Robust Security Updates for Connected Devices
(2016) EITM01 20161Department of Electrical and Information Technology
- Abstract
- We are emerging into the IoT (Internet of Things) era as the IoT market is quickly
increasing, giving us connected devices everywhere, from personal accessories to
smart homes and even whole city infrastructures. The manufacturing companies
need to stay competitive in this rapidly evolving market, so they need to minimize
the price and optimize the Time to Market (TTM). When new versions of a product
are released, they get higher priorities than their predecessors. Still there are many
devices based on the old version in use. With all these old devices connected to
the Internet, problems are raised when software vulnerabilities are found because
they will be more exposed to attackers. This may have severe consequences, not
only... (More) - We are emerging into the IoT (Internet of Things) era as the IoT market is quickly
increasing, giving us connected devices everywhere, from personal accessories to
smart homes and even whole city infrastructures. The manufacturing companies
need to stay competitive in this rapidly evolving market, so they need to minimize
the price and optimize the Time to Market (TTM). When new versions of a product
are released, they get higher priorities than their predecessors. Still there are many
devices based on the old version in use. With all these old devices connected to
the Internet, problems are raised when software vulnerabilities are found because
they will be more exposed to attackers. This may have severe consequences, not
only for users' privacy, but also for the security of the society.
In this thesis we try to overcome some of these problems by providing a thorough vulnerability assessment as well as a secure update mechanism. An in-depth
analysis on how to assess vulnerabilities is presented. We provide an implementation to deploy updates in a robust way. We consider security aspects such as
confidentiality, integrity and non-repudiation, but also the need for failure recovery of the system and distribution of data in an efficient way. A camera is being
attacked to demonstrate the need for a secure update mechanism. (Less) - Popular Abstract
- The Internet of Things (IoT) revolution
has just started and there is a tremendous
increase in the number of devices
connected to the Internet. Some companies
estimate it to reach a number between 20 and
50 billion connected devices by the year of
2020.
Please use this url to cite or link to this publication:
http://lup.lub.lu.se/student-papers/record/8841016
- author
- Karlsson, Jonathan LU and Sönnerup, Jonathan LU
- supervisor
- organization
- course
- EITM01 20161
- year
- 2016
- type
- H2 - Master's Degree (Two Years)
- subject
- keywords
- Vulnerability Assessment, IoT, Security, Software Updates, OTA, Device Management
- report number
- LU/LTH-EIT 2016-485
- language
- English
- id
- 8841016
- date added to LUP
- 2016-03-16 08:50:13
- date last changed
- 2016-05-11 14:27:55
@misc{8841016, abstract = {{We are emerging into the IoT (Internet of Things) era as the IoT market is quickly increasing, giving us connected devices everywhere, from personal accessories to smart homes and even whole city infrastructures. The manufacturing companies need to stay competitive in this rapidly evolving market, so they need to minimize the price and optimize the Time to Market (TTM). When new versions of a product are released, they get higher priorities than their predecessors. Still there are many devices based on the old version in use. With all these old devices connected to the Internet, problems are raised when software vulnerabilities are found because they will be more exposed to attackers. This may have severe consequences, not only for users' privacy, but also for the security of the society. In this thesis we try to overcome some of these problems by providing a thorough vulnerability assessment as well as a secure update mechanism. An in-depth analysis on how to assess vulnerabilities is presented. We provide an implementation to deploy updates in a robust way. We consider security aspects such as confidentiality, integrity and non-repudiation, but also the need for failure recovery of the system and distribution of data in an efficient way. A camera is being attacked to demonstrate the need for a secure update mechanism.}}, author = {{Karlsson, Jonathan and Sönnerup, Jonathan}}, language = {{eng}}, note = {{Student Paper}}, title = {{Robust Security Updates for Connected Devices}}, year = {{2016}}, }