Designing and Prototyping Secure Over-the-Air (OTA) Updates for Microcontrollers
Overview This thesis aims to design and prototype a secure OTA (Over-the-Air) update framework for microcontroller-based systems. OTA updates enable remote distribution of firmware patches and features without requiring physical access, a critical capability for IoT, embedded devices, and connected products. However, insecure OTA channels expose devices to risks such as malicious firmware injection or data tampering. The thesis will address these challenges by developing a lightweight OTA framework tailored to the constraints of microcontrollers. The prototype will be evaluated on real hardware, ensuring both academic rigor and practical relevance.
Description
Key Investigation Areas
- Investigation of firmware verification (signing, and signature check)
- Investigation of binary delivery form and security (encryption, compression, etc.)
- Investigation to secure transport (IP TLS, TCP/UDP) and reliability in unstable networks.
- Investigation for methods in atomic updates to prevent corrupt images being loaded.
Optional investigation areas:
- Scalability for mass IoT device update
- Generalized framework (server program and microcontroller library)
- Case study based on real-world problem
Impact
- For Academia: Contributes empirical data on the performance trade-offs of cryptographic
algorithms and rollback strategies on resource-constrained hardware, filling a gap in the existing literature and providing a basis for future research.
- For Industry: Supports the development of reliable, safe, and scalable remote update systems across automotive, consumer IoT, and industrial applications.
- For Society: Improves the security, trustworthiness, and reliability of connected devices in everyday life, reducing risks associated with cyberattacks and firmware vulnerabilities.