Secure and User-Friendly Over-the-Air Firmware Distribution in a Portable Faraday Cage

TL;DR

This paper introduces Box, a secure and user-friendly over-the-air firmware distribution method using an intelligent Faraday cage, enabling efficient firmware updates for sensor networks with enhanced security and usability.

Contribution

The paper presents a novel workflow and implementation for secure OTA firmware distribution using electromagnetic shielding, without requiring hardware modifications on sensor nodes.

Findings

Approach is faster than wired firmware updates.

Method enhances security against passive attackers.

User study shows improved usability and speed.

Abstract

Setting up a large-scale wireless sensor network is challenging, as firmware must be distributed and trust between sensor nodes and a backend needs to be established. To perform this task efficiently, we propose an approach named Box, which utilizes an intelligent Faraday cage (FC). The FC acquires firmware images and secret keys from a backend, patches the firmware with the keys and deploys those customized images over the air to sensor nodes placed in the FC. Electromagnetic shielding protects this exchange against passive attackers. We place few demands on the sensor node, not requiring additional hardware components or firmware customized by the manufacturer. We describe this novel workflow, implement the Box and a backend system and demonstrate the feasibility of our approach by batch-deploying firmware to multiple commercial off-the-shelf sensor nodes. We conduct a user-study with 31 participants with diverse backgrounds and find, that our approach is both faster and more user-friendly than firmware distribution over a wired connection.