International Conference on Information Networking 2022

January 2022 South Korea & Online
Saad EL JAOUHARI, assoicate professor at Isep and cybersecurity specialist, will present his paper “Toward a generic and secure bootloader for IoT device firmware OTA update” at the International Conference on Information Networking (ICOIN) 2022 in South Korea.

ICOIN is the 36th International Conference on Information Networking, Rank B, is one of the most comprehensive conference focused on the various aspects of advances in computer communication and networking technologies, in particular in wireless communication such as: the Internet of Things and machine-to-machine communications, 5G/6G cellular systems and heterogeneous networks, Network security, trust and privacy.


About Saad EL JAOUHARI’s paper:

Toward a generic and secure bootloader for IoT device firmware OTA update


The IoT devices market has shown strong growth in recent years. Time to market has become essential to be competitive, the faster a competitor develops and integrates his product, the more likely he is to dominate the market. This competition leads to critical software problems in the systems due to lack of testing or short development times. Lots present some vulnerabilities that can be exploited by attacks via botnets or malwares. Moreover, they are subject to huge number of 0- days that need quick intervention to maintain the security of the environment in which the IoT device is deployed in. For this purpose, the quick update of the firmware of these devices via patches is the most effective solution to counter these attacks. In this process, to operate embedded systems’ set-up, control and supervision, an important component called the bootloader have to be implemented. This piece of code can manage and execute boot sequence and launch the firmware. However, without any recommendations or references, currently, there is no generic bootloader for all the IoT device, but there are several bootloaders specific for a particular or a group of hardware or kernel. This paper aims to analyze some of these bootloaders and develop a minimal generic bootloader implementing a firmware Over-The-Air update for constrained IoT devices. After analyzing several bootloaders and the OTA update process, a PoC of a bootloaders based on FreeRTOS, has been designed and implemented, and which allows to perform firmware verifications and OTA updates.

Read also