Efforts for More Secure IoT Continue

A new recommendation from security experts calls for a standard update mechanism in connected devices to ensure widespread, secure distribution of new firmware. The proposal, which is in the draft stage, is meant to become a guiding set of rules for manufacturers to follow during the design and development of their products.

The initiative comes from three ARM employees who submitted their work to the Internet Engineering Task Force (IETF), an activity of the Internet Society non-profit group with a mission to provide internet-related standards, education and policy. It considers the larger picture of the unregulated IoT industry where functionality is often manufacturers’ sole ambition.

The abstract of the document states that the suggestions in this version of the paper target IoT projects with hardware capable of asymmetric cryptography and that rely on public key infrastructure. Smart products run on more limited resources may be covered in future forms of the document that describe symmetric cryptography, an approach demanding less powerful hardware.

According to the proposal, the update mechanism should be universal and support multiple delivery methods, “including USB, UART, WiFi, BLE, low-power WAN technologies, etc., and use different protocol mechanisms (e.g., CoAP, HTTP).” The method should also be able to supply the firmware even to endpoints it does not apply to, without running the risk of code being accepted by the wrong product.

The draft also refers to establishing a system that lets the device validate code it receives as a legitimate release from the vendor. The system may encrypt the firmware, although the document does not specify that this type of protection is compulsory. Also, the proposed method should offer resistance to rollback attacks to prevent attackers from reinstating an older, insecure version of the firmware that is easier to exploit.

The draft, titled A Firmware Update Architecture for Internet of Things Devices, expires next year, on May 3, and is purely informational. If it reaches a final stage, the document could serve as a stepping stone for future action, from both the IoT manufacturers and lawmakers, to define an environment for designing secure products.

Another initiative around firmware updates in IoT products comes from the US Commerce Department, through its National Telecommunications and Information Administration (NTIA). It is a public process still in draft form that involves public and private sector stakeholders looking to create guidelines for manufacturers to share with consumers details about a smart gadget’s firmware update capabilities; including support period, integrity of delivery and notifications when a new release becomes available.

The actions from IETF and NTIA do not force vendors to adopt the proposals, but they can educate users to choose one smart device over another, based on their security features. A product with markings on its package showing conformity with security standards is likely more appealing than a counterpart that has not earned the stamp of approval.

Image credit: Pixabay/konstantinzvor