Liaison statement
LS on IoT secure update procedure
Additional information about IETF liaison relationships is available on the
IETF webpage
and the
Internet Architecture Board liaison webpage.
| State | Posted |
|---|---|
| Submitted Date | 2018-02-06 |
| From Group | ITU-T-SG-17-TSB |
| From Contact | Xiaoya Yang <xiaoya.yang@itu.int> |
| To Group | suit |
| To Contacts | Dave Thaler <dthaler@microsoft.com> David Waltermire <david.waltermire@nist.gov> Russ Housley <housley@vigilsec.com> |
| Cc | David Waltermire <david.waltermire@nist.gov> itu-t-liaison@iab.org Russ Housley <housley@vigilsec.com> Scott Mansfield <Scott.Mansfield@Ericsson.com> Kathleen Moriarty <Kathleen.Moriarty.ietf@gmail.com> Dave Thaler <dthaler@microsoft.com> Software Updates for Internet of Things Discussion List <suit@ietf.org> Eric Rescorla <ekr@rtfm.com> |
| Response Contact | takeshi_takahashi@nict.go.jp jhbaek@kisa.or.kr |
| Purpose | For information |
| Attachments | SG17-LS084 |
| Body |
ITU-T SG 17 would like to congratulate the establishment of the new working
group on Software Updates for Internet of Things, i.e., SUIT WG.
We would like to inform you that we have a work item under development, draft
Recommendation ITU-T X.secup-iot Secure Software Update for IoT devices. The
work item was initially discussed at the August 2016 SG17 meeting, and was
officially approved as a work item at the August/September 2017 SG17 meeting.
We believe this work item is closely related to the scope of the WG SUIT.
To facilitate the discussion, this liaison statement provides the brief
overview of the ITU-T X.secup-iot below:
This draft Recommendation provides 1) a basic model for updating IoT
software/firmware; 2) a common update procedure (sequences) for IoT
firmware
(including software), and 3) the requirements and capabilities for
updating IoT firmware. A common software/firmware update procedure is
defined with general requirements. With these, IoT secure updates can
be securely implemented in common among stakeholders in IoT context
comprising IoT device developer and IoT system/service providers.
The network architecture of IoT devices may differ, but four functional
entities are required in all the cases, i.e., Device core,
Communicator, Status tracker, and Firmware server. A Device core stores
and uses firmware on an IoT device. A Communicator checks the firmware
status of the IoT device and initiate firmware update procedure upon
needed. A Status tracker keeps tabs on the status of IoT devices under
its administration. For instance, it checks the list of IoT devices
that has already completed the update. A Firmware server distributes
firmware packages. The list of capabilities of these functional
entities are elaborated in the later section. A Device core
communicates with a Communicator; multiple Communicators communicate
with a Status tracker, which may communicate with multiple Firmware
servers.
Note that most of these functional entities may reside inside one node.
For instance, a webcam runs the functions of Device core and
Communicator while a web server may serve as Status tracker and
Firmware server. Multiple Communicators may reside inside one gateway
machine. Depending on the degree of constraints of the IoT devices,
such design may differ.
A common firmware update procedure (sequences) is elaborated using a
high-level procedure and illustrative implementation examples. Based on
the functional entities and procedure definitions, requirements and
capabilities are listed in the draft.
We hope to collaborate with your group by sharing the current status of ITU-T
X.secup-iot. Should you have any questions or comments, please feel free to
contact us.
|