2017). https://doi.org/10.1007/s11227-016-1870-0
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11227-016-1870-0