A Secure Boot and Over-the-Air Firmware Update Framework for Resource-Constrained Embedded IoT Devices

Abstract

The fact that embedded Internet of Things (IoT) is deployed at a very high rate in some of the most critical areas including industrial automation, healthcare, and smart infrastructure has contributed to an increase in secure and reliable firmware management needs. Nevertheless, the standard encryption procedures are not always practicable to use with ultra-low-power microcontroller as they have severe limitations in memory, computation, and power. The paper proposes a small and adaptable Secure Boot and Over-the-Air (OTA) Firmware Update Framework that is adapted to limited resource-intensive embedded IoT machines. The proposed design provides 2 stage boot loader architecture to provide secure firmware verification and delivery over the boot loader. Digital signature verification is realized using Elliptic Curve Cryptography (ECC) and Cryptographically Secure firmware is implemented using AES-GCM both to encrypt and authenticate. OTA firmware flow is over MQTT/TLS and the rollback protection is done using the version counters. It was prototyped on ARM Cortex-M series microcontrollers, and an implementation of mbedTLS and TinyCrypt libraries. Performance benchmarks demonstrate the system has just 45 ms of boot time overhead and authenticates OTA updates in 70 ms and requires little memory (Flash: +16 KB, RAM: +3 KB). High tampering, spoofing, and replay resistance is ensured by security validation. The framework is a practical, safe, and energy-effective model of end-to-end control over the firmware lifecycle on contemporary embedded IoT devices.