This paper explores software updates for Internet of Things (IoT) and Edge devices, focusing on the concept of device ownership. Our analysis of existing solutions reveals that, although asymmetric cryptography addresses the basic security and authenticity challenges of updates, it lacks flexibility in supporting a wide range of conditions or protocols, such as those needed for owner delegation and revocation of update privileges. As a potential solution, we propose the use of smart contracts on blockchain technology to articulate control policies, utilizing the blockchain’s decentralization, security, and Turing-complete expressiveness for managing firmware updates. Additionally, we investigate how IoT devices with limited resources can interact with the blockchain, initially through a gateway model deployed on an ESP32 architecture, and subsequently via a direct connection by proposing a light consensus node for more capable architectures like the ARM Cortex-A72. Our findings suggest that smart contracts offer a viable and innovative method for firmware update control, presenting new opportunities for secure, efficient, and adaptable device management in IoT and Edge computing environments.
Decentralized Updates of IoT and Edge Devices
Bruschi, Francesco;Sciuto, Donatella
2024-01-01
Abstract
This paper explores software updates for Internet of Things (IoT) and Edge devices, focusing on the concept of device ownership. Our analysis of existing solutions reveals that, although asymmetric cryptography addresses the basic security and authenticity challenges of updates, it lacks flexibility in supporting a wide range of conditions or protocols, such as those needed for owner delegation and revocation of update privileges. As a potential solution, we propose the use of smart contracts on blockchain technology to articulate control policies, utilizing the blockchain’s decentralization, security, and Turing-complete expressiveness for managing firmware updates. Additionally, we investigate how IoT devices with limited resources can interact with the blockchain, initially through a gateway model deployed on an ESP32 architecture, and subsequently via a direct connection by proposing a light consensus node for more capable architectures like the ARM Cortex-A72. Our findings suggest that smart contracts offer a viable and innovative method for firmware update control, presenting new opportunities for secure, efficient, and adaptable device management in IoT and Edge computing environments.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
