@misc{SahlmannClemensNowaketal.2020,
  author    = {Sahlmann, Kristina and Clemens, Vera and Nowak, Michael and Schnor, Bettina},
  title     = {MUP},
  series = {Postprints der Universit{\"a}t Potsdam : Mathematisch-Naturwissenschaftliche Reihe},
  journal   = {Postprints der Universit{\"a}t Potsdam : Mathematisch-Naturwissenschaftliche Reihe},
  number    = {1094},
  issn      = {1866-8372},
  doi       = {10.25932/publishup-48901},
  url       = {http://nbn-resolving.de/urn:nbn:de:kobv:517-opus4-489013},
  pages     = {23},
  year      = {2020},
  abstract  = {Message Queuing Telemetry Transport (MQTT) is one of the dominating protocols for edge- and cloud-based Internet of Things (IoT) solutions. When a security vulnerability of an IoT device is known, it has to be fixed as soon as possible. This requires a firmware update procedure. In this paper, we propose a secure update protocol for MQTT-connected devices which ensures the freshness of the firmware, authenticates the new firmware and considers constrained devices. We show that the update protocol is easy to integrate in an MQTT-based IoT network using a semantic approach. The feasibility of our approach is demonstrated by a detailed performance analysis of our prototype implementation on a IoT device with 32 kB RAM. Thereby, we identify design issues in MQTT 5 which can help to improve the support of constrained devices.},
  language  = {en}
}
@article{SahlmannClemensNowaketal.2020,
  author    = {Sahlmann, Kristina and Clemens, Vera and Nowak, Michael and Schnor, Bettina},
  title     = {MUP},
  series = {Sensors},
  volume    = {21},
  journal   = {Sensors},
  number    = {1},
  publisher = {MDPI},
  address   = {Basel},
  issn      = {1424-8220},
  doi       = {10.3390/s21010010},
  pages     = {21},
  year      = {2020},
  abstract  = {Message Queuing Telemetry Transport (MQTT) is one of the dominating protocols for edge- and cloud-based Internet of Things (IoT) solutions. When a security vulnerability of an IoT device is known, it has to be fixed as soon as possible. This requires a firmware update procedure. In this paper, we propose a secure update protocol for MQTT-connected devices which ensures the freshness of the firmware, authenticates the new firmware and considers constrained devices. We show that the update protocol is easy to integrate in an MQTT-based IoT network using a semantic approach. The feasibility of our approach is demonstrated by a detailed performance analysis of our prototype implementation on a IoT device with 32 kB RAM. Thereby, we identify design issues in MQTT 5 which can help to improve the support of constrained devices.},
  language  = {en}
}