Projects per year
Abstract
Internet of Things (IoT) firmware upgrade has turned out to be a challenging task with respect to security. While Over-The-Air (OTA) software upgrade possibility is an essential feature to achieve security, it is also most sensitive to attacks and lots of different firmware upgrade attacks have been presented in the literature. Several security solutions exist to tackle these problems. We observe though that most prior art solutions are public key-based, they are not flexible with respect to firmware image distribution principles and it is challenging to make a design with good Denial-Of-Service (DoS) attacks resistance. Apart from often being rather resource demanding, a limitation with current public key-based solutions is that they are not quantum computer resistant. Hence, in this paper, we take a new look into the firmware upgrade problem and propose RoSym, a secure, firmware distribution principle agnostic, and DoS protected upgrade mechanism purely based on symmetric cryptography. We present an experimental evaluation on a real testbed environment for the scheme. The results show that the scheme is efficient in comparison to other state of the art solutions. We also make a formal security verification of RoSym showing that it is robust against different attacks.
Original language | English |
---|---|
Title of host publication | Proceedings of the 4th Workshop on CPS and IoT Security and Privacy |
Subtitle of host publication | CPSIoTSec 2022 |
Publisher | Association for Computing Machinery (ACM) |
Pages | 35-46 |
ISBN (Print) | 978-1-4503-9876-3 |
DOIs | |
Publication status | Published - 2022 Nov 7 |
Event | 4th Workshop on CPS and IoT Security and Privacy, CPSIoTSec 2022 - Los Angeles, United States Duration: 2022 Nov 7 → 2022 Nov 11 |
Workshop
Workshop | 4th Workshop on CPS and IoT Security and Privacy, CPSIoTSec 2022 |
---|---|
Country/Territory | United States |
City | Los Angeles |
Period | 2022/11/07 → 2022/11/11 |
Subject classification (UKÄ)
- Computer Science
- Computer Systems
Free keywords
- Over-The-Air
- IoT
- Secure code dissemination
- Protected software upgrade
Fingerprint
Dive into the research topics of 'RoSym: Robust Symmetric Key Based IoT Software Upgrade Over-the-Air'. Together they form a unique fingerprint.Projects
- 1 Active
-
Sec4Factory: Cyber Security for Next Generation Factory (SEC4FACTORY)
Gehrmann, C. (PI), Kihl, M. (CoPI), Hell, M. (CoI), Fitzgerald, E. (Researcher), Toorani, M. (Researcher), Fitzgerald, E. (Researcher), Tärneberg, W. (Researcher) & Akbarian, F. (Researcher)
Swedish Foundation for Strategic Research, SSF
2018/04/01 → 2024/12/31
Project: Research