Shefu: Secure hardware-enabled protocol for firmware updates

Firmware updates are often termed as a panacea to vulnerable Internet-of-Things (IoT) networks, as firmware updates can fix the exposed bugs and prevent them from being exploited in the future. However, a secure firmware update is a challenging task as IoT devices are often employed in unattended networks. Moreover, malicious updates of firmware in any of the devices of a network, or the non-execution of an update, can create havoc. Although security mechanisms like remote attestation (RA) are quite popular to identify malicious nodes in a network, they are costly in terms of computation/memory usage and communication overhead. To overcome these issues, we propose a “Secure Hardware-enabled Protocol for Firmware Updates (SHeFU)”. The aim of the proposed protocol is two-fold: 1) we obviate the need for remote attestation, and 2) we make sure that malicious nodes are isolated from benign nodes. Assuming a restricted threat model and network constellation, SHeFU ensures secure firmware updates and prevents compromised nodes from communicating with benign nodes in a network.