Recommendations for IoT Firmware Update Processes: Addressing complexities in a vast ecosystem of connected devices

By Sabri Khemissa, IT-OT-Cloud Cybersecurity Strategist,Thales

Traditionally, updating software for IT assets involves three stages: analysis, staging, and distribution of the update—a process that usually occurs during off-hours for the business. Typically, these updates apply cryptographic controls (digital signatures) to safeguard the integrity and authenticity of the software. However, the Internet of Things (IoT), with its vast ecosystem of connected devices deployed in many environments, introduces a host of complexities that drive the need for process re-engineering.

Developers, for instance, cannot ignore the fact that their IoT is integrating into a complex system and must consider how it can be securely updated while still co-existing with other products. Implementers, meanwhile, must take into account the entire (and complex) system, including the specific constraints of each IoT component.

Complicating matters further, there are many variations in the IoT systems that require software and firmware updates. For example, some IoT systems are often on the move and require relatively large downloads—such as connected vehicles. Other IoT systems, like smart home and building devices, are more static. Regardless, the factors associated with network saturation during downloads to hundreds or even thousands of devices must be considered. Equally important is the impact of failed firmware updates on consumers.

Mitigating Attacks with IoT Firmware Update Guidelines

To assist enterprises in navigating myriad complexities, CSA’s IoT Working Group compiled a set of key recommendations for establishing a secure and scalable IoT update process. Our latest report, “Recommendations for IoT Firmware Update Processes,” offers 10 guidelines for IoT firmware and software updates that can be fully or partially integrated. Each suggestion can be adapted and designed for custom firmware updates that recognize unique constraints, dependencies and risks associated with IoT products, and the complex systems they involve. These recommendations target not only developers and implementers, but also vendors who must design solutions with security in mind.

It's our hope that in addressing this process, attack vectors that can be exploited by hackers are mitigated. You can read the full report to get a deeper sense of the challenges involved and for a set of best practices to overcome them.