MUP

  • Message Queuing Telemetry Transport (MQTT) is one of the dominating protocols for edge- and cloud-based Internet of Things (IoT) solutions. When a security vulnerability of an IoT device is known, it has to be fixed as soon as possible. This requires a firmware update procedure. In this paper, we propose a secure update protocol for MQTT-connected devices which ensures the freshness of the firmware, authenticates the new firmware and considers constrained devices. We show that the update protocol is easy to integrate in an MQTT-based IoT network using a semantic approach. The feasibility of our approach is demonstrated by a detailed performance analysis of our prototype implementation on a IoT device with 32 kB RAM. Thereby, we identify design issues in MQTT 5 which can help to improve the support of constrained devices.

Download full text files

  • pmnr1094.pdfeng
    (3891KB)

    SHA-512:b81d5e0392339cfbc9fc99a61de53a2d9504a2149202e18b7de73f0f1d8bddcc371cc62843a61fd39d6c03893b9802fd9a0acb859ecaa12dd14225deff65cf59

Export metadata

Additional Services

Share in Twitter Search Google Scholar Statistics
Metadaten
Author details:Kristina Sahlmann, Vera Clemens, Michael Nowak, Bettina SchnorGND
URN:urn:nbn:de:kobv:517-opus4-489013
DOI:https://doi.org/10.25932/publishup-48901
ISSN:1866-8372
Parent title (German):Postprints der Universität Potsdam : Mathematisch-Naturwissenschaftliche Reihe
Subtitle (English):Simplifying Secure Over-The-Air Update with MQTT for Constrained IoT Devices
Publication series (Volume number):Postprints der Universität Potsdam : Mathematisch-Naturwissenschaftliche Reihe (1094)
Document type:Article
Language:English
Date of first publication:2021/01/13
Year of completion:2020
Publishing institution:Universität Potsdam
Release date:2021/01/13
Tag:Internet of Things; MQTT; edge computing; firmware update; security
Issue:1094
Page number:23
Source:Sensors 21 (2021) 1, 10 DOI: 10.3390/s21010010
Organizational units:Mathematisch-Naturwissenschaftliche Fakultät / Institut für Informatik und Computational Science
DDC classification:6 Technik, Medizin, angewandte Wissenschaften / 62 Ingenieurwissenschaften / 620 Ingenieurwissenschaften und zugeordnete Tätigkeiten
Peer review:Referiert
Publishing method:Open Access / Green Open-Access
License (German):License LogoCreative Commons - Namensnennung, 4.0 International
External remark:Bibliographieeintrag der Originalveröffentlichung/Quelle