{"id":"https://openalex.org/W2947506247","doi":"https://doi.org/10.1109/access.2019.2919760","title":"Secure Firmware Updates for Constrained IoT Devices Using Open Standards: A Reality Check","display_name":"Secure Firmware Updates for Constrained IoT Devices Using Open Standards: A Reality Check","publication_year":2019,"publication_date":"2019-01-01","ids":{"openalex":"https://openalex.org/W2947506247","doi":"https://doi.org/10.1109/access.2019.2919760","mag":"2947506247"},"language":"en","primary_location":{"id":"doi:10.1109/access.2019.2919760","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2019.2919760","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/8600701/08725488.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://ieeexplore.ieee.org/ielx7/6287639/8600701/08725488.pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5028146538","display_name":"Koen Zandberg","orcid":null},"institutions":[{"id":"https://openalex.org/I1326498283","display_name":"Institut national de recherche en sciences et technologies du num\u00e9rique","ror":"https://ror.org/02kvxyf05","country_code":"FR","type":"government","lineage":["https://openalex.org/I1326498283"]},{"id":"https://openalex.org/I75951250","display_name":"Freie Universit\u00e4t Berlin","ror":"https://ror.org/046ak2485","country_code":"DE","type":"education","lineage":["https://openalex.org/I75951250"]}],"countries":["DE","FR"],"is_corresponding":true,"raw_author_name":"Koen Zandberg","raw_affiliation_strings":["Inria, Le Chesnay, \u00c3\u017dle-de-France, FR","TRiBE - inTeRnet BEyond the usual (France)","FU - Free University of Berlin (Freie Universit\u00e4t Berlin\r\nKaiserswerther Str. 16-18, 14195 Berlin - Germany)"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Inria, Le Chesnay, \u00c3\u017dle-de-France, FR","institution_ids":["https://openalex.org/I1326498283"]},{"raw_affiliation_string":"TRiBE - inTeRnet BEyond the usual (France)","institution_ids":[]},{"raw_affiliation_string":"FU - Free University of Berlin (Freie Universit\u00e4t Berlin\r\nKaiserswerther Str. 16-18, 14195 Berlin - Germany)","institution_ids":["https://openalex.org/I75951250"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5037682390","display_name":"Kaspar Schleiser","orcid":null},"institutions":[{"id":"https://openalex.org/I1326498283","display_name":"Institut national de recherche en sciences et technologies du num\u00e9rique","ror":"https://ror.org/02kvxyf05","country_code":"FR","type":"government","lineage":["https://openalex.org/I1326498283"]},{"id":"https://openalex.org/I4210126395","display_name":"Inform (Germany)","ror":"https://ror.org/02x8c2t37","country_code":"DE","type":"company","lineage":["https://openalex.org/I4210126395"]}],"countries":["DE","FR"],"is_corresponding":false,"raw_author_name":"Kaspar Schleiser","raw_affiliation_strings":["Inria, Le Chesnay, \u00c3\u017dle-de-France, FR","Institut f\u00fcr Informatik [Berlin] (Takustra\u00dfe 9 D-14195 Berlin Germany - Germany)","TRiBE - inTeRnet BEyond the usual (France)"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Inria, Le Chesnay, \u00c3\u017dle-de-France, FR","institution_ids":["https://openalex.org/I1326498283"]},{"raw_affiliation_string":"Institut f\u00fcr Informatik [Berlin] (Takustra\u00dfe 9 D-14195 Berlin Germany - Germany)","institution_ids":["https://openalex.org/I4210126395"]},{"raw_affiliation_string":"TRiBE - inTeRnet BEyond the usual (France)","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101572834","display_name":"Francisco J. Acosta","orcid":"https://orcid.org/0000-0001-9686-1152"},"institutions":[{"id":"https://openalex.org/I1326498283","display_name":"Institut national de recherche en sciences et technologies du num\u00e9rique","ror":"https://ror.org/02kvxyf05","country_code":"FR","type":"government","lineage":["https://openalex.org/I1326498283"]}],"countries":["FR"],"is_corresponding":false,"raw_author_name":"Francisco Acosta","raw_affiliation_strings":["Inria, Le Chesnay, \u00c3\u017dle-de-France, FR","TRiBE - inTeRnet BEyond the usual (France)"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Inria, Le Chesnay, \u00c3\u017dle-de-France, FR","institution_ids":["https://openalex.org/I1326498283"]},{"raw_affiliation_string":"TRiBE - inTeRnet BEyond the usual (France)","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5028095958","display_name":"Hannes Tschofenig","orcid":null},"institutions":[{"id":"https://openalex.org/I2801109035","display_name":"ARM (United Kingdom)","ror":"https://ror.org/04mmhzs81","country_code":"GB","type":"company","lineage":["https://openalex.org/I2801109035"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Hannes Tschofenig","raw_affiliation_strings":["Arm Ltd., Cambridge, U.K","ARM - ARM Ltd [Cambridge] (110 Fulbourn Road, Cambridge GB-CB1 9NJ - United Kingdom)"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Arm Ltd., Cambridge, U.K","institution_ids":["https://openalex.org/I2801109035"]},{"raw_affiliation_string":"ARM - ARM Ltd [Cambridge] (110 Fulbourn Road, Cambridge GB-CB1 9NJ - United Kingdom)","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5087239455","display_name":"Emmanuel Baccelli","orcid":"https://orcid.org/0000-0001-6239-9983"},"institutions":[{"id":"https://openalex.org/I1326498283","display_name":"Institut national de recherche en sciences et technologies du num\u00e9rique","ror":"https://ror.org/02kvxyf05","country_code":"FR","type":"government","lineage":["https://openalex.org/I1326498283"]}],"countries":["FR"],"is_corresponding":false,"raw_author_name":"Emmanuel Baccelli","raw_affiliation_strings":["Inria, Le Chesnay, \u00c3\u017dle-de-France, FR","TRiBE - inTeRnet BEyond the usual (France)"],"raw_orcid":"https://orcid.org/0000-0001-6239-9983","affiliations":[{"raw_affiliation_string":"Inria, Le Chesnay, \u00c3\u017dle-de-France, FR","institution_ids":["https://openalex.org/I1326498283"]},{"raw_affiliation_string":"TRiBE - inTeRnet BEyond the usual (France)","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":3,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5028146538"],"corresponding_institution_ids":["https://openalex.org/I1326498283","https://openalex.org/I75951250"],"apc_list":{"value":1850,"currency":"USD","value_usd":1850},"apc_paid":{"value":1850,"currency":"USD","value_usd":1850},"fwci":8.13,"has_fulltext":false,"cited_by_count":127,"citation_normalized_percentile":{"value":0.97919556,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":100},"biblio":{"volume":"7","issue":null,"first_page":"71907","last_page":"71920"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10273","display_name":"IoT and Edge/Fog Computing","score":0.9983000159263611,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/firmware","display_name":"Firmware","score":0.981690526008606},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8460595011711121},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.6219439506530762},{"id":"https://openalex.org/keywords/microcontroller","display_name":"Microcontroller","score":0.5282729268074036},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4840080440044403},{"id":"https://openalex.org/keywords/microcode","display_name":"Microcode","score":0.48274606466293335},{"id":"https://openalex.org/keywords/internet-of-things","display_name":"Internet of Things","score":0.47255629301071167},{"id":"https://openalex.org/keywords/variety","display_name":"Variety (cybernetics)","score":0.42697107791900635},{"id":"https://openalex.org/keywords/mobile-device","display_name":"Mobile device","score":0.4119531810283661},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.32558315992355347},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.27693718671798706}],"concepts":[{"id":"https://openalex.org/C67212190","wikidata":"https://www.wikidata.org/wiki/Q104851","display_name":"Firmware","level":2,"score":0.981690526008606},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8460595011711121},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.6219439506530762},{"id":"https://openalex.org/C173018170","wikidata":"https://www.wikidata.org/wiki/Q165678","display_name":"Microcontroller","level":2,"score":0.5282729268074036},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4840080440044403},{"id":"https://openalex.org/C22174128","wikidata":"https://www.wikidata.org/wiki/Q175869","display_name":"Microcode","level":2,"score":0.48274606466293335},{"id":"https://openalex.org/C81860439","wikidata":"https://www.wikidata.org/wiki/Q251212","display_name":"Internet of Things","level":2,"score":0.47255629301071167},{"id":"https://openalex.org/C136197465","wikidata":"https://www.wikidata.org/wiki/Q1729295","display_name":"Variety (cybernetics)","level":2,"score":0.42697107791900635},{"id":"https://openalex.org/C186967261","wikidata":"https://www.wikidata.org/wiki/Q5082128","display_name":"Mobile device","level":2,"score":0.4119531810283661},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.32558315992355347},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.27693718671798706},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1109/access.2019.2919760","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2019.2919760","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/8600701/08725488.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},{"id":"pmh:oai:HAL:hal-02351794v1","is_oa":true,"landing_page_url":"https://inria.hal.science/hal-02351794","pdf_url":null,"source":{"id":"https://openalex.org/S4306402512","display_name":"HAL (Le Centre pour la Communication Scientifique Directe)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I1294671590","host_organization_name":"Centre National de la Recherche Scientifique","host_organization_lineage":["https://openalex.org/I1294671590"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"IEEE Access, 2019, 7, pp.71907-71920. ⟨10.1109/ACCESS.2019.2919760⟩","raw_type":"Journal articles"},{"id":"pmh:oai:doaj.org/article:f7ebfbd1316c4cc79087b5f6e76d477e","is_oa":true,"landing_page_url":"https://doaj.org/article/f7ebfbd1316c4cc79087b5f6e76d477e","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"IEEE Access, Vol 7, Pp 71907-71920 (2019)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.1109/access.2019.2919760","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2019.2919760","pdf_url":"https://ieeexplore.ieee.org/ielx7/6287639/8600701/08725488.pdf","source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/9","score":0.4699999988079071,"display_name":"Industry, innovation and infrastructure"}],"awards":[],"funders":[],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W2947506247.pdf","grobid_xml":"https://content.openalex.org/works/W2947506247.grobid-xml"},"referenced_works_count":45,"referenced_works":["https://openalex.org/W565531337","https://openalex.org/W1502721666","https://openalex.org/W1580311733","https://openalex.org/W1616329586","https://openalex.org/W2031850392","https://openalex.org/W2033087562","https://openalex.org/W2042721315","https://openalex.org/W2109262854","https://openalex.org/W2124705135","https://openalex.org/W2130630988","https://openalex.org/W2161740197","https://openalex.org/W2166998733","https://openalex.org/W2205797334","https://openalex.org/W2234639732","https://openalex.org/W2289689155","https://openalex.org/W2311411768","https://openalex.org/W2343874908","https://openalex.org/W2476179548","https://openalex.org/W2493306725","https://openalex.org/W2507130841","https://openalex.org/W2565079185","https://openalex.org/W2686848947","https://openalex.org/W2726735305","https://openalex.org/W2726955004","https://openalex.org/W2729024603","https://openalex.org/W2740336530","https://openalex.org/W2762171171","https://openalex.org/W2767162229","https://openalex.org/W2769728577","https://openalex.org/W2789994347","https://openalex.org/W2791403216","https://openalex.org/W2797861877","https://openalex.org/W2883374116","https://openalex.org/W2885933404","https://openalex.org/W2887377490","https://openalex.org/W2889557246","https://openalex.org/W2916617011","https://openalex.org/W2942725466","https://openalex.org/W4254098104","https://openalex.org/W6615991384","https://openalex.org/W6630192894","https://openalex.org/W6740382327","https://openalex.org/W6740524821","https://openalex.org/W6754230774","https://openalex.org/W6754263201"],"related_works":["https://openalex.org/W1966431236","https://openalex.org/W608147619","https://openalex.org/W1984676852","https://openalex.org/W2026551898","https://openalex.org/W2068967940","https://openalex.org/W270731569","https://openalex.org/W4252104358","https://openalex.org/W2062160093","https://openalex.org/W2025981307","https://openalex.org/W1998626163"],"abstract_inverted_index":{"While":[0],"the":[1,11,34,69,105,131,161,165],"IoT":[2,13,35,71,126,143,166],"deployments":[3],"multiply":[4],"in":[5],"a":[6,16,24,39,84,96,120,137,153],"wide":[7],"variety":[8,138],"of":[9,87,108,133,139,173,178],"verticals,":[10],"most":[12],"devices":[14,36,78,167],"lack":[15],"built-in":[17],"secure":[18,65,125],"firmware":[19,66,127,156],"update":[20,157],"mechanism.":[21],"Without":[22],"such":[23,79],"mechanism,":[25],"however,":[26],"critical":[27],"security":[28,106,163],"vulnerabilities":[29],"cannot":[30],"be":[31],"fixed,":[32],"and":[33,55,94,103,175],"can":[37],"become":[38],"permanent":[40],"liability,":[41],"as":[42,80],"demonstrated":[43],"by":[44],"recent":[45],"large-scale":[46],"attacks.":[47],"In":[48],"this":[49,109],"paper,":[50],"we":[51,74],"survey":[52],"open":[53,56],"standards":[54],"source":[57],"libraries":[58],"that":[59,98,147,159],"provide":[60],"useful":[61],"building":[62,101],"blocks":[63,102],"for":[64,68,124,164],"updates":[67],"constrained":[70,142],"devices\u2013by":[72],"which":[73],"mean":[75],"low-power,":[76],"microcontroller-based":[77],"networked":[81],"sensors/actuators":[82],"with":[83,118,168],"small":[85],"amount":[86],"memory,":[88],"among":[89],"other":[90],"constraints.":[91],"We":[92,111,129,145],"design":[93],"implement":[95],"prototype":[97],"leverages":[99],"these":[100],"assess":[104],"properties":[107],"prototype.":[110],"present":[112],"experimental":[113],"results":[114],"including":[115],"first":[116],"experiments":[117],"SUIT,":[119],"new":[121],"IETF":[122],"standard":[123],"updates.":[128],"evaluate":[130],"performance":[132],"our":[134],"implementation":[135],"on":[136],"commercial":[140],"off-the-shelf":[141],"devices.":[144],"conclude":[146],"it":[148],"is":[149],"possible":[150],"to":[151],"create":[152],"secure,":[154],"standards-compliant":[155],"solution":[158],"uses":[160],"state-of-the-art":[162],"less":[169],"than":[170],"32":[171],"kB":[172,177],"RAM":[174],"128":[176],"flash":[179],"memory.":[180]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":17},{"year":2024,"cited_by_count":28},{"year":2023,"cited_by_count":24},{"year":2022,"cited_by_count":26},{"year":2021,"cited_by_count":16},{"year":2020,"cited_by_count":13},{"year":2019,"cited_by_count":1}],"updated_date":"2026-05-06T08:25:59.206177","created_date":"2025-10-10T00:00:00"}