Secure over-the-air firmware updates of IoT devices

Wednesday 9 October, 12h00-19h00
@ imec – Leuven

Secure over-the-air updates in a massive and distributed deployment of IoT devices can be a truly challenging task. This is especially so when we are faced with one or more of the following aspects: heterogeneous devices, unreliable wireless connections, long operating lifetimes, battery powered devices,…

In this workshop we will address recent technology innovations to achieve secure and scalable over-the-air firmware updates of low power IoT devices that are operated in challenging and dynamic environments.

Speakers from both academia and industry will zoom in on the possibilities of their innovations for applications such as smart water metering, railway systems, and many others.

The workshop includes presentations and (live) demos, and is accessible to all enthusiasts in wireless technology. Topics include a.o.

  • wireless technologies (LoRaWAN, NB-IoT) for remote updates
  • scalable approaches for massive remote updates
  • dealing with unreliable wireless connectivity
  • security aspects
  • applications in industry and beyond

FINAL PROGRAMME

12h00 Registration & sandwich lunch
13h00 Introduction
Kris Hermus, Coordinator Wireless Community & Innovation Program Manager Flanders, imec
13h20 How to implement a reliable and secure update flow for embedded IoT systems in railway with an unreliable wireless connection
Steven Lauwereins (Research Lead) and Piet Cordemans (R&D Software Engineer), Televic GSP

In a world where all software needs to be maintained for cybersecurity reasons, also software installed on devices with intermittent or even no connectivity have to be updatable in a reliable way. Moreover, in industries such as railway, many devices are kept as spare parts for years. These devices need to be made secure at first booth regardless of the years they lay in a customer warehouse. This talk will explain Televic GSPs approach to such challenging update requirements.

13h40 Secure over-the-air firmware update framework for a vast network of battery-operated smart water meters in inaccessible locations
Jan Van Cappellen, COO, Hydroko
  • short intro to Hydroko and HydroKonekt
  • how to manage a firmware update of a very large number of devices 
  • in-house developed software simulator for massive firmware updates 
  • security aspects
13h55 Managed firmware updates over NB-IoT on high lifetime battery powered IOT-devices
Bram Baert, Development engineer electronic design, Quicksand
  • short intro to NB-IoT
  • dealing with sub-optimal coverage of devices
  • data rate, latency, duration, energy consumption
  • encryption & signature
14h10 Adaptive In-situ Power Monitoring & Profiling of Cellular IoT Devices
Brendan Mackenzie, doctoral researcher, KU Leuven – DistriNet

This talk addresses the problem that cellular IoT network reliability continuously fluctuates throughout the lifetime of an IoT device, resulting in variable energy costs per data transmission (particularly if retransmissions are needed). This can be exacerbated by unpredictable losses of connectivity and their associated power-hungry network rejoins. Since these reliability fluctuations have massive consequences in terms of total energy consumption, it is very difficult to predict the IoT device’s battery-lifetime and uphold long lifetime guarantees (cf. talks by Quicksand and Hydroko).
The presented solution offers a tiny but accurate power monitor (miniMaP) that runs locally on the IoT device and maintains a live energy profile throughout the device’s lifetime, while adding neglectable overhead.
Such an energy profile can be exploited by the IoT operating system to schedule IoT operations with energy consumption in mind (e.g. collect sensor data, transmit data, download large firmware images), adapt wake-up strategies, or tailor communication settings.

14h25 Secure localisation based device commissioning
Sayon Duttagupta, Researcher, KU Leuven – COSIC

Initialising new IoT devices into the network is a tedious process – most of these devices run on small embedded platforms and lack the usual I/O interfaces present, and often rely on external hardware and equipment for configuration. This makes it a manual process, and incurs significant costs when scaled up. And more often than not, to account for scalability or cheap initialisation, security gets neglected. In our work, we have designed a solution for this commissioning problem for indoor environments which does not require significant human involvement. We show that it is possible to effortlessly and securely commission new devices into an existing network, using the signal strengths of the devices already present inside. We will show a short demonstrator of our solution in which we simulate an indoor environment, and demonstrate how we can securely initialise a legitimate device into the network. We do this, all without using any additional sophisticated devices, and thus only relying on commercially available devices.

14h40 COFFEE BREAK
15h10 GUIDED DEMO TOUR
 
  • Demo 1 – Televic GSP:
    reliable and secure update flow for embedded IoT systems in railway
  • Demo 2 – Hydroko & Quicksand:
    remote firmware update over NB-IoT of smart water meters
  • Demo 3 – KU Leuven – DistriNet – Gent:
    observe how hackers can exploit vulnerabilities discovered in the Eufy smart doorbell ecosystem to infiltrate a home network in a demo session
  • Demo 4 – KU Leuven – DistriNet – Leuven:
    a Nordic Semiconductor nRF9160 using the miniMaP scheme to provide in-situ power/energy consumption statistics for each thread running on the device along with the asynchronous activity of the cellular modem. These statistics will be streamed over UART to a connected laptop for viewing
  • Demo 5 – VUB-ETRO & KU Leuven – COSIC:
    drone setup for FPGA use case (demo of battery-powered lift-off) & microcontroller boards with TEE (trusted execution environments)
  • Demo 6 – VUB-ETRO & KU Leuven-DistriNet:
    secure programmability of IoT with Rust
16h00 LoRaWAN firmware updates over-the-air
Lode Van Halewyck, Senior technical consultant, Actility

An introduction to secure Firmware Updates Over-The-Air (FUOTA) over LoRaWAN, covering the following topics:

  • An update on LoRaWAN and the evolution of the specifications
  • FUOTA over LoRaWAN:
    • Challenges and corresponding standardized solution
    • FUOTA implementation incl. campaign management
    • Reference solutions in different vertical markets
16h15 Benchmarking and comparison of security analysis tools
Jorn Lapon, Research Manager, KU Leuven – DistriNet Gent

In this talk, we present our research on “Benchmarking and Comparison of Security Analysis Tools” for IoT firmware. The growing integration of firmware analysis tools in the development pipelines of IoT manufacturers underscores the need to identify security vulnerabilities in embedded devices before they reach the market. Our study introduces B4IoT, a Linux-based platform that generates customized firmware benchmarks to evaluate static and dynamic security analysis tools. Through the evaluation of five state-of-the-art open-source tools, our findings highlight the gaps in current analysis capabilities, particularly in detecting issues related to specific protocols like MQTT and CoAP. This research aims to guide IoT developers in selecting and combining security tools to ensure comprehensive vulnerability detection in their devices.

16h30 Hardware assisted security on microcontrollers and RISC-V-based SOC attestation
An Braeken, Professor, VUB-ETRO and Jo Vliegen, Research Expert, KU Leuven – COSIC

Recently, manufacturers started to integrate more and more hardware assisted security mechanisms to counter the various attacks on IoT devices. In this presentation, we will discuss two concrete examples in which the exploitation of different types of hardware security on different types of devices is exploited. The first example deals with low-power microcontrollers having Trustzone on board, which ensures physical separation of secure and non-secure code. We discuss the challenges, layout, and performance of our open-source framework developed for Trustzone-assisted devices. The second example illustrates how publicly available implementations of the RISC-V architecture can be downloaded, tailored and implemented to meet processing requirements. Additionally, by implementing these implementations on FPGA, a scalable and completed device-attestation can be achieved.

16h45 Over-the-air upgrades in industrial IoT solutions — lessons learned
Nico Janssens, CTO, Rombit

Over-the-air (OTA) upgrades play an important role to ensure both the cost-effective operation and lifecycle of industrial internet-of-things (IIoT) solutions. Despite its importance, integrating OTA support typically introduces considerable complexities — impacting critical non-functional requirements like security, reliability, availability, and cost-effectiveness. In this talk, we discuss Rombit’s implementation of OTA support across its entire product range, shedding light on obstacles encountered and lessons learned.

17h00 Plenary Q&A session
17h15 Networking reception
19h00 End of the workshop


REGISTRATION (last seats – almost fully booked)

Registration-fees:

  • Imec employees and residents: free of charge
  • Employees of Wireless Community members: free of charge
  • Others:
    • 100 EUR (excl VAT) early bird until October 2
    • 120 EUR (excl VAT) late registration from October 3

Please fill in your details in this Event Registration Form below and you will be automatically registered.
A few days prior to the event you will receive a confirmation email with all practical details.

Please contact us at wireless-community@imec.be