skip to main content
10.1145/3312614.3312649acmotherconferencesArticle/Chapter ViewAbstractPublication PagescoinsConference Proceedingsconference-collections
research-article

Securing Over-The-Air IoT Firmware Updates using Blockchain

Published: 05 May 2019 Publication History

Abstract

Over-the-air (OTA) firmware updates are very common in IoT (Internet of Things) devices with wireless capabilities. Although they are convenient, they may also be open to attack since physical access may not be needed. In addition, most frameworks use a centralized architecture to update a potentially large number of devices increasing the threat landscape. An alternative solution, that relies on a blockchain framework with smart contracts, is proposed in this paper to protect the integrity of the firmware update process. The proposed system is suitable for use in smart cities or scenarios with a large number of devices and service providers where nodes are authenticated, communications protected, and update conditions specified and enforced through smart contracts. A proof--of--concept system was implemented and tested using an open--source blockchain framework and a WiFi--capabable ESP8266--based board. The system was evaluated for scalability and response to denial of service (DoS) and man--in--the--middle (MitM) attacks. Preliminary experimental results show that the approach is feasible and a viable substitute for a centralized solution.

References

[1]
{n. d.}. Arduino-Home. https://www.arduino.cc/. Accessed: 2019-01-11.
[2]
{n. d.}. TIDC-BLE-TO-WIFI-IOT-GATEWAY Bluetooth to Wi--Fi IoT Gateway Referece Design | Ti.com. http://www.ti.com/tool/TIDC-BLE-TO-WIFI-IOT-GATEWAY. Accessed: 2019-01-11.
[3]
Carlos E. Andrade, Simon D. Byers, Vijay Gopalakrishnan, Emir Halepovic, Milap Majmundar, David J. Poole, Lien K. Tran, and Christopher T. Volinsky. 2017. Managing Massive Firmware-Over-The-Air Updates for Connected Cars in Cellular Networks. In Proceedings of the 2Nd ACM International Workshop on Smart, Autonomous, and Connected Vehicular Systems and Services (CarSys '17). ACM, New York, NY, USA, 65--72.
[4]
Mohamed Baza, Mahmoud Nabil, Noureddine Lasla, Kemal Fidan, Mohamed Mahmoud, and Mohamed Abdallah. 2018. Blockchain-based Firmware Update Scheme Tailored for Autonomous Vehicles. arXiv:arXiv:1811.05905 https://arxiv.org/pdf/1811.05905.pdf
[5]
Hans Chandra, Erwin Anggadjaja, Pranata Setya Wijaya, and Edy Gunawan. 2016. Internet of Things: Over-the-Air (OTA) firmware update in Lightweight mesh network protocol for smart urban development. In 2016 22nd Asia-Pacific Conference on Communications (APCC). 115--118.
[6]
Byung-Chui Choi, Seoung-Hyeon Lee, Jung-Chan Na, and Jong-Hyouk Lee. 2016. Secure firmware validation and update for consumer devices in home networking. IEEE Transactions on Consumer Electronics 62, 1 (February 2016), 39--44.
[7]
Giovani Gracioli and Antônio A. Fröhlich. 2008. An Operating System Infrastructure for Remote Code Update in Deeply Embedded Systems. In Proceedings of the 1st International Workshop on Hot Topics in Software Upgrades (HotSWUp '08). ACM, New York, NY, USA, Article 3, 5 pages.
[8]
Simona Ibba, Andrea Pinna, Matteo Seu, and Filippo Eros Pani. 2017. City-Sense: Blockchain-oriented Smart Cities. In Proceedings of the XP2017 Scientific Workshops (XP '17). ACM, New York, NY, USA, Article 12, 5 pages.
[9]
Jinsik Kim and Pai H. Chou. 2010. Energy-Efficient Progressive Remote Update for Flash-Based Firmware of Networked Embedded Systems. ACM Trans. Des. Autom. Electron. Syst. 16, 1, Article 7 (Nov. 2010), 26 pages.
[10]
Alexander Kuzmin. 2017. Blockchain-based structures for a secure and operate IoT. In 2017 Internet of Things Business Models, Users, and Networks. 1--7.
[11]
Lukas Kvarda, Pavel Hnyk, Lukas Vojtech, and M Neruda. 2017. Software Implementation of Secure Firmware Update in IoT Concept. Advances in Electrical and Electronic Engineering 15 (11 2017).
[12]
Boohyung Lee and Jong-Hyouk Lee. 2017. Blockchain-based Secure Firmware Update for Embedded Devices in an Internet of Things Environment. J. Supercomput. 73, 3 (March 2017), 1152--1167.
[13]
Jea-Min Lim, Youngpil Kim, and Chuck Yoo. 2018. ChainVeri: Blockchain-based Firmware Verification System for IoT environment. In 2018 IEEE International Conference on Blockchain (Blockchain-2018). 1050--1056.
[14]
Satoshi Nakamoto. 2008. Bitcoin: A peer-to-peer electronic cash system, http://bitcoin.org/bitcoin.pdf.
[15]
M. A. Prada-Delgado, A. Vázquez-Reyes, and I. Baturone. 2017. Trustworthy firmware update for Internet-of-Thing Devices using physical unclonable functions. In 2017 Global Internet of Things Summit (GIoTS). 1--5.
[16]
Chu Jay Tan, Junita Mohamad-Saleh, Khairu Anuar Mohamed Zain, and Zulfiqar Ali Abd. Aziz. 2017. Review on Firmware. In Proceedings of the International Conference on Imaging, Signal Processing and Communication (ICISPC 2017). ACM, New York, NY, USA, 186--190.
[17]
Xiwei Xu, Ingo Weber, Mark Staples, Liming Zhu, Jan Bosch, Len Bass, Cesare Pautasso, and Paul Rimba. 2017. A Taxonomy of Blockchain-Based Systems for Architecture Design. In 2017 IEEE International Conference on Software Architecture (ICSA). 243--252.
[18]
Alexander Yohan, Nai-Wei Lo, and Suttawee Achawapong. 2018. Blockchain-based Firmware Update Framework for Internet-of-Things Environment. In Proceedings of the 2018 International Conference on Information and Knowledge Engineering (IKE '18). 151--155. https://csce.ucmss.com/cr/books/2018/LFS/CSREA2018/IKE9004.pdf
[19]
Kazım Rıfat Özyılmaz and Arda Yurdakul. 2017. Work-in-progress: integrating low-power IoT devices to a blockchain-based infrastructure. In 2017 International Conference on Embedded Software (EMSOFT). 1--2.

Cited By

View all
  • (2024)A Comprehensive, Automated Security Analysis of the Uptane Automotive Over-the-Air Update FrameworkProceedings of the 27th International Symposium on Research in Attacks, Intrusions and Defenses10.1145/3678890.3678927(594-612)Online publication date: 30-Sep-2024
  • (2024)Maintenance Operations on Cloud, Edge, and IoT Environments: Taxonomy, Survey, and Research ChallengesACM Computing Surveys10.1145/365909756:10(1-38)Online publication date: 22-Jun-2024
  • (2024)A Lightweight and Chip-Level Reconfigurable Architecture for Next-Generation IoT End DevicesIEEE Transactions on Computers10.1109/TC.2023.334309473:3(747-763)Online publication date: Mar-2024
  • Show More Cited By

Index Terms

  1. Securing Over-The-Air IoT Firmware Updates using Blockchain

    Recommendations

    Comments

    Information & Contributors

    Information

    Published In

    cover image ACM Other conferences
    COINS '19: Proceedings of the International Conference on Omni-Layer Intelligent Systems
    May 2019
    241 pages
    ISBN:9781450366403
    DOI:10.1145/3312614
    Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

    Publisher

    Association for Computing Machinery

    New York, NY, United States

    Publication History

    Published: 05 May 2019

    Permissions

    Request permissions for this article.

    Check for updates

    Author Tags

    1. Firmware update
    2. Internet of Things
    3. blockchain
    4. network security

    Qualifiers

    • Research-article
    • Research
    • Refereed limited

    Conference

    COINS '19

    Contributors

    Other Metrics

    Bibliometrics & Citations

    Bibliometrics

    Article Metrics

    • Downloads (Last 12 months)69
    • Downloads (Last 6 weeks)4
    Reflects downloads up to 27 Jan 2025

    Other Metrics

    Citations

    Cited By

    View all
    • (2024)A Comprehensive, Automated Security Analysis of the Uptane Automotive Over-the-Air Update FrameworkProceedings of the 27th International Symposium on Research in Attacks, Intrusions and Defenses10.1145/3678890.3678927(594-612)Online publication date: 30-Sep-2024
    • (2024)Maintenance Operations on Cloud, Edge, and IoT Environments: Taxonomy, Survey, and Research ChallengesACM Computing Surveys10.1145/365909756:10(1-38)Online publication date: 22-Jun-2024
    • (2024)A Lightweight and Chip-Level Reconfigurable Architecture for Next-Generation IoT End DevicesIEEE Transactions on Computers10.1109/TC.2023.334309473:3(747-763)Online publication date: Mar-2024
    • (2024)Exploring the Potential of Blockchain Technology in an IoT-Enabled Environment: A ReviewIEEE Access10.1109/ACCESS.2024.336665612(31197-31227)Online publication date: 2024
    • (2024)Firmware-Based DoS Attacks in Wireless Sensor NetworkComputer Security. ESORICS 2023 International Workshops10.1007/978-3-031-54129-2_13(214-232)Online publication date: 12-Mar-2024
    • (2023)On-Cloud Linking Approach Using a Linkable Glue Layer for Metamorphic Edge DevicesElectronics10.3390/electronics1224490112:24(4901)Online publication date: 6-Dec-2023
    • (2023)Homomorphic Encryption Technique in Over the Air (OTA) update in ECUs2023 IEEE International Transportation Electrification Conference (ITEC-India)10.1109/ITEC-India59098.2023.10471410(1-6)Online publication date: 12-Dec-2023
    • (2023)Firmware Integrity Protection: A SurveyIEEE Access10.1109/ACCESS.2023.329883311(77952-77979)Online publication date: 2023
    • (2023)A Secure and Cost-Efficient Blockchain Facilitated IoT Software Update FrameworkIEEE Access10.1109/ACCESS.2023.327289911(44879-44894)Online publication date: 2023
    • (2023)Recent Reinforcement Learning and Blockchain Based Security Solutions for Internet of Things: SurveyWireless Personal Communications10.1007/s11277-023-10664-1132:2(1307-1345)Online publication date: 2-Aug-2023
    • Show More Cited By

    View Options

    Login options

    View options

    PDF

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    Figures

    Tables

    Media

    Share

    Share

    Share this Publication link

    Share on social media