Author:
Sahlmann Kristina,Clemens Vera,Nowak Michael,Schnor Bettina
Abstract
Message Queuing Telemetry Transport (MQTT) is one of the dominating protocols for edge- and cloud-based Internet of Things (IoT) solutions. When a security vulnerability of an IoT device is known, it has to be fixed as soon as possible. This requires a firmware update procedure. In this paper, we propose a secure update protocol for MQTT-connected devices which ensures the freshness of the firmware, authenticates the new firmware and considers constrained devices. We show that the update protocol is easy to integrate in an MQTT-based IoT network using a semantic approach. The feasibility of our approach is demonstrated by a detailed performance analysis of our prototype implementation on a IoT device with 32 kB RAM. Thereby, we identify design issues in MQTT 5 which can help to improve the support of constrained devices.
Subject
Electrical and Electronic Engineering,Biochemistry,Instrumentation,Atomic and Molecular Physics, and Optics,Analytical Chemistry
Reference57 articles.
1. Number of Internet of Things (IoT) Connected Devices Worldwide in 2018, 2025 and 2030https://www.statista.com/statistics/802690/worldwide-connected-devices-by-access-technology/
2. Cyberphysical Security for the Masses: A Survey of the Internet Protocol Suite for Internet of Things Security
3. Ontology-driven Device Descriptions for IoT Network Management
4. MQTT Version 5.0. Specification, OASIS Standardhttps://docs.oasis-open.org/mqtt/mqtt/v5.0/mqtt-v5.0.html
5. Network Configuration Protocol (NETCONF). RFC 6241, IETFhttps://www.hjp.at/doc/rfc/rfc6241.html
Cited by
7 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献