{"id":"https://openalex.org/W4404562693","doi":"https://doi.org/10.1109/tdsc.2024.3496658","title":"Update If You Dare: Demystifying Bare-Metal Device Firmware Update Security of Appified IoT Systems","display_name":"Update If You Dare: Demystifying Bare-Metal Device Firmware Update Security of Appified IoT Systems","publication_year":2024,"publication_date":"2024-11-20","ids":{"openalex":"https://openalex.org/W4404562693","doi":"https://doi.org/10.1109/tdsc.2024.3496658"},"language":"en","primary_location":{"id":"doi:10.1109/tdsc.2024.3496658","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tdsc.2024.3496658","pdf_url":null,"source":{"id":"https://openalex.org/S133795288","display_name":"IEEE Transactions on Dependable and Secure Computing","issn_l":"1545-5971","issn":["1545-5971","1941-0018","2160-9209"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Dependable and Secure Computing","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5095909642","display_name":"Lei Xue","orcid":"https://orcid.org/0009-0003-1952-885X"},"institutions":[{"id":"https://openalex.org/I157773358","display_name":"Sun Yat-sen University","ror":"https://ror.org/0064kty71","country_code":"CN","type":"education","lineage":["https://openalex.org/I157773358"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Lei Xue","raw_affiliation_strings":["School of Cyber Science and Technology and Guangdong Key Laboratory of Information Security Technology, Sun Yat-sen University, Shenzhen, China","School of Cyber Science and Technology, Sun Yat-sen University, Shenzhen, China"],"affiliations":[{"raw_affiliation_string":"School of Cyber Science and Technology and Guangdong Key Laboratory of Information Security Technology, Sun Yat-sen University, Shenzhen, China","institution_ids":["https://openalex.org/I157773358"]},{"raw_affiliation_string":"School of Cyber Science and Technology, Sun Yat-sen University, Shenzhen, China","institution_ids":["https://openalex.org/I157773358"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100531485","display_name":"Yuxiao Yan","orcid":null},"institutions":[{"id":"https://openalex.org/I14243506","display_name":"Hong Kong Polytechnic University","ror":"https://ror.org/0030zas98","country_code":"HK","type":"education","lineage":["https://openalex.org/I14243506"]}],"countries":["HK"],"is_corresponding":false,"raw_author_name":"Yuxiao Yan","raw_affiliation_strings":["The Hong Kong Polytechnic University, Hung Hom, Hong Kong"],"affiliations":[{"raw_affiliation_string":"The Hong Kong Polytechnic University, Hung Hom, Hong Kong","institution_ids":["https://openalex.org/I14243506"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5007842132","display_name":"Qiyi Tang","orcid":"https://orcid.org/0000-0002-8200-7518"},"institutions":[{"id":"https://openalex.org/I2250653659","display_name":"Tencent (China)","ror":"https://ror.org/00hhjss72","country_code":"CN","type":"company","lineage":["https://openalex.org/I2250653659"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Qiyi Tang","raw_affiliation_strings":["Tencent Security Keen Lab, Shenzhen, China","Tencent Security Keen Lab, Shenzhen, Guangdong, China"],"affiliations":[{"raw_affiliation_string":"Tencent Security Keen Lab, Shenzhen, China","institution_ids":["https://openalex.org/I2250653659"]},{"raw_affiliation_string":"Tencent Security Keen Lab, Shenzhen, Guangdong, China","institution_ids":["https://openalex.org/I2250653659"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5040159594","display_name":"Le Yu","orcid":"https://orcid.org/0000-0001-6354-1240"},"institutions":[{"id":"https://openalex.org/I41198531","display_name":"Nanjing University of Posts and Telecommunications","ror":"https://ror.org/043bpky34","country_code":"CN","type":"education","lineage":["https://openalex.org/I41198531"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Le Yu","raw_affiliation_strings":["Nanjing University of Posts and Telecommunications, Nanjing, China"],"affiliations":[{"raw_affiliation_string":"Nanjing University of Posts and Telecommunications, Nanjing, China","institution_ids":["https://openalex.org/I41198531"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100400376","display_name":"Xiapu Luo","orcid":"https://orcid.org/0000-0002-9082-3208"},"institutions":[{"id":"https://openalex.org/I14243506","display_name":"Hong Kong Polytechnic University","ror":"https://ror.org/0030zas98","country_code":"HK","type":"education","lineage":["https://openalex.org/I14243506"]}],"countries":["HK"],"is_corresponding":false,"raw_author_name":"Xiapu Luo","raw_affiliation_strings":["The Hong Kong Polytechnic University, Hung Hom, Hong Kong"],"affiliations":[{"raw_affiliation_string":"The Hong Kong Polytechnic University, Hung Hom, Hong Kong","institution_ids":["https://openalex.org/I14243506"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5008975323","display_name":"Zhiqiang Cai","orcid":"https://orcid.org/0000-0002-9180-675X"},"institutions":[{"id":"https://openalex.org/I2250653659","display_name":"Tencent (China)","ror":"https://ror.org/00hhjss72","country_code":"CN","type":"company","lineage":["https://openalex.org/I2250653659"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Zhiqiang Cai","raw_affiliation_strings":["Tencent Security Keen Lab, Shenzhen, China","Tencent Security Keen Lab, Shenzhen, Guangdong, China"],"affiliations":[{"raw_affiliation_string":"Tencent Security Keen Lab, Shenzhen, China","institution_ids":["https://openalex.org/I2250653659"]},{"raw_affiliation_string":"Tencent Security Keen Lab, Shenzhen, Guangdong, China","institution_ids":["https://openalex.org/I2250653659"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5069450513","display_name":"Sen Nie","orcid":"https://orcid.org/0000-0003-4154-2941"},"institutions":[{"id":"https://openalex.org/I2250653659","display_name":"Tencent (China)","ror":"https://ror.org/00hhjss72","country_code":"CN","type":"company","lineage":["https://openalex.org/I2250653659"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Sen Nie","raw_affiliation_strings":["Tencent Security Keen Lab, Shenzhen, China","Tencent Security Keen Lab, Shenzhen, Guangdong, China"],"affiliations":[{"raw_affiliation_string":"Tencent Security Keen Lab, Shenzhen, China","institution_ids":["https://openalex.org/I2250653659"]},{"raw_affiliation_string":"Tencent Security Keen Lab, Shenzhen, Guangdong, China","institution_ids":["https://openalex.org/I2250653659"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101409340","display_name":"Shi Wu","orcid":"https://orcid.org/0000-0002-6842-7487"},"institutions":[{"id":"https://openalex.org/I2250653659","display_name":"Tencent (China)","ror":"https://ror.org/00hhjss72","country_code":"CN","type":"company","lineage":["https://openalex.org/I2250653659"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Shi Wu","raw_affiliation_strings":["Tencent Security Keen Lab, Shenzhen, China","Tencent Security Keen Lab, Shenzhen, Guangdong, China"],"affiliations":[{"raw_affiliation_string":"Tencent Security Keen Lab, Shenzhen, China","institution_ids":["https://openalex.org/I2250653659"]},{"raw_affiliation_string":"Tencent Security Keen Lab, Shenzhen, Guangdong, China","institution_ids":["https://openalex.org/I2250653659"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5058852421","display_name":"Guofei Gu","orcid":"https://orcid.org/0000-0003-0630-741X"},"institutions":[{"id":"https://openalex.org/I91045830","display_name":"Texas A&M University","ror":"https://ror.org/01f5ytq51","country_code":"US","type":"education","lineage":["https://openalex.org/I91045830"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Guofei Gu","raw_affiliation_strings":["Department of CSE, Texas A&amp;M University, College Station, TX, USA"],"affiliations":[{"raw_affiliation_string":"Department of CSE, Texas A&amp;M University, College Station, TX, USA","institution_ids":["https://openalex.org/I91045830"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5100455048","display_name":"Chenxu Wang","orcid":"https://orcid.org/0000-0002-9539-5046"},"institutions":[{"id":"https://openalex.org/I87445476","display_name":"Xi'an Jiaotong University","ror":"https://ror.org/017zhmm22","country_code":"CN","type":"education","lineage":["https://openalex.org/I87445476"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Chenxu Wang","raw_affiliation_strings":["School of Software Engineering, Xi&#x2019;an Jiaotong University, Xi&#x2019;an, China","School of Software Engineering, Xi&#x0027;an Jiaotong University, Xi&#x0027;an, China"],"affiliations":[{"raw_affiliation_string":"School of Software Engineering, Xi&#x2019;an Jiaotong University, Xi&#x2019;an, China","institution_ids":["https://openalex.org/I87445476"]},{"raw_affiliation_string":"School of Software Engineering, Xi&#x0027;an Jiaotong University, Xi&#x0027;an, China","institution_ids":["https://openalex.org/I87445476"]}]}],"institutions":[],"countries_distinct_count":3,"institutions_distinct_count":10,"corresponding_author_ids":["https://openalex.org/A5095909642"],"corresponding_institution_ids":["https://openalex.org/I157773358"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.2557377,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"22","issue":"3","first_page":"2367","last_page":"2384"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12017","display_name":"Recycling and Waste Management Techniques","score":0.9050999879837036,"subfield":{"id":"https://openalex.org/subfields/2311","display_name":"Industrial and Manufacturing Engineering"},"field":{"id":"https://openalex.org/fields/23","display_name":"Environmental Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12017","display_name":"Recycling and Waste Management Techniques","score":0.9050999879837036,"subfield":{"id":"https://openalex.org/subfields/2311","display_name":"Industrial and Manufacturing Engineering"},"field":{"id":"https://openalex.org/fields/23","display_name":"Environmental Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/firmware","display_name":"Firmware","score":0.8351781368255615},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6768287420272827},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6746883392333984},{"id":"https://openalex.org/keywords/internet-of-things","display_name":"Internet of Things","score":0.6284679174423218},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.24101805686950684}],"concepts":[{"id":"https://openalex.org/C67212190","wikidata":"https://www.wikidata.org/wiki/Q104851","display_name":"Firmware","level":2,"score":0.8351781368255615},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6768287420272827},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6746883392333984},{"id":"https://openalex.org/C81860439","wikidata":"https://www.wikidata.org/wiki/Q251212","display_name":"Internet of Things","level":2,"score":0.6284679174423218},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.24101805686950684}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/tdsc.2024.3496658","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tdsc.2024.3496658","pdf_url":null,"source":{"id":"https://openalex.org/S133795288","display_name":"IEEE Transactions on Dependable and Secure Computing","issn_l":"1545-5971","issn":["1545-5971","1941-0018","2160-9209"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Dependable and Secure Computing","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":46,"referenced_works":["https://openalex.org/W2009614414","https://openalex.org/W2043118292","https://openalex.org/W2091939272","https://openalex.org/W2180970301","https://openalex.org/W2410627463","https://openalex.org/W2482930083","https://openalex.org/W2510556079","https://openalex.org/W2514974017","https://openalex.org/W2575029217","https://openalex.org/W2576376563","https://openalex.org/W2613352518","https://openalex.org/W2617476279","https://openalex.org/W2749008552","https://openalex.org/W2753873057","https://openalex.org/W2766106797","https://openalex.org/W2782780792","https://openalex.org/W2791018263","https://openalex.org/W2792078641","https://openalex.org/W2792247670","https://openalex.org/W2882992559","https://openalex.org/W2905044737","https://openalex.org/W2945274336","https://openalex.org/W2972481639","https://openalex.org/W2974058390","https://openalex.org/W3015383024","https://openalex.org/W3045898733","https://openalex.org/W3108723500","https://openalex.org/W3136780060","https://openalex.org/W4226344376","https://openalex.org/W4239035626","https://openalex.org/W4288057749","https://openalex.org/W4308408710","https://openalex.org/W4324007228","https://openalex.org/W4388857420","https://openalex.org/W6637594488","https://openalex.org/W6637688222","https://openalex.org/W6704178690","https://openalex.org/W6713252871","https://openalex.org/W6713987737","https://openalex.org/W6734189680","https://openalex.org/W6744145243","https://openalex.org/W6744196339","https://openalex.org/W6756158088","https://openalex.org/W6764964240","https://openalex.org/W6781820298","https://openalex.org/W6782012779"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2899084033","https://openalex.org/W2748952813","https://openalex.org/W2582981600","https://openalex.org/W4389238932","https://openalex.org/W4387467152","https://openalex.org/W4212885212","https://openalex.org/W4379115910","https://openalex.org/W3010413952","https://openalex.org/W4253989935"],"abstract_inverted_index":{"Due":[0],"to":[1,31,64,102,158,189,205,235,258],"the":[2,48,56,78,109,116,131,170,174,191,199,237,273],"economy":[3],"and":[4,22,34,50,67,84,173,193,197,227,247,271],"low":[5],"power":[6],"consumption":[7],"features,":[8],"bare-metal":[9,74,94,134,171,238],"IoT":[10,40,43,58,65,75,95,121,135,165,182,209,245],"devices":[11,59,76,96],"have":[12,45,143,179,267],"been":[13],"widely":[14],"used":[15],"in":[16,89,147],"various":[17],"areas":[18],"of":[19,118,127,133,162,214,241],"our":[20,269],"life,":[21],"they":[23,249],"are":[24],"usually":[25,87,97],"paired":[26],"with":[27],"companion":[28,110,175,208],"mobile":[29],"apps":[30,111],"configure":[32],"them":[33,215],"view":[35],"their":[36],"states":[37],"(a.k.a.,":[38],"appified":[39,120,164,244],"system).":[41],"The":[42,264],"systems":[44,166],"already":[46],"become":[47,71],"lucrative":[49],"profitable":[51],"targets":[52],"for":[53],"attackers":[54],"because":[55],"compromised":[57],"will":[60],"pose":[61],"severe":[62],"threats":[63],"security":[66,91,132,145,161,217,240,274],"reliability.":[68],"This":[69],"problem":[70],"worse":[72],"on":[73,113,130],"since":[77],"tradeoff":[79],"among":[80],"price,":[81],"functionality,":[82],"performance,":[83],"energy":[85],"efficiency":[86],"results":[88],"insufficient":[90],"protection.":[92],"Such":[93],"adopt":[98],"OTA":[99],"(Over-The-Air)":[100],"methods":[101],"update":[103,138],"firmware,":[104],"which":[105,254],"is":[106,124],"managed":[107],"by":[108],"running":[112],"smartphones.":[114],"Despite":[115],"prevalence":[117],"these":[119,163],"systems,":[122,246],"there":[123],"a":[125,155],"lack":[126],"systematic":[128],"research":[129],"device":[136],"firmware":[137,172,225,228,261],"(DFU),":[139],"although":[140],"recent":[141],"studies":[142],"reported":[144],"flaws":[146,218],"such":[148],"systems.":[149],"In":[150],"this":[151],"article,":[152],"we":[153,178,211,231,255],"propose":[154],"holistic":[156],"approach":[157],"investigate":[159,236],"DFU":[160,222,239,252],"through":[167],"collaborative":[168],"analyzing":[169],"app.":[176],"Additionally,":[177],"developed":[180],"an":[181],"system":[183],"analysis":[184,195],"framework":[185],"named":[186],"<inline-formula><tex-math":[187,203,233],"notation=\"LaTeX\">$\\mathsf{BareDFU}$</tex-math></inline-formula>":[188,204,234],"automate":[190],"complex":[192],"time-consuming":[194],"tasks":[196],"facilitate":[198],"investigation.":[200],"After":[201],"applying":[202],"analyze":[206],"1,637":[207],"apps,":[210],"found":[212],"710":[213],"contained":[216],"spanning":[219],"all":[220,250],"three":[221],"stages:":[223],"authentication,":[224],"acquisition,":[226],"verification.":[229],"Furthermore,":[230],"leveraged":[232],"six":[242],"commercial":[243],"discovered":[248],"had":[251],"flaws,":[253],"successfully":[256],"exploited":[257],"launch":[259],"proof-of-concept":[260],"modification":[262],"attacks.":[263],"affected":[265],"vendors":[266],"acknowledged":[268],"findings":[270],"addressed":[272],"flaws.":[275]},"counts_by_year":[],"updated_date":"2026-03-27T05:58:40.876381","created_date":"2025-10-10T00:00:00"}