Secure over-the-air firmware updates of IoT devices
Secure over-the-air updates in a massive and distributed deployment of IoT devices can be a truly challenging task. This is especially so when we are faced with one or more of the following aspects: heterogeneous devices, unreliable wireless connections, long operating lifetimes, battery powered devices,…
In this workshop we will address recent technology innovations to achieve secure and scalable over-the-air firmware updates of low power IoT devices that are operated in challenging and dynamic environments.
Speakers from both academia and industry will zoom in on the possibilities of their innovations for applications such as smart water metering, railway systems, and many others.
The workshop includes presentations and (live) demos, and is accessible to all enthusiasts in wireless technology. Topics include a.o.
- wireless technologies (LoRaWAN, NB-IoT) for remote updates
- scalable approaches for massive remote updates
- dealing with unreliable wireless connectivity
- security aspects
- applications in industry and beyond
TENTATIVE PROGRAMME
12h00 | Registration & sandwich lunch |
13h00 | Introduction Kris Hermus, Coordinator Wireless Community & Innovation Program Manager Flanders, imec |
13h20 | How to implement a reliable and secure update flow for embedded IoT systems in railway with an unreliable wireless connection Steven Lauwereins, Research Lead, Televic GSP In a world where all software needs to be maintained for cybersecurity reasons, also software installed on devices with intermittent or even no connectivity have to be updatable in a reliable way. Moreover, in industries such as railway, many devices are kept as spare parts for years. These devices need to be made secure at first booth regardless of the years they lay in a customer warehouse. This talk will explain Televic GSPs approach to such challenging update requirements. |
13h40 | Secure over-the-air firmware update framework for a vast network of battery-operated smart water meters in inaccessible locations Jan Van Cappellen, COO, Hydroko
|
13h55 | Managed firmware updates over NB-IoT on high lifetime battery powered IOT-devices Steven Sanders (Founder) and Bram Baert (Development engineer electronic design), Quicksand
|
14h10 | Adaptive In-situ Power Monitoring & Profiling of Cellular IoT Devices Brendan Mackenzie (doctoral researcher) and Danny Hughes (Professor), KU Leuven – Distrinet This talk addresses the problem that cellular IoT network reliability continuously fluctuates throughout the lifetime of an IoT device, resulting in variable energy costs per data transmission (particularly if retransmissions are needed). This can be exacerbated by unpredictable losses of connectivity and their associated power-hungry network rejoins. Since these reliability fluctuations have massive consequences in terms of total energy consumption, it is very difficult to predict the IoT device’s battery-lifetime and uphold long lifetime guarantees (cf. talks by Quicksand and Hydroko). |
14h25 | Over-the-air upgrades in Industrial IoT solutions – lessons learned Nico Janssens, CTO, Rombit OTA upgrades play an important role to ensure both the cost-effective operation and lifecycle of IIoT solutions. Despite its importance, integrating OTA support typically introduces considerable complexities — impacting critical non-functional requirements like security, reliability, availability, and cost-effectiveness. In this talk, we discuss Rombit’s implementation of OTA support across its entire product range, shedding light on obstacles encountered and lessons learned. |
14h40 | COFFEE BREAK |
15h10 | GUIDED DEMO TOUR |
|
|
15h55 | LoRaWAN Firmware Updates Over-The-Air Lode Van Halewyck, Senior technical consultant, Actility An introduction to secure Firmware Updates Over-The-Air (FUOTA) over LoRaWAN, covering the following topics:
|
16h10 | Benchmarking and comparison of security analysis tools KU Leuven – Distrinet Gent In this talk, we present our research on “Benchmarking and Comparison of Security Analysis Tools” for IoT firmware. The growing integration of firmware analysis tools in the development pipelines of IoT manufacturers underscores the need to identify security vulnerabilities in embedded devices before they reach the market. Our study introduces B4IoT, a Linux-based platform that generates customized firmware benchmarks to evaluate static and dynamic security analysis tools. Through the evaluation of five state-of-the-art open-source tools, our findings highlight the gaps in current analysis capabilities, particularly in detecting issues related to specific protocols like MQTT and CoAP. This research aims to guide IoT developers in selecting and combining security tools to ensure comprehensive vulnerability detection in their devices. |
16h25 | Secure localisation based device commissioning N.N., KU Leuven – COSIC Initialising new IoT devices into the network is a tedious process – most of these devices run on small embedded platforms and lack the usual I/O interfaces present, and often rely on external hardware and equipment for configuration. This makes it a manual process, and incurs significant costs when scaled up. And more often than not, to account for scalability or cheap initialisation, security gets neglected. In our work, we have designed a solution for this commissioning problem for indoor environments which does not require significant human involvement. We show that it is possible to effortlessly and securely commission new devices into an existing network, using the signal strengths of the devices already present inside. We will show a short demonstrator of our solution in which we simulate an indoor environment, and demonstrate how we can securely initialise a legitimate device into the network. We do this, all without using any additional sophisticated devices, and thus only relying on commercially available devices. |
16u35 | Hardware security aspects in IoT devices An Braeken, Professor, VUB-ETRO Abstract will follow |
16h50 | Plenary Q&A session |
17h10 | Networking reception |
19h00 | End of the workshop |
REGISTRATION
Registration-fees:
- Imec employees and residents: free of charge
- Employees of Wireless Community members: free of charge
- Others:
- 100 EUR (excl VAT) early bird until October 2
- 120 EUR (excl VAT) late registration from October 3