A Review of IoT Firmware Vulnerabilities and Auditing Techniques

Bakhshi, Taimur; Ghita, Bogdan; Kuzminykh, Ievgeniia

doi:10.3390/s24020708

Cited by 12 publications

(2 citation statements)

References 105 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Now let us analyze the unique vulnerabilities of IoT devices from the following three perspectives, namely weak authentication [42], insecure communication protocols [43], and outdated firmware [44]. Authentication technology is the most direct and cutting-edge line of defense in network security, and is an important means of preventing illegal invasion and virus damage.…”

Section: Unique Vulnerabilities Of Iot Devicesmentioning

confidence: 99%

A Survey on Energy-Aware Security Mechanisms for the Internet of Things

He,

Zhou,

Qin

2024

Future Internet

View full text Add to dashboard Cite

The Internet of Things (IoT) employs sensors and the Internet for information exchange, enabling intelligent identification, monitoring, and management, which has deeply impacted various sectors such as power, medical care, and security, transforming social activities and lifestyles. Regrettably, IoT systems suffer from two main challenges, namely sustainability and security. Hence, pondering how to enhance sustainable and energy-efficient practices for IoT systems to mitigate risks becomes a worthwhile endeavor. To address this issue, we conduct a survey of energy-aware security mechanisms in the Internet of Things. Specifically, we examine the challenges that IoT is facing in terms of energy efficiency and security, and we inspect current energy-saving and privacy-preserving technologies for IoT systems. Moreover, we delineate a vision for the future of IoT, emphasizing energy-aware security mechanisms. Finally, we outline the challenges encountered in achieving energy-aware security mechanisms, as well as the direction of future research. Motivated by this study, we envision advancements in the IoT that not only harness the benefits of science and technology but also enhance the security and safety of our data.

show abstract

Section: Unique Vulnerabilities Of Iot Devicesmentioning

confidence: 99%

A Survey on Energy-Aware Security Mechanisms for the Internet of Things

He,

Zhou,

Qin

2024

Future Internet

View full text Add to dashboard Cite

show abstract

“…Ensuring its security is essential to prevent unauthorized access, data breaches, and the potential manipulation of devices for malicious purposes. A recent review [20] emphasized the importance of addressing vulnerabilities in firmware to enhance the security posture of IoT ecosystems, thereby reinforcing trust and reliability for stakeholders.…”

Section: Security Update Requirements For Iot Devicesmentioning

confidence: 99%

Firmware Updates over the Air via LoRa: Unicast and Broadcast Combination for Boosting Update Speed

Malumbres,

Saldana,

Berné

et al. 2024

Sensors

View full text Add to dashboard Cite

The capacity to update firmware is a vital component in the lifecycle of Internet of Things (IoT) devices, even those with restricted hardware resources. This paper explores the best way to wirelessly (Over The Air, OTA) update low-end IoT nodes with difficult access, combining the use of unicast and broadcast communications. The devices under consideration correspond to a recent industrial IoT project that focuses on the installation of intelligent lighting systems within ATEX (potentially explosive atmospheres) zones, connected via LoRa to a gateway. As energy consumption is not limited in this use case, the main figure of merit is the total time required for updating a project. Therefore, the objective is to deliver all the fragments of the firmware to each and all the nodes in a safe way, in the least amount of time. Three different methods, combining unicast and broadcast transmissions in different ways, are explored analytically, with the aim of obtaining the expected update time. The methods are also tested via extensive simulations, modifying different parameters such as the size of the scenario, the number of bytes of each firmware chunk, the number of nodes, and the number of initial broadcast rounds. The simulations show that the update time of a project can be significant, considering the limitations posed by regulations, in terms of the percentage of airtime consumption. However, significant time reductions can be achieved by using the proper method: in some cases, when the number of nodes is high, the update time can be reduced by two orders of magnitude if the correct method is chosen. Moreover, one of the proposed methods is implemented using actual hardware. This real implementation is used to perform firmware update experiments in a lab environment. Overall, the article illustrates the advantage of broadcast approaches in this kind of technology, in which the transmission rate is constant despite the distance between the gateway and the node. However, the advantage of these broadcast methods with respect to the unicast one could be mitigated if the nodes do not run exactly the same firmware version, since the control of the broadcast update would be more difficult and the total update time would increase.

show abstract