# A Proposal of Secure and Automated Over-the-Air Firmware Update Mechanism for IoT Devices Using Continuous Integration and Continuous Delivery

**Authors:** Noprianto, Nobuo Funabiki, Htoo Htoo Sandi Kyaw, Komang Candra Brata, I Nyoman Darma Kotama

PMC · DOI: 10.3390/s26051535 · Sensors (Basel, Switzerland) · 2026-02-28

## TL;DR

This paper proposes a secure and automated method for updating IoT device firmware using CI/CD to ensure reliability and prevent attacks.

## Contribution

A novel secure OTA firmware update mechanism integrated with CI/CD for IoT devices is proposed.

## Key findings

- The proposed mechanism ensures firmware integrity and authentication.
- Performance and resource utilization were measured and found to be efficient.
- Benchmarking confirmed the reliability and effectiveness of the approach.

## Abstract

The Internet of Things (IoT) technology has grown rapidly over the past decade, resulting in deployments of thousands of IoT devices around the world. Then, managing firmware updates for these numerous devices poses significant challenges. Firmware updates face issues such as version rollback, modified firmware files, and potential man-in-the-middle (MITM) attacks, highlighting the need for a secure over-the-air (OTA) firmware update mechanism. In this paper, we propose an automated OTA firmware update mechanism, integrated with continuous integration (CI) and continuous delivery (CD) to ensure trusted sources for firmware origins. It offers security, error handling during firmware updates, and monitoring of the update process. For evaluations, we implemented the proposal with the SEMAR IoT application server that has been implemented in our previous studies. Then, we verified the integrity and authentication, measured the performance and resource utilization, and performed benchmarking tests to assess the efficiency. The results demonstrate that the proposal is sufficiently reliable and efficient.

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/PMC12987191/full.md

## Figures

14 figures with captions in the complete paper: https://tomesphere.com/paper/PMC12987191/full.md

## References

32 references — full list in the complete paper: https://tomesphere.com/paper/PMC12987191/full.md

---
Source: https://tomesphere.com/paper/PMC12987191