BROWSE
Detail
Journal Article
Secure Firmware Validation and Update for Consumer Devices in Home Networking
Cited 53 time in 
Share 
Share
- Authors
- Byung-Chul Choi, Seoung-Hyeon Lee, Jung-Chan Na, Jong-Hyouk Lee
- Issue Date
- 2016-02
- Citation
- IEEE Transactions on Consumer Electronics, v.62, no.1, pp.39-44
- ISSN
- 0098-3063
- Publisher
- IEEE
- Language
- English
- Type
- Journal Article
- Abstract
- Embedded systems are more than ever present in consumer electronics devices such as home routers, personal computers, smartphones, smartcards, various sensors to name a few. Firmware, which is embedded software specifically designed for monitoring and control in resource constrained conditions, was not a major attack target. However, recent serious cyber attacks focus on firmware rather than application or operating system levels, because exploiting the firmware level offers stealth capabilities, e.g., anti-virus software and operating system cannot reveal such a firmware level exploit. A firmware validation that ensures firmware integrity is thus required to detect firmware tempering attacks. A remote firmware update is also required for consumer devices connected to the Internet. In this paper, a secure firmware validation and update scheme is introduced for consumer devices in a home networking environment. The proposed scheme utilizes an IDbased mutual authentication and key derivation to securely distribute a firmware image. A firmware fragmentation with hash chaining is also applied to guarantee authenticity of the fragmented firmware image. Security analysis results are presented while considerations are discussed.
- KSP Keywords
- Consumer devices, Cyber attacks, Embedded Software, Embedded system, Firmware update, Key Derivation, Monitoring and Control, Operating systems, Resource-constrained, Secure firmware, Update Scheme