A blockchain-based firmware update architecture for Long-Range Wide Area Network (LORAWAN)

Thumbnail Image
Journal Title
Journal ISSN
Volume Title
University of Zululand
Network security is increasingly becoming a critical and continuous issue due to technological advancements. These advancements give rise to several security threats, especially when everything is connected to the Internet. Security in IoT still requires a lot of research and it is receiving a lot of attention both in industry and academic research. IoT devices are designed for special use cases, and most are constrained in resources and lack important security features. The lack of security features enables attackers to compromise IoT devices resulting in the retrieval of sensitive information from the devices. One of the challenges in IoT is ensuring the security of firmware updates on active devices on the Internet. This is a challenge because it becomes difficult to incorporate traditional security techniques due to the limitations in memory and processing capabilities of constrained IoT devices. Thus, IoT devices remain vulnerable and open to security threats. The device manufacturers are required to release firmware updates based on exposed vulnerabilities to fix bugs and improve the functionality of the devices. However, delivering a new version of the firmware securely to affected devices remains a challenge, especially for constrained devices and networks. This study aims to develop an architecture that utilizes Blockchain and the InterPlanentary File System (IPFS) to secure firmware transmission over a low data rate and constrained Long-Range Wide Area Network (LoRaWAN). The proposed architecture focuses on resource-constrained devices to ensure confidentiality, integrity, and authentication through symmetric algorithms by providing high availability and eliminating replay attacks. To demonstrate the usability and applicability of the architecture, a proof of concept was developed and evaluated using low-powered devices and symmetric algorithms. The experimental results show HMAC-SHA256 as one of the symmetric algorithms utilized in the firmware update process which consumes less memory compared to the CMAC algorithm. When updating the 5 kB of firmware HMAC consumes 6.9 kB of RAM whereas CMAC consumed 7.3 kB. The memory consumption results (RAM and flash) imply that MAC algorithms are adequate in providing security on low-powered devices and are suitable for constrained low-powered devices. This conclusion is premised on the fact that the memory does not exceed the memory of the low-powered device thus, making the proposed architecture feasible for constrained and low-powered LoRaWAN devices.
A dissertation submitted in fulfilment of the academic requirements for the degree of Master of Science in the Department of Computer Science in the Faculty of Science, Agriculture and Engineering, University of Zululand, 2022.