Secure IoT Update Using Blockchain Melike Kaptan Computer Engineering Izmir Institute of Technology Izmir Turkey melike.kaptan91@gmail.com ORCID:0000-0003-0110-9035 Emrah Tomur Research Area Security Ericsson Research Istanbul Turkey emrah.tomur@ericsson.com ORCID:0000-0001-8985-4974 Tolga Ayav Computer Engineering Izmir Institute of Technology Izmir Turkey tolgaayav@iyte.edu.tr ORCID:0000-0002-5339-5507 Yusuf M. Erten Computer Engineering Izmir University of Economics Izmir Turkey yusuf.erten@ieu.edu.tr ORCID:0000-0001-9537-7414 Abstract—In this study a platform is devised to send automatic remote updates for embedded devices. In this scenario there are Original Equipment Manufacturers (OEMs), Software suppliers, blockchain nodes, Gateways and embedded devices. OEMs and software suppliers are there to keep their software on Inter Planetary File System (IPFS) and send the meta-data and hashes of their software to the blockchain nodes in order to keep this information distributed and ready to be requested and used. There are also gateways which are the members of the blockchain and the IPFS network. Gateways are responsible for asking for a specific update for specific devices from IPFS database using the meta-data kept on the blockchain, and they will send those hashed secure updates to the devices. In order to provide a traceable data keeping platform, gateway update operations are handled as transactions in a second blockchain network which is the clockchain of the gateways. The system was implemented as of the two separate blockchain networks and it has been shown that, despite the calculation overhead of the member devices, by separating the functions between the two blockchain networks a more reliable and secure platform can be achieved. Keywords—IoT, remote update, blockchain I. I NTRODUCTION Advances in the connected world requires secure communi- cation between connected entities and robust servers serving those connected devices. This increasing communication intro- duces security and privacy threats. The existing solutions to update this software rely mostly on centralized servers which introduce a single point of failure. The decentralized nature and the proof-of-work calculations which is an integral part of the blockchains offer a solution to solve these problems for connected world and its applications, because, the increasing number of devices and their needs for connection requires more available servers in decentralized manner. The proof- of-work mechanism is another key element which makes the data corruption harder with the calculation overhead trade off. IoT might benefit from the blockchain networks incorporat- ing smart contracts or keeping fingerprints of their data in blockchains which will beat the data compromise. Another key benefit is having liable history of records when investigations are required for life threatening scenarios. In this study we propose a software update architecture for the connected devices. The proposed work covers most simple blockchain applications to distribute the updates. The proposed study has the functionalities listed below: • We propose to use a blockchain network to distribute software to the devices either to update them or to make installations at the production phase. • A block chain, a consortium blockchain which is only accessible by authorized users, is used for keeping im- mutable records of all software producers in an autho- rized manner. Hence after releasing it to the consortium blockchain network and storing it in the Interplanetary File System (IPFS), producers can not deny the ownership of the software. • There are also gateway servers which are part of the consortium blockchain, which also form a separate blockchain network themselves. Whenever there is an update for a device that they communicate with, gateway servers will check the software updates in the consortium blockchain to decide if their devices need updates, per- form the update operation if necessary and keep a record of these activities. II. BACKGROUND A. Traditional Update Updates for embedded devices are often done with physical connections on the site or with cloud-based methods. In these techniques software image files are uploaded to the devices through a cable or air interface. In the former approach a technician must execute the work and in the latter remote server performs this update via internet connection. The first method relies on human factor and the second introduces a possible single point of failure. Therefore, both methods have deficiencies. Also in a field like automotive or road side unit software update, if there is a bug in an automotive software and needs to be corrected urgently, relying upon a service technician or one cloud service may have adverse effects on human lives. B. Blockchain Based Update in IoT The most important property of blockchain is being se- cure without requiring any centralized medium to build trust. Blockchain and IoT have a good match here. Data which is needed to be sent from one device to another must have its integrity, confidentiality and availability protected. When we think about data shared between two IoT applications based blockchain environments, it is definitely beneficial for 978-1-6654-0759-5/21/$31.00 ©2021 IEEE 2021 2nd International Informatics and Software Engineering Conference (IISEC) | 978-1-6654-0759-5/21/$31.00 ©2021 IEEE | DOI: 10.1109/IISEC54230.2021.9672424 Authorized licensed use limited to: ULAKBIM UASL - IZMIR YUKSEK TEKNOLOJI ENSTITUSU. Downloaded on October 31,2022 at 08:54:29 UTC from IEEE Xplore. Restrictions apply.