2020
DOI: 10.1007/978-3-030-41702-4_14
|View full text |Cite
|
Sign up to set email alerts
|

Automated Security Analysis of IoT Software Updates

Abstract: IoT devices often operate unsupervised in ever-changing environments for several years. Therefore, they need to be updated on a regular basis. Current approaches for software updates on IoT, like the recent SUIT proposal, focus on granting integrity and confidentiality but do not analyze the content of the software update, especially the IoT application which is deployed to IoT devices. To this aim, in this paper, we present IoTAV, an automated software analysis framework for systematically verifying the secur… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1

Citation Types

0
2
0

Year Published

2020
2020
2021
2021

Publication Types

Select...
2
1

Relationship

1
2

Authors

Journals

citations
Cited by 3 publications
(2 citation statements)
references
References 20 publications
0
2
0
Order By: Relevance
“…The most common reverse engineering techniques employed for IoT security analysis rely on network packets inspection or on more complex analysis of device firmware images. Several methodologies have been proposed in recent years to automate the analysis of device firmware, leveraging on techniques such as formal methods, fuzzing, static analysis and signature matching [13,14,27,29]. Recently, in addition to the analysis of firmware images, the automatic inspection of companion applications also proved to be an effective strategy [19,26].…”
Section: Esp-touch: Methodology Of Analysismentioning
confidence: 99%
“…The most common reverse engineering techniques employed for IoT security analysis rely on network packets inspection or on more complex analysis of device firmware images. Several methodologies have been proposed in recent years to automate the analysis of device firmware, leveraging on techniques such as formal methods, fuzzing, static analysis and signature matching [13,14,27,29]. Recently, in addition to the analysis of firmware images, the automatic inspection of companion applications also proved to be an effective strategy [19,26].…”
Section: Esp-touch: Methodology Of Analysismentioning
confidence: 99%
“…As the firmware has a central role in the life cycle of an IoT device, its security has raised serious concerns from the scientific and industrial community. To this aim, several works were proposed to evaluate the security of the firmware bundle (like [4] or [5]) and enforce the update mechanisms (e.g., [6] and [7]).…”
Section: Introductionmentioning
confidence: 99%