Firmware refers to device read-only resident code which includes microcode
and macro-instruction -level routines. For Internet-of-Things (IoT) devices
without an operating system, firmware includes all the necessary instructions
on how such embedded systems operate and communicate. Thus, firmware updates
are an essential part of device functionality. They provide the ability to
patch vulnerabilities, address operational issues, and improve device
reliability and performance during the lifetime of the system. This process,
however, is often exploited by attackers in order to inject malicious firmware
code into the embedded device. In this paper, we present a framework for secure
firmware updates on embedded systems. The approach is based on hardware
primitives and cryptographic modules, and it can be deployed in environments
where communication channels might be insecure. The implementation of the
framework is flexible as it can be adapted in regards to the IoT device’s
available hardware resources and constraints. Our security analysis shows that
our framework is resilient to a variety of attack vectors. The experimental
setup demonstrates the feasibility of the approach. By implementing a variety
of test cases on FPGA, we demonstrate the adaptability and performance of the
framework. Experiments indicate that the update procedure for a 1183kB firmware
image could be achieved, in a secure manner, under 1.73 seconds.

By admin