draft-ietf-suit-architecture-00.txt   draft-ietf-suit-architecture-01.txt 
SUIT B. Moran SUIT B. Moran
Internet-Draft Arm Limited Internet-Draft Arm Limited
Intended status: Informational M. Meriac Intended status: Informational M. Meriac
Expires: December 5, 2018 Consultant Expires: January 3, 2019 Consultant
H. Tschofenig H. Tschofenig
Arm Limited Arm Limited
June 03, 2018 D. Brown
Linaro
July 02, 2018
A Firmware Update Architecture for Internet of Things Devices A Firmware Update Architecture for Internet of Things Devices
draft-ietf-suit-architecture-00 draft-ietf-suit-architecture-01
Abstract Abstract
Vulnerabilities with Internet of Things (IoT) devices have raised the Vulnerabilities with Internet of Things (IoT) devices have raised the
need for a solid and secure firmware update mechanism that is also need for a solid and secure firmware update mechanism that is also
suitable for constrained devices. Incorporating such update suitable for constrained devices. Incorporating such update
mechanism to fix vulnerabilities, to update configuration settings as mechanism to fix vulnerabilities, to update configuration settings as
well as adding new functionality is recommended by security experts. well as adding new functionality is recommended by security experts.
This document lists requirements and describes an architecture for a This document lists requirements and describes an architecture for a
skipping to change at page 1, line 46 skipping to change at page 1, line 48
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on December 5, 2018. This Internet-Draft will expire on January 3, 2019.
Copyright Notice Copyright Notice
Copyright (c) 2018 IETF Trust and the persons identified as the Copyright (c) 2018 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 36 skipping to change at page 2, line 36
the copyright in such materials, this document may not be modified the copyright in such materials, this document may not be modified
outside the IETF Standards Process, and derivative works of it may outside the IETF Standards Process, and derivative works of it may
not be created outside the IETF Standards Process, except to format not be created outside the IETF Standards Process, except to format
it for publication as an RFC or to translate it into languages other it for publication as an RFC or to translate it into languages other
than English. than English.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Conventions and Terminology . . . . . . . . . . . . . . . . . 3 2. Conventions and Terminology . . . . . . . . . . . . . . . . . 3
3. Requirements . . . . . . . . . . . . . . . . . . . . . . . . 4 3. Requirements . . . . . . . . . . . . . . . . . . . . . . . . 6
3.1. Agnostic to how firmware images are distributed . . . . . 5 3.1. Agnostic to how firmware images are distributed . . . . . 6
3.2. Friendly to broadcast delivery . . . . . . . . . . . . . 5 3.2. Friendly to broadcast delivery . . . . . . . . . . . . . 6
3.3. Use state-of-the-art security mechanisms . . . . . . . . 5 3.3. Use state-of-the-art security mechanisms . . . . . . . . 7
3.4. Rollback attacks must be prevented . . . . . . . . . . . 6 3.4. Rollback attacks must be prevented . . . . . . . . . . . 7
3.5. High reliability . . . . . . . . . . . . . . . . . . . . 6 3.5. High reliability . . . . . . . . . . . . . . . . . . . . 7
3.6. Operate with a small bootloader . . . . . . . . . . . . . 6 3.6. Operate with a small bootloader . . . . . . . . . . . . . 8
3.7. Small Parsers . . . . . . . . . . . . . . . . . . . . . . 7 3.7. Small Parsers . . . . . . . . . . . . . . . . . . . . . . 8
3.8. Minimal impact on existing firmware formats . . . . . . . 7 3.8. Minimal impact on existing firmware formats . . . . . . . 8
3.9. Robust permissions . . . . . . . . . . . . . . . . . . . 7 3.9. Robust permissions . . . . . . . . . . . . . . . . . . . 8
3.10. Operating modes . . . . . . . . . . . . . . . . . . . . . 8 3.10. Operating modes . . . . . . . . . . . . . . . . . . . . . 9
4. Claims . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 4. Claims . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
5. Architecture . . . . . . . . . . . . . . . . . . . . . . . . 10 5. Communication Architecture . . . . . . . . . . . . . . . . . 11
6. Manifest . . . . . . . . . . . . . . . . . . . . . . . . . . 12 6. Manifest . . . . . . . . . . . . . . . . . . . . . . . . . . 14
7. Example Flow . . . . . . . . . . . . . . . . . . . . . . . . 13 7. Device Firmware Update Examples . . . . . . . . . . . . . . . 15
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 15 7.1. Single CPU SoC . . . . . . . . . . . . . . . . . . . . . 16
9. Security Considerations . . . . . . . . . . . . . . . . . . . 15 7.2. Single CPU with Secure - Normal Mode Partitioning . . . . 16
10. Mailing List Information . . . . . . . . . . . . . . . . . . 16 7.3. Dual CPU, shared memory . . . . . . . . . . . . . . . . . 16
11. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 16 7.4. Dual CPU, other bus . . . . . . . . . . . . . . . . . . . 16
12. References . . . . . . . . . . . . . . . . . . . . . . . . . 17 8. Example Flow . . . . . . . . . . . . . . . . . . . . . . . . 17
12.1. Normative References . . . . . . . . . . . . . . . . . . 17 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 18
12.2. Informative References . . . . . . . . . . . . . . . . . 17 10. Security Considerations . . . . . . . . . . . . . . . . . . . 18
12.3. URIs . . . . . . . . . . . . . . . . . . . . . . . . . . 18 11. Mailing List Information . . . . . . . . . . . . . . . . . . 19
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 18 12. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 20
13. References . . . . . . . . . . . . . . . . . . . . . . . . . 21
13.1. Normative References . . . . . . . . . . . . . . . . . . 21
13.2. Informative References . . . . . . . . . . . . . . . . . 21
13.3. URIs . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 22
1. Introduction 1. Introduction
When developing IoT devices, one of the most difficult problems to When developing IoT devices, one of the most difficult problems to
solve is how to update the firmware on the device. Once the device solve is how to update the firmware on the device. Once the device
is deployed, firmware updates play a critical part in its lifetime, is deployed, firmware updates play a critical part in its lifetime,
particularly when devices have a long lifetime, are deployed in particularly when devices have a long lifetime, are deployed in
remote or inaccessible areas or where manual intervention is cost remote or inaccessible areas or where manual intervention is cost
prohibitive or otherwise difficult. The need for a firmware update prohibitive or otherwise difficult. The need for a firmware update
may be to fix bugs in software, to add new functionality, or to re- may be to fix bugs in software, to add new functionality, or to re-
configure the device. configure the device.
The firmware update process has to ensure that The firmware update process, among other goals, has to ensure that
- The firmware image is authenticated and attempts to flash a - The firmware image is authenticated and attempts to flash a
malicious firmware image are prevented. malicious firmware image are prevented.
- The firmware image can be confidentiality protected so that - The firmware image can be confidentiality protected so that
attempts by an adversary to recover the plaintext binary can be attempts by an adversary to recover the plaintext binary can be
prevented. Obtaining the plaintext binary is often one of the prevented. Obtaining the plaintext binary is often one of the
first steps for an attack to mount an attack. first steps for an attack to mount an attack.
2. Conventions and Terminology 2. Conventions and Terminology
skipping to change at page 4, line 23 skipping to change at page 4, line 29
offer very basic functionality in the first stage and resides in offer very basic functionality in the first stage and resides in
ROM whereas the second stage may implement more complex ROM whereas the second stage may implement more complex
functionality and resides in flash memory so that it can be functionality and resides in flash memory so that it can be
updated in the future (in case bugs have been found). The exact updated in the future (in case bugs have been found). The exact
split of components into the different stages, the number of split of components into the different stages, the number of
firmware images stored by an IoT device, and the detailed firmware images stored by an IoT device, and the detailed
functionality varies throughout different implementations. functionality varies throughout different implementations.
The following entities are used: The following entities are used:
- Author: The author is the entity that creates the firmware image, - Author: The author is the entity that creates the firmware image.
signs and/or encrypts it. The author is most likely a developer There may be multiple authors in a system either when a device
using a set of tools. consists of multiple micro-controllers or when the the final
firmware image consists of software components from multiple
companies.
- Device: The device is the recipient of the firmware image and the - Device: The device is the recipient of the firmware image and the
manifest. The goal is to update the firmware of the device. manifest. The goal is to update the firmware of the device. A
single device may need to obtain more than one firmware image and
manifest to succesfully perform an update.
- Untrusted Storage: Firmware images and manifests may be stored on - Communicator: The communicator component of the device interacts
untrusted fileservers or cloud storage infrastructure. Some with the firmware update server. It receives firmware images and
deployments may require storage of the firmware images/manifests triggers an update, if needed. The communicator either polls a
to be stored on various entities before they reach the device. firmware update server for the most recent manifest/firmware or
manifests/firmware images are pushed to it. Note that the
firmware update process may involve multiple stages since one or
multiple manifests may need to be downloaded before the
communicator can fetch one or multiple firmware images/software
components.
- Status Tracker: The status tracker offers device management
functionality that includes keep track of the firmware update
process. This includes fine-grained monitoring of changes at the
device, for example, what state of the firmware update cycle the
device is currently in.
- Firmware Server: Entity that stores firmware images and manifests.
Some deployments may require storage of the firmware images/
manifests on more than one entities before they reach the device.
- Device Operator: The actor responsible for the day-to-day
operation of a fleet of IoT devices.
- Network Operator: The actor responsible for the operation of a
network to which IoT devices connect.
In addition to the entities in the list above there is an orthogonal
infrastructure with a Trust Provisioning Authority (TPA) distributing
trust anchors and authorization permissions to various entities in
the system. The TPA may also delegate rights to install, update,
enhance, or delete trust anchors and authorization permissions to
other parties in the system. This infrastructure overlaps the
communication architecture and different deployments may empower
certain entities while other deployments may not. For example, in
some cases, the Original Design Manufacturer (ODM), which is a
company that designs and manufactures a product, may act as a TPA and
may decide to remain in full control over the firmware update process
of their products.
The terms 'trust anchor' and 'trust anchor store' are defined in
[RFC6024]:
- "A trust anchor represents an authoritative entity via a public
key and associated data. The public key is used to verify digital
signatures, and the associated data is used to constrain the types
of information for which the trust anchor is authoritative."
- "A trust anchor store is a set of one or more trust anchors stored
in a device. A device may have more than one trust anchor store,
each of which may be used by one or more applications."
Furthermore, the following abbreviations are used in this document:
- Microcontroller (MCU for microcontroller unit) is a small computer
on a single integrated circuit, which is often used for mass
volumne IoT devices.
- System on Chip (SoC) is an integrated circuit that integrates all
components of a computer, such as CPU, memory, input/output ports,
secondary storage, etc.
- Homogeneous Storage Architecture (HoSA): A device that stores all
firmware components in the same way, for example in a file system
or in flash memory.
- Heterogeneous Storage Architecture (HeSA): A device that stores at
least one firmware component differently from the rest, for
example a device with an external, updatable radio, or a device
with internal and external flash memory.
3. Requirements 3. Requirements
The firmware update mechanism described in this specification was The firmware update mechanism described in this specification was
designed with the following requirements in mind: designed with the following requirements in mind:
- Agnostic to how firmware images are distributed - Agnostic to how firmware images are distributed
- Friendly to broadcast delivery - Friendly to broadcast delivery
skipping to change at page 5, line 15 skipping to change at page 6, line 42
- Minimal impact on existing firmware formats - Minimal impact on existing firmware formats
- Robust permissions - Robust permissions
- Diverse modes of operation - Diverse modes of operation
3.1. Agnostic to how firmware images are distributed 3.1. Agnostic to how firmware images are distributed
Firmware images can be conveyed to devices in a variety of ways, Firmware images can be conveyed to devices in a variety of ways,
including USB, UART, WiFi, BLE, low-power WAN technologies, etc. and including USB, UART, WiFi, BLE, low-power WAN technologies, etc. and
use different protocols (e.g., CoAP, HTTP). The specified mechanism use different protocols (e.g., CoAP, HTTP). The specified mechanism
needs to be agnostic to the distribution of the firmware images and needs to be agnostic to the distribution of the firmware images and
manifests. manifests.
3.2. Friendly to broadcast delivery 3.2. Friendly to broadcast delivery
This architecture does not specify any specific broadcast protocol This architecture does not specify any specific broadcast protocol
however, given that broadcast may be desirable for some networks, however, given that broadcast may be desirable for some networks,
updates must cause the least disruption possible both in metadata and updates must cause the least disruption possible both in metadata and
payload transmission. payload transmission.
skipping to change at page 7, line 25 skipping to change at page 8, line 48
required to validate at least one signature or MAC with minimal required to validate at least one signature or MAC with minimal
exposure. exposure.
3.8. Minimal impact on existing firmware formats 3.8. Minimal impact on existing firmware formats
The design of the firmware update mechanism must not require changes The design of the firmware update mechanism must not require changes
to existing firmware formats. to existing firmware formats.
3.9. Robust permissions 3.9. Robust permissions
A device may have many modules that require updating individually. When a device obtains a monolithic firmware image from a single
It may also need to trust several actors in order to authorize an author without any additional approval steps then the authorization
update. These actors might include the following (this is not a flow is relatively simple. There are, however, other cases where
comprehensive list). more complex policy decisions need to be made before updating a
device.
* A firmware author
* A device OEM
* A device operator
* A network operator
* A device owner
These actors exert their authority on the device by making claims (as
in Section 4).
For example, a firmware author may not have the authority to install In this architecture the authorization policy is separated from the
firmware on a device in critical infrastructure without the underlying communication architecture. This is accomplished by
authorization of a device operator. In this case, the device may be separating the entities from their permissions. For example, an
programmed to reject firmware updates unless they are signed both by author may not have the authority to install a firmware image on a
the firmware author and by the device operator. To facilitate device in critical infrastructure without the authorization of a
complex use-cases such as this, updates require several claims. device operator. In this case, the device may be programmed to
reject firmware updates unless they are signed both by the firmware
author and by the device operator.
Alternatively, a device may trust precisely one authority, which does Alternatively, a device may trust precisely one entity, which does
all permission management and coordination. Effectively, the all permission management and coordination. This entity allows the
authority allows the device to offload complex permissions device to offload complex permissions calculations for the device.
calculations for the device.
3.10. Operating modes 3.10. Operating modes
There are three broad classifications of update operating modes. There are three broad classifications of update operating modes.
* Self initiated - Client-initiated Update
* Third-party initiated
* Hybrid
Self initiated updates take the form of a proactive IoT device that - Server-initiated Update
checks for updates. Third-party initiated updates are triggered by
an actor other than the IoT device, be it a server, a peer, or a
user. Hybrid updates are those that require agreement from both the
target IoT device and another actor.
Third-party initiated updates are important to consider because - Hybrid Update
timing of updates may need to be tightly controlled in some high-
reliability environments.
An IoT device goes through several steps in the course of an update, Client-initiated updates take the form of a communicator on a device
each of which can be self-initiated or third-party initiated, or proactively checking for new firmware imagines provided by firmware
hybrid. An IoT device may go through the following steps, though servers.
this is not a comprehensive list.
* Notification Server-initiated updates are important to consider because timing of
* Pre-authorisation updates may need to be tightly controlled in some high- reliability
* Dependency resolution environments. In this case the communicator, potentially in
* Download coordination with the status tracker, determines what devices qualify
* Installation for a firmware update. Once those devices have been selected the
firmware server distributes updates to those devices.
The notification step consists informing an IoT device that an update Note: This assumes that the firmware server is able to reach the
is available. This can be accomplished via polling (self-initiated), device, which may require devices to keep reachability information at
push notifications (third-party initiated), or more complex the communicator and / or at the firmware server up-to-date. This
mechanisms. may also require keeping state at NATs and stateful packet filtering
firewalls alive.
The pre-authorisation step involves verifying the update authority Hybrid updates are those that require an interaction between the
and making a determination that the device is prepared to initiate device and the firmware server / communicator. The communicator
the fetching and processing of updates. If the device has all pushes notifications of availability of an update to the device, and
information that is necessary to make this determination, then the the device then downloads the image from the firmware server when it
pre-authorisation may be self-initiated. However, the device can wants.
wait for instruction to begin (third-party initiated). Hybrid
approaches are possible as well. An alternative approach is to consider the steps a device has to go
through in the course of an update:
- Notification
- Pre-authorisation
- Dependency resolution
- Download
- Installation
The notification step consists of the communicator informing the
device that an update is available. This can be accomplished via
polling (client-initiated), push notifications (server-initiated), or
more complex mechanisms.
The pre-authorisation step involves verifying whether the entity
signing the manifest is indeed authorized to perform an update. The
device must also determine whether it should fetching and processing
of the firmware image (unless it has been attached already to the
manifest itself).
A dependency resolution phase is needed when more than one component A dependency resolution phase is needed when more than one component
can be updated or when a differential update is used. The necessary can be updated or when a differential update is used. The necessary
dependencies must be available prior to installation. dependencies must be available prior to installation.
The download step is the process of acquiring a local copy of the The download step is the process of acquiring a local copy of the
payload. When the download is self-initiated, this means that the firmware image. When the download is client-initiated, this means
IoT device chooses when a download occurs and initiates the download that the device chooses when a download occurs and initiates the
process. When a download is third-party initiated, this means that download process. When a download is server-party initiated, this
either the remote service tells the IoT device when to download or means that either the communicator / firmware server tells the device
that it initiates the transfer directly to the IoT device. For when to download or that it initiates the transfer directly to the
example, a download from an HTTP server is initiated locally. A device. For example, a download from an HTTP-based firmware server
transfer to a LwM2M Firmware Update resource [LwM2M] is initiated is client-initiated. A transfer to a LwM2M Firmware Update resource
remotely. [LwM2M] is server-initiated.
If the Device has downloaded a new firmware image and is ready to
install it it may need to wait for a trigger from a Communicator to
install the firmware update, may trigger the update automatically, or
may go through a more complex decision making process to determine
the appropriate timing for an update (such as delaying the update
process to a later time when end users are less impacted by the
update process).
Installation is the act of processing the payload into a format that Installation is the act of processing the payload into a format that
the IoT device can recognise. the IoT device can recognise and the bootloader is responsible for
then booting from the newly installed firmware image.
Each of these steps may require different permissions expressed in Each of these steps may require different permissions.
claims and may be implemented in a variety of ways.
4. Claims 4. Claims
When a simple set of permissions fails to encapsulate the rules Claims in the manifest offer a way to convey instructions to a device
required for a device to make decisions about firmware, claims can be that impact the firmware update process. To have any value the
used instead. Claims represent a form of policy. Several claims can manifest containing those claims must be authenticated and integrity
be used together, when multiple actors should have the rights to set protected. The credential used to must be directly or indirectly
policies. related to the trust anchor installed at the device by the Trust
Provisioning Authority.
Some example claims are:
- Trust the actor identified by the referenced public key.
- Trust the actor with access to the referenced shared secret (MAC).
- Three actors are trusted identified by their public keys.
Signatures from at least two of these actors are required to trust
a manifest.
- The actor identified by the referenced public key is authorized to
create secondary policies
The baseline claims for all manifests are described in [SUIT-IM]. In The baseline claims for all manifests are described in
summary, they are: [I-D.ietf-suit-information-model]. For example, there are:
- Do not install firmware with earlier metadata than the current - Do not install firmware with earlier metadata than the current
metadata. metadata.
- Only install firmware with a matching vendor, model, hardware - Only install firmware with a matching vendor, model, hardware
revision, software version, etc. revision, software version, etc.
- Only install firmware that is before its best-before timestamp. - Only install firmware that is before its best-before timestamp.
- Only install firmware with metadata signed/authenticated by a - Only allow a firmware installation if dependencies have been met.
trusted actor.
- Only allow an actor to exercise rights on the device via a
manifest if that actor has signed the manifest.
- Only allow a firmware installation if all required rights have - Choose the mechanism to install the firmware, based on the type of
been met through signatures/MACs (one or more) or manifest firmware it is.
dependencies (one or more).
- Use the instructions provided by the manifest to install the 5. Communication Architecture
firmware.
- Install any and all firmware images that are linked together with Figure 1 shows the communication architecture where a firmware image
manifest dependencies. is created by an author, and uploaded to a firmware server. The
firmware image/manifest is distributed to the device either in a push
or pull manner using the communicator residing on the device. The
device operator keeps track of the process using the status tracker.
This allows the device operator to know and control what devices have
received an update and which of them are still pending an update.
- Choose the mechanism to install the firmware, based on the type of Firmware + +----------+ Firmware + +-----------+
firmware it is. Manifest | |-+ Manifest | |-+
+--------->| Firmware | |<---------------| | |
| | Server | | | Author | |
| | | | | | |
| +----------+ | +-----------+ |
| +----------+ +-----------+
|
|
|
-+-- ------
---- | ---- ---- ----
// | \\ // \\
/ | \ / \
/ | \ / \
/ | \ / \
/ | \ / \
| v | | |
| +------------+ |
| |Communicator| | | |
| +--------+---+ | Device | +--------+ |
| | | | Management| | | |
| | Device |<----------------------------->| Status | |
| | | | | | Tracker| |
| +--------+ | || | | |
| | || +--------+ |
| | | |
| | \ /
\ / \ /
\ / \ Device /
\ Network / \ Operator /
\ Operator / \\ //
\\ // ---- ----
---- ---- ------
-----
5. Architecture Figure 1: Architecture.
We start the architectural description with the security model. It End-to-end security mechanisms are used to protect the firmware image
is based on end-to-end security. In Figure 1 a firmware image is and the manifest although Figure 2 does not show the manifest itself
created by an author, sent to the device and subsequently installed. since it may be distributed independently.
When the author is ready to distribute the firmware image it is
conveyed using some communication channel to the device, which will
typically involve the use of untrusted storage. Examples of
untrusted storage are FTP servers, Web servers or USB sticks. End-
to-end security mechanisms are used to protect the firmware image.
Figure 1 does not show the manifest itself, which provides the meta-
data about the firmware image and offers the security protection. It
may bundled with the firmware image or travel as a standalone item.
+-----------+ +-----------+
+--------+ | | +--------+ +--------+ | | +--------+
| | Firmware Image | Untrusted | Firmware Image | | | | Firmware Image | Firmware | Firmware Image | |
| Device |<-----------------| Storage |<------------------| Author | | Device |<-----------------| Server |<------------------| Author |
| | | | | | | | | | | |
+--------+ +-----------+ +--------+ +--------+ +-----------+ +--------+
^ * ^ *
* * * *
************************************************************ ************************************************************
End-to-End Security End-to-End Security
Figure 1: End-to-End Security. Figure 2: End-to-End Security.
Whether the firmware image and the manifest is pushed to the device Whether the firmware image and the manifest is pushed to the device
or fetched by the device is outside the scope of this work and or fetched by the device is a deployment specific decision.
existing device management protocols can be used for efficiently
distributing this information.
The following assumptions are made to allow the device to verify the The following assumptions are made to allow the device to verify the
received firmware image and manifest before updating software: received firmware image and manifest before updating software:
- To accept an update, a device needs to decide whether the author - To accept an update, a device needs to verify the signature
signing the firmware image and the manifest is authorized to make covering the manifest. There may be one or multiple manifests
the updates. We use public key cryptography to accomplish this. that need to be validated, potentially signed by different
The device verifies the signature covering the manifest using a parties. The device needs to be in possession of the trust
digital signature algorithm OR the device verifies the MAC anchors to verify those signatures. Installing trust anchors to
covering the manifest using a MAC algorithm. The device is devices via the Trust Provisioning Authority happens in an out-of-
provisioned with a trust anchor that is used to validate the band fashion prior to the firmware update process.
digital signature or MAC produced by the author. This trust
anchor is potentially different from the trust anchor used to - Not all entities creating and signing manifests have the same
validate the digital signature produced for other protocols (such permissions. A device needs to determine whether the requested
as device management protocols). This trust anchor may be action is indeed covered by the permission of the party that
provisioned to the device during manufacturing or during signed the manifest. Informing the device about the permissions
commissioning. of the different parties also happens in an out-of-band fashion
and is also a duty of the Trust Provisioning Authority.
- For confidentiality protection of firmware images the author needs - For confidentiality protection of firmware images the author needs
to be in possession of the certificate/public key or a pre-shared to be in possession of the certificate/public key or a pre-shared
key of a device. key of a device. The use of confidentiality protection of
firmware images is deployment specific.
There are different types of delivery modes, which are illustrated There are different types of delivery modes, which are illustrated
based on examples below. based on examples below.
There is an option for embedding a firmware image into a manifest. There is an option for embedding a firmware image into a manifest.
This is a useful approach for deployments where devices are not This is a useful approach for deployments where devices are not
connected to the Internet and cannot contact a dedicated server for connected to the Internet and cannot contact a dedicated server for
download of the firmware. It is also applicable when the firmware download of the firmware. It is also applicable when the firmware
update happens via a USB stick or via Bluetooth Smart. Figure 2 update happens via a USB stick or via Bluetooth Smart. Figure 3
shows this delivery mode graphically. shows this delivery mode graphically.
/------------\ /------------\ /------------\ /------------\
/Manifest with \ /Manifest with \ /Manifest with \ /Manifest with \
|attached | |attached | |attached | |attached |
\firmware image/ \firmware image/ \firmware image/ \firmware image/
\------------/ +-----------+ \------------/ \------------/ +-----------+ \------------/
+--------+ | | +--------+ +--------+ | | +--------+
| |<.................| Untrusted |<................| | | |<.................| Firmware |<................| |
| Device | | Storage | | Author | | Device | | Server | | Author |
| | | | | | | | | | | |
+--------+ +-----------+ +--------+ +--------+ +-----------+ +--------+
Figure 2: Manifest with attached firmware. Figure 3: Manifest with attached firmware.
Figure 3 shows an option for remotely updating a device where the Figure 4 shows an option for remotely updating a device where the
device fetches the firmware image from some file server. The device fetches the firmware image from some file server. The
manifest itself is delivered independently and provides information manifest itself is delivered independently and provides information
about the firmware image(s) to download. about the firmware image(s) to download.
/------------\ /------------\
/ \ / \
| Manifest | | Manifest |
\ / \ /
+--------+ \------------/ +--------+ +--------+ \------------/ +--------+
| |<..............................................>| | | |<..............................................>| |
| Device | -- | Author | | Device | -- | Author |
| |<- --- | | | |<- --- | |
+--------+ -- --- +--------+ +--------+ -- --- +--------+
-- --- -- ---
--- --- --- ---
-- +-----------+ -- -- +-----------+ --
-- | | -- -- | | --
/------------\ -- | Untrusted |<- /------------\ /------------\ -- | Firmware |<- /------------\
/ \ -- | Storage | / \ / \ -- | Server | / \
| Firmware | | | | Firmware | | Firmware | | | | Firmware |
\ / +-----------+ \ / \ / +-----------+ \ /
\------------/ \------------/ \------------/ \------------/
Figure 3: Independent retrieval of the firmware image. Figure 4: Independent retrieval of the firmware image.
This architecture does not mandate a specific delivery mode but a This architecture does not mandate a specific delivery mode but a
solution must support both types. solution must support both types.
6. Manifest 6. Manifest
In order for a device to apply an update, it has to make several In order for a device to apply an update, it has to make several
decisions about the update: decisions about the update:
- Does it trust the author of the update? - Does it trust the author of the update?
skipping to change at page 13, line 24 skipping to change at page 15, line 40
- dependencies on other manifests, - dependencies on other manifests,
- pointers to the firmware image and information about the format, - pointers to the firmware image and information about the format,
- information about where to store the firmware image, - information about where to store the firmware image,
- cryptographic information, such as digital signatures or message - cryptographic information, such as digital signatures or message
authentication codes (MACs). authentication codes (MACs).
The manifest information model is described in [SUIT-IM]. The manifest information model is described in
[I-D.ietf-suit-information-model].
7. Example Flow 7. Device Firmware Update Examples
Although these documents attempt to define a firmware update
architecture that is applicable to both existing systems, as well as
yet-to-be-conceived systems; it is still helpful to consider existing
architectures.
7.1. Single CPU SoC
The simplest, and currently most common, architecture consists of a
single MCU along with its own peripherals. These SoCs generally
contain some amount of flash memory for code and fixed data, as well
as RAM for working storage. These systems either have a single
firmware image, or an immutable bootloader that runs a single image.
A notable characteristic of these SoCs is that the primary code is
generally execute in place (XIP). Combined with the non-relocatable
nature of the code, firmware updates need to be done in place.
7.2. Single CPU with Secure - Normal Mode Partitioning
Another configuration consists of a similar architecture to the
previous, with a single CPU. However, this CPU supports a security
partitioning scheme that allows memory (in addition to other things)
to be divided into secure and normal mode. There will generally be
two images, one for secure mode, and one for normal mode. In this
configuration, firmware upgrades will generally be done by the CPU in
secure mode, which is able to write to both areas of the flash
device. In addition, there are requirements to be able to update
either image independently, as well as to update them together
atomically, as specified in the associated manifests.
7.3. Dual CPU, shared memory
This configuration has two or more CPUs in a single SoC that share
memory (flash and RAM). Generally, they will be a protection
mechanism to prevent one CPU from accessing the other's memory.
Upgrades in this case will typically be done by one of the CPUs, and
is similar to the single CPU with secure mode.
7.4. Dual CPU, other bus
This configuration has two or more CPUs, each having their own
memory. There will be a communication channel between them, but it
will be used as a peripheral, not via shared memory. In this case,
each CPU will have to be responsible for its own firmware upgrade.
It is likely that one of the CPUs will be considered a master, and
will direct the other CPU to do the upgrade. This configuration is
commonly used to offload specific work to other CPUs. Firmware
dependencies are similar to the other solutions above, sometimes
allowing only one image to be upgraded, other times requiring several
to be upgraded atomically. Because the updates are happening on
multiple CPUs, upgrading the two images atomically is challenging.
8. Example Flow
The following example message flow illustrates the interaction for The following example message flow illustrates the interaction for
distributing a firmware image to a device starting with an author distributing a firmware image to a device starting with an author
uploading the new firmware to untrusted storage and creating a uploading the new firmware to Firmware Server and creating a
manifest. The firmware and manifest are stored on the same untrusted manifest. The firmware and manifest are stored on the same Firmware
storage. Server.
+--------+ +-----------------+ +------+ +--------+ +-----------------+ +------------+ +----------+
| Author | |Untrusted Storage| |Device| | Author | | Firmware Server | |Communicator| |Bootloader|
+--------+ +-----------------+ +------+ +--------+ +-----------------+ +------------+ +----------+
| | | | | | +
| Create Firmware | | | Create Firmware | | |
|--------------- | | |--------------- | | |
| | | | | | | | |
|<-------------- | | |<-------------- | | |
| | | | | | |
| Upload Firmware | | | Upload Firmware | | |
|------------------>| | |------------------>| | |
| | | | | | |
| Create Manifest | | | Create Manifest | | |
|---------------- | | |---------------- | | |
| | | | | | | | |
|<--------------- | | |<--------------- | | |
| | | | | | |
| Sign Manifest | | | Sign Manifest | | |
|-------------- | | |-------------- | | |
| | | | | | | | |
|<------------- | | |<------------- | | |
| | | | | | |
| Upload Manifest | | | Upload Manifest | | |
|------------------>| | |------------------>| | |
| | | | | | |
| | Query Manifest | | | Query Manifest | |
| |<--------------------| | |<--------------------| |
| | | | | | |
| | Send Manifest | | | Send Manifest | |
| |-------------------->| | |-------------------->| |
| | | | | | Validate |
| | | Validate Manifest | | | Manifest |
| | |------------------ | | |---------+ |
| | | | | | | | |
| | |<----------------- | | |<--------+ |
| | | | | | |
| | Request Firmware | | | Request Firmware | |
| |<--------------------| | |<--------------------| |
| | | | | | |
| | Send Firmware | | | Send Firmware | |
| |-------------------->| | |-------------------->| |
| | | | | | Verify |
| | | Verify Firmware | | | Firmware |
| | |--------------- | | |--------------- |
| | | | | | | | |
| | |<-------------- | | |<-------------- |
| | | | | | |
| | | Store Firmware | | | Store |
| | |-------------- | | | Firmware |
| | | | | | |-------------- |
| | |<------------- | | | | |
| | | | | |<------------- |
| | | Reboot | | | |
| | |------- | | | |
| | | | | | | Reboot |
| | |<------ | | |--------------->|
| | | | | | |
| | | Bootloader validates | | | Validate |
| | | Firmware | | | Firmware |
| | |---------------------- | | | ---------------|
| | | | | | | | |
| | |<--------------------- | | | -------------->|
| | | | | | |
| | | Bootloader activates | | | Activate new |
| | | Firmware | | | Firmware |
| | |---------------------- | | | ---------------|
| | | | | | | | |
| | |<--------------------- | | | -------------->|
| | | | | | |
| | | Bootloader transfers | | | Boot new |
| | | control to new Firmware | | | Firmware |
| | |---------------------- | | | ---------------|
| | | | | | | | |
| | |<--------------------- | | | -------------->|
| | | | | | |
Figure 4: Example Flow for a Firmware Upate. Figure 5: Example Flow for a Firmware Upate.
8. IANA Considerations 9. IANA Considerations
This document does not require any actions by IANA. This document does not require any actions by IANA.
9. Security Considerations 10. Security Considerations
Firmware updates fix security vulnerabilities and are considered to Firmware updates fix security vulnerabilities and are considered to
be an important building block in securing IoT devices. Due to the be an important building block in securing IoT devices. Due to the
importance of firmware updates for IoT devices the Internet importance of firmware updates for IoT devices the Internet
Architecture Board (IAB) organized a 'Workshop on Internet of Things Architecture Board (IAB) organized a 'Workshop on Internet of Things
(IoT) Software Update (IOTSU)', which took place at Trinity College (IoT) Software Update (IOTSU)', which took place at Trinity College
Dublin, Ireland on the 13th and 14th of June, 2016 to take a look at Dublin, Ireland on the 13th and 14th of June, 2016 to take a look at
the big picture. A report about this workshop can be found at the big picture. A report about this workshop can be found at
[RFC8240]. A standardized firmware manifest format providing end-to- [RFC8240]. A standardized firmware manifest format providing end-to-
end security from the author to the device will be specified in a end security from the author to the device will be specified in a
skipping to change at page 16, line 13 skipping to change at page 19, line 38
involvement. involvement.
- energy efficiency and battery lifetime considerations. - energy efficiency and battery lifetime considerations.
- key management required for verifying the digital signature - key management required for verifying the digital signature
protecting the manifest. protecting the manifest.
- incentives for manufacturers to offer a firmware update mechanism - incentives for manufacturers to offer a firmware update mechanism
as part of their IoT products. as part of their IoT products.
10. Mailing List Information 11. Mailing List Information
The discussion list for this document is located at the e-mail The discussion list for this document is located at the e-mail
address suit@ietf.org [1]. Information on the group and information address suit@ietf.org [1]. Information on the group and information
on how to subscribe to the list is at on how to subscribe to the list is at
https://www1.ietf.org/mailman/listinfo/suit https://www1.ietf.org/mailman/listinfo/suit
Archives of the list can be found at: https://www.ietf.org/mail- Archives of the list can be found at: https://www.ietf.org/mail-
archive/web/suit/current/index.html archive/web/suit/current/index.html
11. Acknowledgements 12. Acknowledgements
We would like to thank the following persons for their feedback: We would like to thank the following persons for their feedback:
- Geraint Luff - Geraint Luff
- Amyas Phillips - Amyas Phillips
- Dan Ros - Dan Ros
- Thomas Eichinger - Thomas Eichinger
- Michael Richardson - Michael Richardson
- Emmanuel Baccelli - Emmanuel Baccelli
- Ned Smith - Ned Smith
- David Brown
- Jim Schaad - Jim Schaad
- Carsten Bormann - Carsten Bormann
- Cullen Jennings - Cullen Jennings
- Olaf Bergmann - Olaf Bergmann
- Suhas Nandakumar - Suhas Nandakumar
- Phillip Hallam-Baker - Phillip Hallam-Baker
- Marti Bolivar - Marti Bolivar
- Andrzej Puzdrowski - Andrzej Puzdrowski
- Markus Gueller - Markus Gueller
- Henk Birkholz - Henk Birkholz
skipping to change at page 17, line 21 skipping to change at page 21, line 5
- Henk Birkholz - Henk Birkholz
- Jintao Zhu - Jintao Zhu
We would also like to thank the WG chairs, Russ Housley, David We would also like to thank the WG chairs, Russ Housley, David
Waltermire, Dave Thaler for their support and their reviews. Waltermire, Dave Thaler for their support and their reviews.
Kathleen Moriarty was the responsible security area director when Kathleen Moriarty was the responsible security area director when
this work was started. this work was started.
12. References 13. References
12.1. Normative References 13.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, <https://www.rfc- DOI 10.17487/RFC2119, March 1997, <https://www.rfc-
editor.org/info/rfc2119>. editor.org/info/rfc2119>.
[RFC7925] Tschofenig, H., Ed. and T. Fossati, "Transport Layer [RFC7925] Tschofenig, H., Ed. and T. Fossati, "Transport Layer
Security (TLS) / Datagram Transport Layer Security (DTLS) Security (TLS) / Datagram Transport Layer Security (DTLS)
Profiles for the Internet of Things", RFC 7925, Profiles for the Internet of Things", RFC 7925,
DOI 10.17487/RFC7925, July 2016, <https://www.rfc- DOI 10.17487/RFC7925, July 2016, <https://www.rfc-
editor.org/info/rfc7925>. editor.org/info/rfc7925>.
12.2. Informative References 13.2. Informative References
[I-D.ietf-suit-information-model]
Moran, B., Tschofenig, H., Birkholz, H., and J. Jimenez,
"Firmware Updates for Internet of Things Devices - An
Information Model for Manifests", draft-ietf-suit-
information-model-00 (work in progress), June 2018.
[LwM2M] OMA, ., "Lightweight Machine to Machine Technical [LwM2M] OMA, ., "Lightweight Machine to Machine Technical
Specification, Version 1.0.2", February 2018, Specification, Version 1.0.2", February 2018,
<http://www.openmobilealliance.org/release/LightweightM2M/ <http://www.openmobilealliance.org/release/LightweightM2M/
V1_0_2-20180209-A/ V1_0_2-20180209-A/
OMA-TS-LightweightM2M-V1_0_2-20180209-A.pdf>. OMA-TS-LightweightM2M-V1_0_2-20180209-A.pdf>.
[RFC5649] Housley, R. and M. Dworkin, "Advanced Encryption Standard [RFC5649] Housley, R. and M. Dworkin, "Advanced Encryption Standard
(AES) Key Wrap with Padding Algorithm", RFC 5649, (AES) Key Wrap with Padding Algorithm", RFC 5649,
DOI 10.17487/RFC5649, September 2009, <https://www.rfc- DOI 10.17487/RFC5649, September 2009, <https://www.rfc-
editor.org/info/rfc5649>. editor.org/info/rfc5649>.
[RFC6024] Reddy, R. and C. Wallace, "Trust Anchor Management
Requirements", RFC 6024, DOI 10.17487/RFC6024, October
2010, <https://www.rfc-editor.org/info/rfc6024>.
[RFC8240] Tschofenig, H. and S. Farrell, "Report from the Internet [RFC8240] Tschofenig, H. and S. Farrell, "Report from the Internet
of Things Software Update (IoTSU) Workshop 2016", of Things Software Update (IoTSU) Workshop 2016",
RFC 8240, DOI 10.17487/RFC8240, September 2017, RFC 8240, DOI 10.17487/RFC8240, September 2017,
<https://www.rfc-editor.org/info/rfc8240>. <https://www.rfc-editor.org/info/rfc8240>.
[SUIT-IM] Moran, B., Tschofenig, H., Birkholz, H., and J. Jimenez, 13.3. URIs
"Firmware Updates for Internet of Things Devices - An
Information Model for Manifests", June 2018.
12.3. URIs
[1] mailto:suit@ietf.org [1] mailto:suit@ietf.org
Authors' Addresses Authors' Addresses
Brendan Moran Brendan Moran
Arm Limited Arm Limited
EMail: Brendan.Moran@arm.com EMail: Brendan.Moran@arm.com
Milosch Meriac Milosch Meriac
Consultant Consultant
EMail: milosch@meriac.com EMail: milosch@meriac.com
Hannes Tschofenig Hannes Tschofenig
Arm Limited Arm Limited
EMail: hannes.tschofenig@gmx.net EMail: hannes.tschofenig@gmx.net
David Brown
Linaro
EMail: david.brown@linaro.org
 End of changes. 60 change blocks. 
272 lines changed or deleted 435 lines changed or added

This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/