Appiah et al., 2025 - Google Patents

Secure IoT firmware updates against supply chain attacks: B. Appiah et al.

Appiah et al., 2025

Document ID
4908144487340084062
Author
Appiah B
Commey D
Osei I
Frimpong B
Assamah G
Hammond E
Publication year
Publication venue
The Journal of Supercomputing

External Links

Snippet

Firmware supply chain which is critical to the operation and security of IoT devices, is increasingly vulnerable to supply chain attacks. In this attack, malicious actors exploit vulnerabilities in the firmware update process thereby injecting harmful codes, thus …
Continue reading at link.springer.com (other versions)

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/82Protecting input, output or interconnection devices
    • G06F21/83Protecting input, output or interconnection devices input devices, e.g. keyboards, mice or controllers thereof
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/575Secure boot
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • G06F21/563Static detection by source code analysis
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/572Secure firmware programming, e.g. of basic input output system [BIOS]

Similar Documents

Publication Publication Date Title
Cui et al. Efficient blockchain-based mutual authentication and session key agreement for cross-domain IIoT
Yan et al. A homomorphic encryption and privacy protection method based on blockchain and edge computing
Wang et al. Perm-guard: Authenticating the validity of flow rules in software defined networking
Baseri et al. Blockchain security risk assessment in quantum era, migration strategies and proactive defense
Aslam et al. FoNAC-an automated fog node audit and certification scheme
Ullah et al. Blockchain‐IoT: A revolutionary model for secure data storage and fine‐grained access control in internet of things
Wang et al. SE-CAS: Secure and efficient cross-domain authentication scheme based on blockchain for space TT&C networks
Shan et al. S2A-P2FS: Secure storage auditing with privacy-preserving flexible data sharing in cloud-assisted industrial iot
Wang et al. A distributed zero-trust scheme for airborne wireless sensor networks using dynamic identity authentication
Singh et al. Revisiting cloud security threats: Replay attack
Ravi Quantum computing and cybersecurity: Systematic review of algorithms, challenges, and emerging solutions
Appiah et al. Secure IoT firmware updates against supply chain attacks: B. Appiah et al.
DeStefano et al. NOPE: Strengthening domain authentication with succinct proofs
Subha et al. Public Auditing Scheme for Data Storage Security in Cloud Computing.
Ma et al. A lightweight zero-trust authentication architecture for IoT via unified enhanced FAST-SM9 and dynamic re-authentication
Liu et al. Risk‐Based Dynamic Identity Authentication Method Based on the UCON Model
Seedorf et al. A Prototype for evaluating Post-Quantum Cryptography on resource-constrained Hardware with real-world Smart City Sensor Data
Ahn et al. mdTLS: How to make middlebox-aware TLS more efficient?
Li et al. Blockchain‐Assisted Distributed Fog Computing Control Flow Attestation
Falas et al. Hardware-enabled secure firmware updates in embedded systems
Ghazizadeh et al. Secure openID authentication model by using trusted computing
Kwon et al. Certificate Revocation in the TLS Ecosystem: A Survey
Aijaz et al. A blockchain-based authentication framework for smart homes
Wu et al. Traceable and Verifiable Authorized Cloud-Assisted PSI-CA Protocol for Blockchain-Enabled Intelligent Logistics
Gebresilassie et al. SHIELD: Secure holistic IoT environment with ledger-based defense