Secure Software Update for Embedded Devices with SWUpdate and TUF

Explore the critical process of secure software updates for embedded devices in industrial and civil infrastructure through this informative conference talk. Learn about SWUpdate, a widely-used tool for embedded device updates, and its various methods for downloading and applying update images, including OTA updates for efficient multi-device updating. Discover the importance of implementing robust security measures when downloading images from remote servers to protect against malicious attacks. Delve into the integration of The Update Framework (TUF), a flexible framework that enhances security by safeguarding against known attacks and mitigating key compromise impacts. Examine the process of introducing TUF-compliant metadata generation and verification to bolster SWUpdate's security during OTA updates, with a focus on ensuring accurate and reliable image reception by devices. Witness a practical demonstration using SWUpdate, python-tuf, and wfx, a lightweight workflow executor, to illustrate the concepts discussed.

Secure Software Update for Embedded Devices with SWUpdate and TUF - Koshiro Onuki, Toshiba Corp