Secure Update of IoT Devices over Low Data Rate Wireless Networks
Jürgen Fitschen is a systems engineer at SSV Software Systems GmbH, working on IoT solutions with the help of various wireless technologies. Currently, he is involved into a smart air-conditioning project which makes use of RIOT.
Over-the-air (OTA) updates are one of the key parts of a solid foundation for IoT applications and IoT security. It not just allows for fixing bugs and vulnerabilities during the product life cycle, but also enables the device vendor to enhance the application by adding new features or adjusting parameters.
Implementing OTA updates on constraint devices is challenging. The update system must ensure, that a) only updates from trusted parties are accepted, and b) partially executed updates do not leave the IoT device in a broken state. Furthermore, most IoT devices are connected using wireless networks with low data rates. Transmitting the whole application image for every IoT device individually wastes wireless airtime or may not even possible.
In this contribution, we showcase building blocks for optimized transmission of OTA updates. We utilize compression schemes for reducing the update’s redundancy and – if applicable – multi-cast transmissions for updating groups of IoT devices that are in proximity of each other.