This website uses cookies to make the content more user-friendly and effective. By using this website, you agree to the use of cookies. You can find additonal information about the use of cookies and the possibility of objecting to the use of cookies here.

25 - 27 February 2020 // Nuremberg, Germany

Conferences and supporting programme

back to day overview
Session 3.5: OS-Security

Designing a Secure and Reliable OTA Update Mechanism for IoT Endpoints Vortragssprache Englisch

OTA (Over-The-Air) updates are critical for IoT devices, enabling bugs or security flaws to be patched remotely. However, if an OTA update fails and results in a -bricked device- or injects malware that causes security breaches for end users, reputational damage may be significant. In this paper, we examine the embedded software architecture required on an IoT device to implement a secure and reliable OTA update process. This discussion draws from an RTOS-based implementation for an ARM-Cortex M-based wireless microcontroller. We overview the steps in an OTA update and explore each of these steps in more detail. The first step is to securely download the OTA update from a trusted source. We consider alternative implementations such as using an existing telemetry channel or discovering and downloading from a dedicated OTA server, including a discussion of the relevant networking protocols (e.g. MQTT, TLS, mDNS, DNS-SD, OCSP). Next, the IoT device must verify the OTA update matches what was sent from the server to counter man-in-the-middle attacks or to detect corruption from transmission errors. We discuss use of code signing certificates and secure bootloader implementations that enforce use of signed images. The final step is booting the updated image. We describe a fail-safe booting mechanism that enables a -trial boot- that runs a test to verify the new image is working correctly and, if the test fails, reverts to the previous working image to avoid -bricked devices-.

--- Date: 28.02.2019 Time: 10:30 - 11:00 Location: Conference Counter NCC Ost



Nick Lethaby

Texas Instruments Deutschland GmbH


The selected entry has been placed in your favourites!

If you register you can save your favourites permanently and access all entries even when underway – via laptop or tablet.

You can register an account here to save your settings in the Exhibitors and Products Database and as well as in the Supporting Programme.The registration is not for the TicketShop and ExhibitorShop.

Register now

Your advantages at a glance:

  • Advantage Save your favourites permanently. Use the instant access – mobile too, anytime and anywhere – incl. memo function.
  • Advantage The optional newsletter gives you regular up-to-date information about new exhibitors and products – matched to your interests.
  • Advantage Call up your favourites mobile too! Simply log in and access them at anytime.