Industrial Internet of Things (IIoT) systems require robust mechanisms for secure firmware updates. Existing approaches are often inadequate due to vendor fragmentation, network limitations, and the safety-critical nature of many IIoT applications. In this article, we address these challenges by extending the IETF SUIT (Software Updates for Internet of Things) framework to enhance the security and assurance of firmware updates. Our contributions include the integration of Software Bill of Materials (SBOM) mechanisms and a Behavioral Certification Manifest into the SUIT architecture to increase transparency and provide formal guarantees about the content of the update. The approach is validated by a prototype implementation that demonstrates its feasibility and scalability using real-world benchmarks.
Firmware Secure Updates meet Formal Verification / Tacchella, Alberto; Beozzo, Emanuele; Crispo, Bruno; Roveri, Marco. - In: ACM TRANSACTIONS ON CYBER-PHYSICAL SYSTEMS. - ISSN 2378-962X. - 10:1(2026), pp. 1-26. [10.1145/3754455]
Firmware Secure Updates meet Formal Verification
Alberto Tacchella
;Emanuele Beozzo;Bruno Crispo;Marco Roveri
2026-01-01
Abstract
Industrial Internet of Things (IIoT) systems require robust mechanisms for secure firmware updates. Existing approaches are often inadequate due to vendor fragmentation, network limitations, and the safety-critical nature of many IIoT applications. In this article, we address these challenges by extending the IETF SUIT (Software Updates for Internet of Things) framework to enhance the security and assurance of firmware updates. Our contributions include the integration of Software Bill of Materials (SBOM) mechanisms and a Behavioral Certification Manifest into the SUIT architecture to increase transparency and provide formal guarantees about the content of the update. The approach is validated by a prototype implementation that demonstrates its feasibility and scalability using real-world benchmarks.| File | Dimensione | Formato | |
|---|---|---|---|
|
secure_update.pdf
Solo gestori archivio
Tipologia:
Post-print referato (Refereed author’s manuscript)
Licenza:
Tutti i diritti riservati (All rights reserved)
Dimensione
864.8 kB
Formato
Adobe PDF
|
864.8 kB | Adobe PDF | Visualizza/Apri |
|
3754455.pdf
accesso aperto
Descrizione: > 10 MB
Tipologia:
Versione editoriale (Publisher’s layout)
Licenza:
Creative commons
Dimensione
12.22 MB
Formato
Adobe PDF
|
12.22 MB | Adobe PDF | Visualizza/Apri |
|
3754455_compressed.pdf
accesso aperto
Descrizione: < 10 MB
Tipologia:
Versione editoriale (Publisher’s layout)
Licenza:
Creative commons
Dimensione
1.19 MB
Formato
Adobe PDF
|
1.19 MB | Adobe PDF | Visualizza/Apri |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione
