Skip to main content

A Firmware Update Architecture for Internet of Things

The information below is for an old version of the document.
Document Type This is an older version of an Internet-Draft that was ultimately published as an RFC.
Authors Brendan Moran , Hannes Tschofenig , David Brown , Milosch Meriac
Last updated 2020-05-22 (Latest revision 2019-11-19)
Replaces draft-moran-suit-architecture
Stream Internet Engineering Task Force (IETF)
Expired & archived
OPSDIR Last Call Review Incomplete, due 2020-08-14
Stream WG state WG Consensus: Waiting for Write-Up
Document shepherd (None)
IESG IESG state Expired
Consensus boilerplate Unknown
Telechat date (None)
Responsible AD (None)
Send notices to (None)
This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at:


Vulnerabilities with Internet of Things (IoT) devices have raised the need for a solid and secure firmware update mechanism that is also suitable for constrained devices. Incorporating such update mechanism to fix vulnerabilities, to update configuration settings as well as adding new functionality is recommended by security experts. This document lists requirements and describes an architecture for a firmware update mechanism suitable for IoT devices. The architecture is agnostic to the transport of the firmware images and associated meta-data.


Brendan Moran
Hannes Tschofenig
David Brown
Milosch Meriac

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)