OTA security
While a connected IIoT devices OTA feature introduces many advantages, ranging from bug fixes to introducing new functionality, it also poses security concerns.
Nobody wants to receive an update from another device, let alone a malicious update. So it is very important to have security built-in from the start in IIoT OTA update mechanisms.
Here are several guidelines that can be applied for security.
Secure communication channel
Always use a secure encrypted communication channel between the IIoT device and the cloud to update the server and firmware downloads.
When using a gateway, apply the same security standards for the local communication between the gateway and the edge devices.
Managing certificates might look like a painful administrative task. Still we encourage to use an individual certificate for each device and not to use the same certificate for multiple devices.
Temporary links
The link to the new firmware should be relative to the device itself so that anyone else (or something else) with another certificate can not download the new firmware.
Moreover, restrict the link to the new firmware in time. And after download of the update, remove the link.
In case the firmware isn’t downloaded within a preconfigured timeframe, delete the link. In such an event a new update link must be generated and pushed to the device.
Encryption
It’s not sufficient that all communication uses an encrypted communication channel like https.
Also each update file and each link should be encrypted as well. This prevents the ability to read and decrypt the updates if the communication channel its security would be compromised.
Code provenance & Signed updates
Each update must be cryptographic code signed so that the device receiving (downloading) the update only accepts the update if it can verify:
- the origin of the update
- the destination of the update is indeed the device itself
- the update has not been altered during transit
This blog is part of our blog series IIoT Intelligent Firmware Updates.
Want to know more?
Get in Touch
I am the sAInce IIoT whizz”kid” and one of our founding fathers and inventor of IIoT smart sensor location ID patent (BE2014/5160).
At the age of 12, I bought my first computer, … an Apple IIe and started coding. A decade later and passionate about technology, I graduated as electronics & embedded engineer.
Ever since I have been designing and developing mission critical smart distributed monitoring, telemetry and IIoT systems.