MUP
- Message Queuing Telemetry Transport (MQTT) is one of the dominating protocols for edge- and cloud-based Internet of Things (IoT) solutions. When a security vulnerability of an IoT device is known, it has to be fixed as soon as possible. This requires a firmware update procedure. In this paper, we propose a secure update protocol for MQTT-connected devices which ensures the freshness of the firmware, authenticates the new firmware and considers constrained devices. We show that the update protocol is easy to integrate in an MQTT-based IoT network using a semantic approach. The feasibility of our approach is demonstrated by a detailed performance analysis of our prototype implementation on a IoT device with 32 kB RAM. Thereby, we identify design issues in MQTT 5 which can help to improve the support of constrained devices.
Author details: | Kristina SahlmannORCiDGND, Vera Clemens, Michael Nowak, Bettina SchnorORCiDGND |
---|---|
DOI: | https://doi.org/10.3390/s21010010 |
ISSN: | 1424-8220 |
Pubmed ID: | https://pubmed.ncbi.nlm.nih.gov/33374965 |
Title of parent work (English): | Sensors |
Subtitle (English): | Simplifying Secure Over-The-Air Update with MQTT for Constrained IoT Devices |
Publisher: | MDPI |
Place of publishing: | Basel |
Publication type: | Article |
Language: | English |
Date of first publication: | 2020/11/17 |
Publication year: | 2020 |
Release date: | 2021/01/13 |
Tag: | Internet of Things; MQTT; edge computing; firmware update; security |
Volume: | 21 |
Issue: | 1 |
Number of pages: | 21 |
Funding institution: | Universität Potsdam |
Funding institution: | Deutsche Forschungsgemeinschaft (German Research Foundation)German Research Foundation (DFG); Open Access Publication Fund of Potsdam University |
Funding number: | PA 2020_131 |
Organizational units: | Mathematisch-Naturwissenschaftliche Fakultät / Institut für Informatik und Computational Science |
DDC classification: | 6 Technik, Medizin, angewandte Wissenschaften / 62 Ingenieurwissenschaften / 620 Ingenieurwissenschaften und zugeordnete Tätigkeiten |
Peer review: | Referiert |
Grantor: | Publikationsfonds der Universität Potsdam |
Publishing method: | Open Access / Gold Open-Access |
License (German): | CC-BY - Namensnennung 4.0 International |
External remark: | Zweitveröffentlichung in der Schriftenreihe Postprints der Universität Potsdam : Mathematisch-Naturwissenschaftliche Reihe ; 1094 |