Cargando…
MUP: Simplifying Secure Over-The-Air Update with MQTT for Constrained IoT Devices
Message Queuing Telemetry Transport (MQTT) is one of the dominating protocols for edge- and cloud-based Internet of Things (IoT) solutions. When a security vulnerability of an IoT device is known, it has to be fixed as soon as possible. This requires a firmware update procedure. In this paper, we pr...
Autores principales: | , , , |
---|---|
Formato: | Online Artículo Texto |
Lenguaje: | English |
Publicado: |
MDPI
2020
|
Materias: | |
Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7792629/ https://www.ncbi.nlm.nih.gov/pubmed/33374965 http://dx.doi.org/10.3390/s21010010 |
_version_ | 1783633845754527744 |
---|---|
author | Sahlmann, Kristina Clemens, Vera Nowak, Michael Schnor, Bettina |
author_facet | Sahlmann, Kristina Clemens, Vera Nowak, Michael Schnor, Bettina |
author_sort | Sahlmann, Kristina |
collection | PubMed |
description | Message Queuing Telemetry Transport (MQTT) is one of the dominating protocols for edge- and cloud-based Internet of Things (IoT) solutions. When a security vulnerability of an IoT device is known, it has to be fixed as soon as possible. This requires a firmware update procedure. In this paper, we propose a secure update protocol for MQTT-connected devices which ensures the freshness of the firmware, authenticates the new firmware and considers constrained devices. We show that the update protocol is easy to integrate in an MQTT-based IoT network using a semantic approach. The feasibility of our approach is demonstrated by a detailed performance analysis of our prototype implementation on a IoT device with 32 kB RAM. Thereby, we identify design issues in MQTT 5 which can help to improve the support of constrained devices. |
format | Online Article Text |
id | pubmed-7792629 |
institution | National Center for Biotechnology Information |
language | English |
publishDate | 2020 |
publisher | MDPI |
record_format | MEDLINE/PubMed |
spelling | pubmed-77926292021-01-09 MUP: Simplifying Secure Over-The-Air Update with MQTT for Constrained IoT Devices Sahlmann, Kristina Clemens, Vera Nowak, Michael Schnor, Bettina Sensors (Basel) Article Message Queuing Telemetry Transport (MQTT) is one of the dominating protocols for edge- and cloud-based Internet of Things (IoT) solutions. When a security vulnerability of an IoT device is known, it has to be fixed as soon as possible. This requires a firmware update procedure. In this paper, we propose a secure update protocol for MQTT-connected devices which ensures the freshness of the firmware, authenticates the new firmware and considers constrained devices. We show that the update protocol is easy to integrate in an MQTT-based IoT network using a semantic approach. The feasibility of our approach is demonstrated by a detailed performance analysis of our prototype implementation on a IoT device with 32 kB RAM. Thereby, we identify design issues in MQTT 5 which can help to improve the support of constrained devices. MDPI 2020-12-22 /pmc/articles/PMC7792629/ /pubmed/33374965 http://dx.doi.org/10.3390/s21010010 Text en © 2020 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/). |
spellingShingle | Article Sahlmann, Kristina Clemens, Vera Nowak, Michael Schnor, Bettina MUP: Simplifying Secure Over-The-Air Update with MQTT for Constrained IoT Devices |
title | MUP: Simplifying Secure Over-The-Air Update with MQTT for Constrained IoT Devices |
title_full | MUP: Simplifying Secure Over-The-Air Update with MQTT for Constrained IoT Devices |
title_fullStr | MUP: Simplifying Secure Over-The-Air Update with MQTT for Constrained IoT Devices |
title_full_unstemmed | MUP: Simplifying Secure Over-The-Air Update with MQTT for Constrained IoT Devices |
title_short | MUP: Simplifying Secure Over-The-Air Update with MQTT for Constrained IoT Devices |
title_sort | mup: simplifying secure over-the-air update with mqtt for constrained iot devices |
topic | Article |
url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7792629/ https://www.ncbi.nlm.nih.gov/pubmed/33374965 http://dx.doi.org/10.3390/s21010010 |
work_keys_str_mv | AT sahlmannkristina mupsimplifyingsecureovertheairupdatewithmqttforconstrainediotdevices AT clemensvera mupsimplifyingsecureovertheairupdatewithmqttforconstrainediotdevices AT nowakmichael mupsimplifyingsecureovertheairupdatewithmqttforconstrainediotdevices AT schnorbettina mupsimplifyingsecureovertheairupdatewithmqttforconstrainediotdevices |