K. SudeendraKumar, S. Sahoo, K. Kiran, Ayass Kant Swain, K. Mahapatra
{"title":"A Novel Holistic Security Framework for In-Field Firmware Updates","authors":"K. SudeendraKumar, S. Sahoo, K. Kiran, Ayass Kant Swain, K. Mahapatra","doi":"10.1109/ises.2018.00063","DOIUrl":null,"url":null,"abstract":"The software/firmware running on the electronic devices is regularly updated. In IoT devices, the updates are performed Over the Air (OTA) through internet. In the absence of proper security measures, OTA update feature can be misused. The security threats like firmware reverse engineering, loading unauthorized firmware and loading authorized firmware on unauthorized nodes will lead to misuse of intellectual property, product cloning and denial of service attack. In this paper, we propose a security framework the microcontroller/SoC devices can incorporate for secure in-field OTA firmware update process. The proposed holistic solution support JTAG security, protecting IP rights of original device manufacturer (ODM) and secure OTA update. The security framework is designed using suitable cryptographic algorithms and protocol measures to address all the security threats connected with OTA firmware/software update which is not addressed in the past techniques.","PeriodicalId":447663,"journal":{"name":"2018 IEEE International Symposium on Smart Electronic Systems (iSES) (Formerly iNiS)","volume":"31 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 IEEE International Symposium on Smart Electronic Systems (iSES) (Formerly iNiS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ises.2018.00063","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 4
Abstract
The software/firmware running on the electronic devices is regularly updated. In IoT devices, the updates are performed Over the Air (OTA) through internet. In the absence of proper security measures, OTA update feature can be misused. The security threats like firmware reverse engineering, loading unauthorized firmware and loading authorized firmware on unauthorized nodes will lead to misuse of intellectual property, product cloning and denial of service attack. In this paper, we propose a security framework the microcontroller/SoC devices can incorporate for secure in-field OTA firmware update process. The proposed holistic solution support JTAG security, protecting IP rights of original device manufacturer (ODM) and secure OTA update. The security framework is designed using suitable cryptographic algorithms and protocol measures to address all the security threats connected with OTA firmware/software update which is not addressed in the past techniques.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
