We are on the brink of a new era, the Internet of Things. Security threats will rise with an increasing number of devices, since typical sensor nodes refrain from resource intense, seasoned security measures. Hence, we have to assume that sensor nodes will receive software updates more frequently. Particularly IP providers in the emerging market of specialized software will want their software protected during an update process. We propose a novel protocol by integrating different trust establishing techniques, to allow secure software updates on nodes already infected with malware. In short, a device has to prove the erasure of its memory within a time constraint and a physically unclonable function binds the newly downloaded software IP to the target platform. We surveyed several commercial smart home systems and analysed the security of our protocol. Compared to existing solutions, our protocol offers stronger IP protection under a more powerful attacker model, while the implementation costs are comparable to those of the existing protocols.