IEEE Access (Jan 2020)
Blockchain-Based Distributed Firmware Update Architecture for IoT Devices
Abstract
The Internet of Things (IoT) which creates a hyper-connected society is playing a major role in the 4th industrial revolution. The IoT is being leveraged across various fields of business globally and the number of IoT devices is causing serious security concerns. Since the firmware update of an IoT device is necessary for its lifecycle, secure firmware update of the IoT device is being brought as the first step in IoT security. The Internet Engineering Task Force (IETF) Software Updates for Internet of Things (SUIT) working group has started to specify a software update architecture for IoT devices. However, the current SUIT working group adopts a traditional client-server model to distribute firmware images, which potentially causes security risks. The current approach of the SUIT working group is unable to solve a targeting issue and an author-disappearing issue, which is suggested in this paper. Therefore, in this work, we introduce a distributed firmware update architecture based on the SUIT firmware update architecture applying blockchain. Our update architecture can prevent the issues we concern through the characteristics of blockchain, such as decentralization, transparency, and irreversibility. The blockchain network has registration nodes that process registration of manifest and firmware image files from authors, and retrieval nodes that process downloading manifest and firmware image files. The firmware image files are stored in a distributed file system and the hash values of firmware image chunks are stored on the blockchain with manifest files. The proposed architecture in this paper enables the irreversible downloads even in the author-disappearing state and tolerant to a single point of failure.
Keywords