Blockchain-Based Secure Firmware Update Using an UAV
- A blockchain-based firmware update scheme using UAV is proposed.
- The limitation of the availability of an internet connection by updating the firmware using UAVs is resolved.
- The secure management of firmware and IoT device information in the blockchain network is achieved through four processes.
- Result analysis was obtained by analyzing the blockchain network performance using Hyperledger Fabric. Additionally, the verification of the UAV and IoT device was obtained through asymmetric encryption and the Bloom filter. Moreover, the security analysis was performed using a well-known security model called STRIDE.
2. Related Works
3. System Model
- Blockchain network: A blockchain network that records and shares firmware information. Anything related to the firmware in the blockchain is stored in the block, and the information cannot be modified. This paper proposes a private blockchain for high transaction speed and scalability, and this network is managed by a trusted certification authority.
- Gateway and IoT device: As a participant in the blockchain network, it is a subject that needs a firmware update. To participate in the blockchain network, IoT devices must register information such as device name, installed firmware, and location (latitude, longitude). By participating in the blockchain network, the gateway can obtain information about the firmware and request a firmware update. In the proposed system, even the case where an internet connection is impossible is taken into consideration.
- Vendor: In order to participate in the blockchain network, information such as vendor name, owned device, and owned firmware must be registered. As a participant, it provides firmware information. When a new firmware is developed, information about the target device and firmware is registered in the blockchain network to store and share information securely.
- UAV: It uses the firmware file developed by the manufacturer and the information of IoT devices registered in the blockchain network to securely communicate with IoT devices to update the firmware.
- To participate in the blockchain network, participants must register information on the blockchain network. The information provided by participants is as follows.
In the case of IoT devices, the process is divided into two types, as follows, depending on whether there is an internet connection.
- IoT device: device name, installed firmware, location (latitude, longitude), and public key.
- Vendor: vendor name, owned device, owned firmware, and public key.
- IoT device connected to the internet: In this case, IoT devices can participate in the blockchain network through the gateway. Here, the gateway becomes a participant in the blockchain network by collecting information on connected devices, creating a device list, and registering it.
- IoT device not connected to the internet: In this case, before placing the IoT device, register the device’s information and public key in advance on the blockchain network.
- The blockchain network that received the information checks whether the participant is registered in the participant storage through the received information.
- The result of whether a participant is registered in the blockchain network is returned, as shown in Algorithm 1.
- When there is no new participant information in the participant registry, the information received is added to the registry.
- The participant registration result is delivered to the requester.
|Algorithm 1: Participant Registration.|
- The manufacturer delivers firmware information to register/update the firmware on the blockchain network, which is as follows.
- Firmware registration: vendor name, target device, and firmware information.
- Firmware update: vendor name, registered firmware ID, and firmware information.
- Before registering/updating the firmware, check if the requester has permission from the MSP, as shown in Algorithm 2.
- Requester’s permission check result is returned.
- When the requestor has permission, register/update the firmware.
- Firmware registration: information about new firmware is added to the firmware registry.
- Firmware update: update the information on the new firmware by using the registered firmware ID to retrieve its information from the firmware registry.
- When registration/update is completed, information about the firmware is notified to the participants of the blockchain network, and the registration/update result is delivered to the requester.
|Algorithm 2: Firmware Registration/Update.|
- The gateway receives information about the firmware when registering/updating the new firmware.
- The gateway determines whether to update the firmware by comparing the received firmware information with its list of devices, as shown in Algorithm 3. When a firmware update is required, it requests the same from the blockchain network.
- To verify the gateway that was requested for the firmware update, the blockchain network retrieves the device list of the gateway using the gateway’s ID in the participant registry. It checks whether there is an IoT device requiring a firmware update by comparing information such as the target device and the firmware version of the registered/updated firmware in the device list.
- The verification result is returned.
- If the firmware update is required, information on the device is sent to the vendor.
|Algorithm 3: Firmware Update Request.|
- To update the firmware, a list containing information about the firmware and IoT devices is stored in the UAV. The Bloom filter is used to block unnecessary IoT device access and verify those devices that have requested a firmware update, as shown in Algorithm 4. The Bloom filter is created using the information from IoT devices to be updated by the UAV.
- The UAV checks the location information of the devices, moves to the location, and requests communication from the IoT device. Now, the UAV is verified using the public key registered by the IoT device to participate in the blockchain network.
- After the UAV is verified, the UAV uses its own Bloom filter to verify the IoT device.
- After the verification of the UAV and the IoT device is completed, the IoT device uses a private key and the UAV uses a public key to securely communicate with a public key encryption method to update the firmware.
- When the firmware update of all IoT devices in the firmware update list is completed, this result is recorded by the manufacturer on the blockchain network. Now, information about the UAV is also recorded. The blockchain network uses the received firmware update result to update the information of IoT devices that have completed the firmware update.
|Algorithm 4: Firmware Update.|
4. Security Analysis
- Spoofing—Spoofing means false identity. There is a possibility of transferring the secret message to wrong devices that can appear in the network under a false identity. Therefore, in this paper, public key cryptography is used to prevent a false identity. Here, a digital signature is produced to verify the authentication. Therefore, spoofing issues have been resolved using the digital signature after receiving the data.
- Tampering—Tampering means modifying the information. Attackers, such as hackers, can manipulate data inside the network. Blockchain technology is used here to store the information securely and to prevent illegal data from being tampered with inside the network.
- Repudiation—Repudiation means the denial of any activity by any user inside a network. As the blockchain is used in the proposed system, all of the data are stored in a blockchain ledger. Once the data is stored with the verification of other users of the network, a third party or attacker will not be able to modify it by entering the blockchain network.
- Information disclosure—Information disclosure means the leakage of information to unauthorized outsiders. In this proposed system, public key cryptography is used to transfer the data, and the digital signature is used to verify the authentication of the user. Therefore, the data leakage problem is solved by using the digital signature technique.
- Denial of service (DoS)—Denial of service means denying access to system resources to the legal users of the network. DoS attacks are made by outsiders to hamper system performance. In this proposed system, if a user tries to transfer the data multiple times, it is proposed to be blocked so that it can no longer transfer the data on the network with the intention of any DoS attack.
- Elevation of privilege—Elevation of privilege means access to system resources without permission. As the registration process is completed for every device and the authentication process is maintained using a digital signature, unauthorized users will not be able to access the system resources or the data inside the network.
5. Performance Evaluation
- Transaction rate.
- Transaction throughput.
- Transaction latency.
- Resource consumption.
- Firmware verification: This is a verification problem for the deployed firmware. Lee et al. , Yohan et al. [21,22,23], Hanqing et al. , Tsaur et al. , Mingjin et al. , and Jiang et al.  used blockchain in terms of data security but did not consider verification when deploying firmware to IoT devices.
- Internet connection: This problem is whether the firmware can be updated according to the internet connection. Existing studies require an internet connection, but the proposed system can update the firmware using UAVs at any time as long as devices that cannot connect to the internet are registered in advance.
Data Availability Statement
Conflicts of Interest
- Asghari, P.; Rahmani, A.M.; Javadi, H.H.S. Internet of Things applications: A systematic review. Comput. Netw. 2019, 148, 241–261. [Google Scholar] [CrossRef]
- Dagar, R.; Som, S.; Khatri, S.K. Smart farming–IoT in agriculture. In Proceedings of the 2018 International Conference on Inventive Research in Computing Applications (ICIRCA), Coimbatore, India, 11–12 July 2018; pp. 1052–1056. [Google Scholar]
- Balakrishna, S.J.; Marellapudi, H.; Manga, N.A. IoT based status tracking and controlling of motor in agricultural farms. In Proceedings of the 2018 5th IEEE Uttar Pradesh Section International Conference on Electrical, Electronics and Computer Engineering (UPCON), Gorakhpur, India, 2–4 November 2018; pp. 1–5. [Google Scholar]
- Zyrianoff, I.; Heideker, A.; Silva, D.; Kamienski, C. Scalability of an Internet of Things platform for smart water management for agriculture. In Proceedings of the 2018 23rd Conference of Open Innovations Association (FRUCT), Bologna, Italy, 13–16 November 2018; pp. 432–439. [Google Scholar]
- Ramachandran, V.; Ramalakshmi, R.; Srinivasan, S. An automated irrigation system for smart agriculture using the Internet of Things. In Proceedings of the 2018 15th International Conference on Control, Automation, Robotics and Vision (ICARCV), Singapore, 18–21 November 2018; pp. 210–215. [Google Scholar]
- Alam, M.M.; Malik, H.; Khan, M.I.; Pardy, T.; Kuusik, A.; Le Moullec, Y. A survey on the roles of communication technologies in IoT-based personalized healthcare applications. IEEE Access 2018, 6, 36611–36631. [Google Scholar] [CrossRef]
- He, D.; Ye, R.; Chan, S.; Guizani, M.; Xu, Y. Privacy in the Internet of Things for smart healthcare. IEEE Commun. Mag. 2018, 56, 38–44. [Google Scholar] [CrossRef]
- Islam, A.; Young Shin, S. A blockchain-based secure healthcare scheme with the assistance of unmanned aerial vehicle in Internet of Things. Comput. Electr. Eng. 2020, 84, 106627. [Google Scholar] [CrossRef]
- Luo, E.; Bhuiyan, M.Z.A.; Wang, G.; Rahman, M.A.; Wu, J.; Atiquzzaman, M. Privacyprotector: Privacy-protected patient data collection in IoT-based healthcare systems. IEEE Commun. Mag. 2018, 56, 163–168. [Google Scholar] [CrossRef]
- Lee, C.K.; Liu, H.; Fuhs, D.; Kores, A.; Waffenschmidt, E. Smart lighting systems as a demand response solution for future smart grids. IEEE J. Emerg. Sel. Top. Power Electron. 2020, 8, 2362–2370. [Google Scholar] [CrossRef]
- Li, Y.; Cheng, X.; Cao, Y.; Wang, D.; Yang, L. Smart choice for the smart grid: Narrowband Internet of Things (NB-IoT). IEEE Internet Things J. 2017, 5, 1505–1515. [Google Scholar] [CrossRef]
- Meng, Y.; Zhang, W.; Zhu, H.; Shen, X.S. Securing consumer IoT in the smart home: Architecture, challenges, and countermeasures. IEEE Wirel. Commun. 2018, 25, 53–59. [Google Scholar] [CrossRef]
- Elsts, A.; Fafoutis, X.; Woznowski, P.; Tonkin, E.; Oikonomou, G.; Piechocki, R.; Craddock, I. Enabling healthcare in smart homes: The SPHERE IoT network infrastructure. IEEE Commun. Mag. 2018, 56, 164–170. [Google Scholar] [CrossRef]
- Wang, P.; Ye, F.; Chen, X. A smart home gateway platform for data collection and awareness. IEEE Commun. Mag. 2018, 56, 87–93. [Google Scholar] [CrossRef]
- Holler, J.; Tsiatsis, V.; Mulligan, C.; Karnouskos, S.; Avesand, S.; Boyle, D. Internet Things; Academic Press: Cambridge, MA, USA, 2014. [Google Scholar]
- Cui, A.; Costello, M.; Stolfo, S. When firmware modifications attack: A case study of embedded exploitation. In Proceedings of the 20th Annual Network & Distributed System Security Symposium, San Diego, CA, USA, 24–27 February 2013. [Google Scholar]
- Prada-Delgado, M.A.; Vázquez-Reyes, A.; Baturone, I. Trustworthy firmware update for Internet-of-Thing Devices using physical unclonable functions. In Proceedings of the 2017 Global Internet of Things Summit (GIoTS), Geneva, Switzerland, 6–9 June 2017; pp. 1–5. [Google Scholar]
- Islam, A.; Shin, S.Y. BUS: A Blockchain-Enabled Data Acquisition Scheme With the Assistance of UAV Swarm in Internet of Things. IEEE Access 2019, 7, 103231–103249. [Google Scholar] [CrossRef]
- Islam, A.; Shin, S.Y. BUAV: A blockchain based secure UAV-assisted data acquisition scheme in Internet of Things. J. Commun. Netw. 2019, 21, 491–502. [Google Scholar] [CrossRef]
- Lee, B.; Lee, J.H. Blockchain-based secure firmware update for embedded devices in an Internet of Things environment. J. Supercomput. 2017, 73, 1152–1167. [Google Scholar] [CrossRef]
- Yohan, A.; Lo, N.W.; Achawapong, S. Blockchain-based firmware update framework for internet-of-things environment. In Proceedings of the Conference Information and Knowledge Engineering, Mashhad, Iran, 25–26 October 2018; pp. 151–155. [Google Scholar]
- Yohan, A.; Lo, N.W. An over-the-blockchain firmware update framework for IoT devices. In Proceedings of the 2018 IEEE Conference on Dependable and Secure Computing (DSC), Kaohsiung, Taiwan, 10–13 December 2018; pp. 1–8. [Google Scholar]
- Yohan, A.; Lo, N.W. FOTB: A secure blockchain-based firmware update framework for IoT environment. Int. J. Inf. Secur. 2020, 19, 257–278. [Google Scholar] [CrossRef]
- Pillai, A.; Sindhu, M.; Lakshmy, K. Securing firmware in Internet of Things using blockchain. In Proceedings of the 2019 5th International Conference on Advanced Computing & Communication Systems (ICACCS), Coimbatore, India, 15–16 March 2019; pp. 329–334. [Google Scholar]
- Baza, M.; Nabil, M.; Lasla, N.; Fidan, K.; Mahmoud, M.; Abdallah, M. Blockchain-based Firmware Update Scheme Tailored for Autonomous Vehicles. In Proceedings of the 2019 IEEE Wireless Communications and Networking Conference (WCNC), Marrakesh, Morocco, 15–18 April 2019; pp. 1–7. [Google Scholar] [CrossRef]
- Choi, S.; Lee, J.H. Blockchain-Based Distributed Firmware Update Architecture for IoT Devices. IEEE Access 2020, 8, 37518–37525. [Google Scholar] [CrossRef]
- Wu, H.; Jiang, S.; Cao, J. High-Efficiency Blockchain-Based Supply Chain Traceability. IEEE Trans. Intell. Transp. Syst. 2023, 24, 3748–3758. [Google Scholar] [CrossRef]
- Tsaur, W.J.; Chang, J.C.; Chen, C.L. A Highly Secure IoT Firmware Update Mechanism Using Blockchain. Sensors 2022, 22, 530. [Google Scholar] [CrossRef]
- Zhang, M.; Cao, J.; Sahni, Y.; Chen, Q.; Jiang, S.; Yang, L. Blockchain-based Collaborative Edge Intelligence for Trustworthy and Real-Time Video Surveillance. IEEE Trans. Ind. Inform. 2023, 19, 1623–1633. [Google Scholar] [CrossRef]
- Jiang, S.; Cao, J.; Wu, H.; Chen, K.; Liu, X. Privacy-preserving and efficient data sharing for blockchain-based intelligent transportation systems. Inf. Sci. 2023, 635, 72–85. [Google Scholar] [CrossRef]
- Masuduzzaman, M.; Islam, A.; Sadia, K.; Shin, S.Y. UAV-based MEC-assisted automated traffic management scheme using blockchain. Future Gener. Comput. Syst. 2022, 134, 256–270. [Google Scholar] [CrossRef]
- Masuduzzaman, M.; Rahim, T.; Islam, A.; Shin, S.Y. UxV-Based Deep-Learning-Integrated Automated and Secure Garbage Management Scheme Using Blockchain. IEEE Internet Things J. 2023, 10, 6779–6793. [Google Scholar] [CrossRef]
- Chen, C.L.; Yang, J.; Tsaur, W.J.; Weng, W.; Wu, C.M.; Wei, X. Enterprise Data Sharing with Privacy-Preserved Based on Hyperledger Fabric Blockchain in IIOTś Application. Sensors 2022, 22, 1146. [Google Scholar] [CrossRef] [PubMed]
- Alexandridis, A.; Al-Sumaidaee, G.; Alkhudary, R.; Zilic, Z. Making Case for Using RAFT in Healthcare Through Hyperledger Fabric. In Proceedings of the 2021 IEEE International Conference on Big Data (Big Data), Orlando, FL, USA, 15–18 December 2021; pp. 2185–2191. [Google Scholar] [CrossRef]
- Piao, X.; Li, M.; Meng, F.; Song, H. Latency Analysis for Raft Consensus on Hyperledger Fabric. In Proceedings of the Blockchain and Trustworthy Systems, Chengdu, China, 4–5 August 2022; Svetinovic, D., Zhang, Y., Luo, X., Huang, X., Chen, X., Eds.; Springer: Singapore, 2022; pp. 165–176. [Google Scholar]
|Lee et al. ||Blockchain-based secure firmware update for embedded|
devices in an Internet of Things environment
|None of the existing research considered internet connection issues (i.e., whether the firmware can be updated according to the internet connection)|
|Yohan et al. ||Blockchain-based firmware update framework for |
Internet of Things environment
|Yohan et al. ||An over-the-blockchain firmware update framework |
for IoT devices
|Yohan et al. ||FOTB: a secure blockchain-based firmware update framework for IoT environment|
|Pillai et al. ||Securing firmware in Internet of Things using blockchain|
|Baza et al. ||Blockchain-based firmware update scheme for autonomous vehicles|
|Seoyun et al. ||Blockchain-based efficient firmware updates for IoT devices|
|Hanqing et al. ||Blockchain-based supply chain traceability systems|
|Tsaur et al. ||Efficient firmware update mechanism utilizing blockchain|
|Mingjin et al. ||Video surveillance and secure data storage technique using blockchain|
|Jiang et al. ||Privacy-focused data-sharing mechanisms for intelligent transportation|
|OS||Ubuntu 16.04 LTS|
|Number of node||2, 3, …, 10|
|Processor||Intel Xeon Platinum 8000 Series|
|vCPUs and Memory||4 and 16 GiB|
|Clock Speed||Up to 3.1 GHz|
|Network Performance||Up to 10 Gbps|
|Operating System||Ubuntu 18.04|
|Storage Type||Amazon EBS (Elastic Block Store)|
|Storage Size||100 GB|
|Network||Virtual Private Cloud|
|Public IP Address||Disabled|
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content.
© 2023 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Seo, J.W.; Islam, A.; Masuduzzaman, M.; Shin, S.Y. Blockchain-Based Secure Firmware Update Using an UAV. Electronics 2023, 12, 2189. https://doi.org/10.3390/electronics12102189
Seo JW, Islam A, Masuduzzaman M, Shin SY. Blockchain-Based Secure Firmware Update Using an UAV. Electronics. 2023; 12(10):2189. https://doi.org/10.3390/electronics12102189Chicago/Turabian Style
Seo, Jong Wan, Anik Islam, Md Masuduzzaman, and Soo Young Shin. 2023. "Blockchain-Based Secure Firmware Update Using an UAV" Electronics 12, no. 10: 2189. https://doi.org/10.3390/electronics12102189