Towards Characterizing IoT Software Update Practices
Conner Bradley, David Barrera
TL;DR
This paper investigates IoT software update practices through network analysis, revealing that vendors often neglect security standards and do not fully adopt available update protocols, highlighting gaps in current IoT security practices.
Contribution
It provides the first comprehensive network-level analysis of IoT update behaviors, exposing the lack of adherence to security standards among vendors.
Findings
Vendors do not follow security best practices
Software update standards are underutilized
IoT update practices are inconsistent and insecure
Abstract
Software updates are critical for ensuring systems remain free of bugs and vulnerabilities while they are in service. While many Internet of Things (IoT) devices are capable of outlasting desktops and mobile phones, their software update practices are not yet well understood, despite a large body of research aiming to create new methodologies for keeping IoT devices up to date. This paper discusses efforts towards characterizing the IoT software update landscape through network-level analysis of IoT device traffic. Our results suggest that vendors do not currently follow security best practices, and that software update standards, while available, are not being deployed.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsIoT and Edge/Fog Computing · Software System Performance and Reliability · Caching and Content Delivery