Sahlmann Kristina, Clemens Vera, Nowak Michael, Schnor Bettina
Institute of Computer Science, University of Potsdam, August-Bebel-Str. 89, 14482 Potsdam, Germany.
Sensors (Basel). 2020 Dec 22;21(1):10. doi: 10.3390/s21010010.
Message Queuing Telemetry Transport (MQTT) is one of the dominating protocols for edge- and cloud-based Internet of Things (IoT) solutions. When a security vulnerability of an IoT device is known, it has to be fixed as soon as possible. This requires a firmware update procedure. In this paper, we propose a secure update protocol for MQTT-connected devices which ensures the freshness of the firmware, authenticates the new firmware and considers constrained devices. We show that the update protocol is easy to integrate in an MQTT-based IoT network using a semantic approach. The feasibility of our approach is demonstrated by a detailed performance analysis of our prototype implementation on a IoT device with 32 kB RAM. Thereby, we identify design issues in MQTT 5 which can help to improve the support of constrained devices.
消息队列遥测传输(MQTT)是基于边缘和云的物联网(IoT)解决方案的主要协议之一。当物联网设备的安全漏洞被发现时,必须尽快修复。这需要一个固件更新程序。在本文中,我们提出了一种用于MQTT连接设备的安全更新协议,该协议可确保固件的新鲜度,对新固件进行认证并考虑受限设备。我们表明,使用语义方法,更新协议易于集成到基于MQTT的物联网网络中。通过对具有32 kB RAM的物联网设备上的原型实现进行详细的性能分析,证明了我们方法的可行性。由此,我们识别出MQTT 5中的设计问题,这些问题有助于改进对受限设备的支持。
