MUP: Simplifying Secure Over-The-Air Update with MQTT for Constrained IoT Devices

Kristina Sahlmann, Vera Clemens, Michael Nowak, Bettina Schnor
2020 Sensors  
Message Queuing Telemetry Transport (MQTT) is one of the dominating protocols for edge- and cloud-based Internet of Things (IoT) solutions. When a security vulnerability of an IoT device is known, it has to be fixed as soon as possible. This requires a firmware update procedure. In this paper, we propose a secure update protocol for MQTT-connected devices which ensures the freshness of the firmware, authenticates the new firmware and considers constrained devices. We show that the update
more » ... l is easy to integrate in an MQTT-based IoT network using a semantic approach. The feasibility of our approach is demonstrated by a detailed performance analysis of our prototype implementation on a IoT device with 32 kB RAM. Thereby, we identify design issues in MQTT 5 which can help to improve the support of constrained devices.
doi:10.3390/s21010010 pmid:33374965 fatcat:7qm3xtj57zavbdw5xurxk6pshi