IETF – A Firmware Update Architecture for Internet of Things Devices (Draft)

IETF - A Firmware Update Architecture for Internet of Things Devices

Organization: The Internet Engineering Task Force (IETF)

Reference: A Firmware Update Architecture for Internet of Things Devices (Draft)

Published on: 30 October 2017

Vulnerabilities with IoT devices have raised the need for a solid and secure firmware update mechanism that is also suitable for constrained devices. Incorporating such update mechanism to fix vulnerabilities, to update configuration settings as well as adding new functionality is recommended by security experts.

This document specifies requires and an architecture for a firmware update mechanism aimed for Internet of Things (IoT) devices. The architecture is agnostic to the transport of the firmware images and associated meta-data.

This version of the document assumes asymmetric cryptography and a public key infrastructure. Future versions may also describe a symmetric key approach for very constrained devices.

Previous articleGSMA – IoT Security Assessment
Next articleSmart Cities: better for whom? by Privacy International
I specialize in preventing and defeating the unthinkable – threats through which computers could turn people’s physical lives upside-down. From my start in law enforcement more than 25 years ago, I came to focus on emerging threats of cyber-kinetic attacks – cyberattacks on Internet of Things (IoT) and Industrial Control Systems (ICS) that threaten people’s physical well-being, lives or the environment. Now, as a Partner in PwC, I bring this expertise to businesses to help them defeat these often-overlooked – but potentially deadly – hazards.