Levon Keleman, Danijel Matic, M. Popovic, I. Kastelan
{"title":"嵌入式系统中的安全固件更新","authors":"Levon Keleman, Danijel Matic, M. Popovic, I. Kastelan","doi":"10.1109/ICCE-Berlin47944.2019.8966174","DOIUrl":null,"url":null,"abstract":"Great numbers of embedded devices are performing safety critical operations, which means it is very important to keep them operating without interference. Update is the weak point that could be exploited by potential attackers to gain access to the system, sabotage it or to simply steal someone else's intellectual property. This paper presents an implementation of secure update process for embedded systems which prevents man-in-the-middle attacks. By using a combination of hash functions, symmetric and asymmetric encryption algorithms it demonstrates how to achieve integrity, authenticity and confidentiality of the update package that is sent to the target hardware. It covers implementation starting from key exchange, next explaining update package encryption process and then decryption on the target hardware. It does not go into a detail about specific encryption algorithms that could be used. It presents a generalized model for secure update that could be adjusted to specific needs.","PeriodicalId":290753,"journal":{"name":"2019 IEEE 9th International Conference on Consumer Electronics (ICCE-Berlin)","volume":"89 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"Secure firmware update in embedded systems\",\"authors\":\"Levon Keleman, Danijel Matic, M. Popovic, I. Kastelan\",\"doi\":\"10.1109/ICCE-Berlin47944.2019.8966174\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Great numbers of embedded devices are performing safety critical operations, which means it is very important to keep them operating without interference. Update is the weak point that could be exploited by potential attackers to gain access to the system, sabotage it or to simply steal someone else's intellectual property. This paper presents an implementation of secure update process for embedded systems which prevents man-in-the-middle attacks. By using a combination of hash functions, symmetric and asymmetric encryption algorithms it demonstrates how to achieve integrity, authenticity and confidentiality of the update package that is sent to the target hardware. It covers implementation starting from key exchange, next explaining update package encryption process and then decryption on the target hardware. It does not go into a detail about specific encryption algorithms that could be used. It presents a generalized model for secure update that could be adjusted to specific needs.\",\"PeriodicalId\":290753,\"journal\":{\"name\":\"2019 IEEE 9th International Conference on Consumer Electronics (ICCE-Berlin)\",\"volume\":\"89 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-09-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2019 IEEE 9th International Conference on Consumer Electronics (ICCE-Berlin)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICCE-Berlin47944.2019.8966174\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 IEEE 9th International Conference on Consumer Electronics (ICCE-Berlin)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICCE-Berlin47944.2019.8966174","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Great numbers of embedded devices are performing safety critical operations, which means it is very important to keep them operating without interference. Update is the weak point that could be exploited by potential attackers to gain access to the system, sabotage it or to simply steal someone else's intellectual property. This paper presents an implementation of secure update process for embedded systems which prevents man-in-the-middle attacks. By using a combination of hash functions, symmetric and asymmetric encryption algorithms it demonstrates how to achieve integrity, authenticity and confidentiality of the update package that is sent to the target hardware. It covers implementation starting from key exchange, next explaining update package encryption process and then decryption on the target hardware. It does not go into a detail about specific encryption algorithms that could be used. It presents a generalized model for secure update that could be adjusted to specific needs.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
