Surviving in the Wilderness: Integrity Protection and System Update for IoT Devices

Explore a comprehensive conference talk on integrity protection and system updates for IoT devices in challenging environments. Learn about over-the-air (OTA) update mechanisms and techniques to detect tampering attempts on powered-off devices. Compare various approaches including Linux Integrity Measurement Architecture (IMA), Clear Linux OS swupd, dm-verity, and OSTree. Gain insights into using meta-integrity and meta-swupd layers in Yocto/OpenEmbedded-based Linux distributions. Discover key criteria for evaluating update mechanisms, integration with boot processes and update servers, and compatibility between updates and integrity protection. Delve into architecture considerations, target machine setup, installer images, initramfs, and whole-disk encryption. Benefit from the expertise of Patrick Ohly, maintainer of meta-integrity and meta-swupd, as he shares his experience in IoT OS development based on OpenEmbedded and the Yocto Project.

Intro
MOTIVATION FOR THE TALK
PERSONAL BACKGROUND
WHY BOTHER?
MECHANISMS COMPARED FOR YOCTO PROJECT
KEY CRITERIA
BLOCK VS. FILE UPDATE
PARTITION LAYOUT
INTEGRATION WITH BOOT PROCESS
INTEGRATION WITH UPDATE SERVER
IMA/EVM
DM-VERITY
COMPATIBILITY BETWEEN UPDATE AND INTEGRITY
ARCHITECTURE
TARGET MACHINE
INSTALLER IMAGE
INITRAMES
WHOLE-DISK ENCRYPTION
DEMO
OPENS