IRIS

Current firmware update workflows are geared towards ensuring integrity and confidentiality in the face of untrusted servers mediating the communication process. However, they cannot ensure that the update’s content preserves deployment-specific security properties, potentially allowing vulnerabilities or malicious code if third-party components compromise or alter the firmware. There is also no guarantee that the new firmware retains the old one’s security properties, a crucial requirement in safety-critical environments. We propose an enhancement of the SUIT standard which ensures that software updates preserve a formally-specified set of behavioral properties in the affected components. We demonstrate the feasibility of the proposed workflow in some realistic use cases.

Certified Secure Updates for IoT Devices / Tacchella, Alberto; Beozzo, Emanuele; Crispo, Bruno; Roveri, Marco. - 745:(2025), pp. 151-165. ( 40th IFIP International Conference on ICT Systems Security and Privacy Protection, SEC 2025 Maribor 2025) [10.1007/978-3-031-92882-6_11].

Certified Secure Updates for IoT Devices

Alberto Tacchella
;Emanuele Beozzo;Bruno Crispo;Marco Roveri
2025-01-01

Abstract

Current firmware update workflows are geared towards ensuring integrity and confidentiality in the face of untrusted servers mediating the communication process. However, they cannot ensure that the update’s content preserves deployment-specific security properties, potentially allowing vulnerabilities or malicious code if third-party components compromise or alter the firmware. There is also no guarantee that the new firmware retains the old one’s security properties, a crucial requirement in safety-critical environments. We propose an enhancement of the SUIT standard which ensures that software updates preserve a formally-specified set of behavioral properties in the affected components. We demonstrate the feasibility of the proposed workflow in some realistic use cases.
2025
IFIP Advances in Information and Communication Technology
Cham
Springer Science and Business Media Deutschland GmbH
9783031928819
9783031928826
2-s2.0-105005933923
WOS:001544582700011
Tacchella, Alberto; Beozzo, Emanuele; Crispo, Bruno; Roveri, Marco
Certified Secure Updates for IoT Devices / Tacchella, Alberto; Beozzo, Emanuele; Crispo, Bruno; Roveri, Marco. - 745:(2025), pp. 151-165. ( 40th IFIP International Conference on ICT Systems Security and Privacy Protection, SEC 2025 Maribor 2025) [10.1007/978-3-031-92882-6_11].
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11572/459070
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 0
  • ???jsp.display-item.citation.isi??? 0
  • OpenAlex ND
social impact