상세정보
학술지
Secure Firmware Validation and Update for Consumer Devices in Home Networking
- 발행일
- 201602
- 출처
- IEEE Transactions on Consumer Electronics, v.62 no.1, pp.39-44
- ISSN
- 0098-3063
- 출판사
- IEEE
- 협약과제
- 16MH1300, 사이버·물리시스템에서의 물리적 단방향 보안 게이트웨이 개발, 나중찬
- 초록
- Embedded systems are more than ever present in consumer electronics devices such as home routers, personal computers, smartphones, smartcards, various sensors to name a few. Firmware, which is embedded software specifically designed for monitoring and control in resource constrained conditions, was not a major attack target. However, recent serious cyber attacks focus on firmware rather than application or operating system levels, because exploiting the firmware level offers stealth capabilities, e.g., anti-virus software and operating system cannot reveal such a firmware level exploit. A firmware validation that ensures firmware integrity is thus required to detect firmware tempering attacks. A remote firmware update is also required for consumer devices connected to the Internet. In this paper, a secure firmware validation and update scheme is introduced for consumer devices in a home networking environment. The proposed scheme utilizes an IDbased mutual authentication and key derivation to securely distribute a firmware image. A firmware fragmentation with hash chaining is also applied to guarantee authenticity of the fragmented firmware image. Security analysis results are presented while considerations are discussed.
- KSP 제안 키워드
- Consumer devices, Cyber attacks, Embedded Software, Embedded system, Firmware update, Key Derivation, Monitoring and Control, Resource-constrained, Secure firmware, Update Scheme, anti-virus