Skip to main content

Software Updates for Internet of Things
charter-ietf-suit-00-01

The information below is for an older proposed charter
Document Proposed charter Software Updates for Internet of Things WG (suit) Snapshot
Title Software Updates for Internet of Things
Last updated 2017-10-16
State Start Chartering/Rechartering (Internal Steering Group/IAB Review) Rechartering
WG State BOF
IESG Responsible AD Deb Cooley
Charter edit AD Kathleen Moriarty
Send notices to (None)

charter-ietf-suit-00-01

Vulnerabilities in Internet of Things (IoT) devices have raised the
need for a secure firmware update mechanism that is also suitable for
constrained devices. Security experts, researchers, and regulators
recommend that all IoT devices be equipped with such a mechanism. While
there are many proprietary firmware update mechanisms in use today, there
is a lack of a modern interoperable approach of securely updating the
software in IoT devices.

A firmware update solution consists of several components, including:
* A mechanism to transport firmware images to IoT devices.
* A manifest that provides meta-data about the firmware image
(such as a firmware package identifier, the hardware the package
needs to run, and dependencies on other firmware packages), as
well as cryptographic information for protecting the firmware
image in an end-to-end fashion.
* The firmware image itself.

RFC 4108 provides a manifest format that uses the Cryptographic Message
Syntax (CMS) to protect firmware packages.

More than ten years have passed since the publication of RFC 4108, and
greater experience with IoT deployments has lead to additional
functionality, requiring the work done with RFC 4108 to be revisited.
The purpose of this group is to produce a second version of RFC 4108
that reflects the current best practices. This group will focus on
defining a firmware update solution for Class 1 devices, as defined in
RFC 7228, that is -- IoT devices with ~10 KiB RAM and ~100 KiB flash.
This group will not define any transport mechanisms.

In June of 2016 the Internet Architecture Board organized a workshop on
'Internet of Things (IoT) Software Update (IOTSU)', which took place at
Trinity College in Dublin, Ireland. The main goal of the workshop was
to foster a discussion on requirements, challenges, and solutions for
bringing software and firmware updates to IoT devices. This workshop
also made clear that there is a lack of regulatory requirements, which
contributes to challenges associated with misaligned incentives. It is
nevertheless seen as important to create standard building blocks that
help interested parties implement and deploy a solid firmware update
mechanism.

In particular this group aims to publish three documents, namely:
* An IoT firmware update architecture that includes a description of
the involved entities, security threats, and assumptions.
* The manifest format.
* A revision to RFC 4108 that reflects the current best practices.

This group will use draft-moran-fud-architecture as a starting point for
discussion of the "Architecture" document.

This group will use draft-moran-fud-manifest as a starting point for
discussion of the "Manifest Format" specification.

This group does not aim to create a standard for a generic software
update mechanism for use by rich operating systems, like Linux, but
instead this group will focus on software development practices in the
embedded industry. "Software update solutions that target updating
software other than the firmware binary (e.g. updating scripts) are
also out of scope.

This group will aim to develop a close relationship with silicon vendors
and OEMs that develop IoT operating systems.