Skip to main content

Liaison statement
LS on IoT secure update procedure

Additional information about IETF liaison relationships is available on the IETF webpage and the Internet Architecture Board liaison webpage.
State Posted
Submitted Date 2018-02-06
From Group ITU-T-SG-17-TSB
From Contact Xiaoya Yang
To Group suit
To Contacts Dave Thaler <>
David Waltermire <>
Russ Housley <>
Cc David Waltermire <>
Russ Housley <>
Scott Mansfield <>
Kathleen Moriarty <>
Dave Thaler <>
Software Updates for Internet of Things Discussion List <>
Eric Rescorla <>
Response Contact
Purpose For information
Attachments SG17-LS084
ITU-T SG 17 would like to congratulate the establishment of the new working
group on Software Updates for Internet of Things, i.e., SUIT WG.

We would like to inform you that we have a work item under development, draft
Recommendation ITU-T X.secup-iot Secure Software Update for IoT devices. The
work item was initially discussed at the August 2016 SG17 meeting, and was
officially approved as a work item at the August/September 2017 SG17 meeting.
We believe this work item is closely related to the scope of the WG SUIT.

To facilitate the discussion, this liaison statement provides the brief
overview of the ITU-T X.secup-iot below:

        This draft Recommendation provides 1) a basic model for updating IoT
        software/firmware; 2) a common update procedure (sequences) for IoT
         (including software), and 3) the requirements and capabilities for
         updating IoT firmware. A common software/firmware update procedure is
         defined with general requirements. With these, IoT secure updates can
         be securely implemented in common among stakeholders in IoT context
         comprising IoT device developer and IoT system/service providers.

        The network architecture of IoT devices may differ, but four functional
        entities are required in all the cases, i.e., Device core,
        Communicator, Status tracker, and Firmware server. A Device core stores
        and uses firmware on an IoT device. A Communicator checks the firmware
        status of the IoT device and initiate firmware update procedure upon
        needed. A Status tracker keeps tabs on the status of IoT devices under
        its administration. For instance, it checks the list of IoT devices
        that has already completed the update. A Firmware server distributes
        firmware packages. The list of capabilities of these functional
        entities are elaborated in the later section. A Device core
        communicates with a Communicator; multiple Communicators communicate
        with a Status tracker, which may communicate with multiple Firmware

        Note that most of these functional entities may reside inside one node.
        For instance, a webcam runs the functions of Device core and
        Communicator while a web server may serve as Status tracker and
        Firmware server. Multiple Communicators may reside inside one gateway
        machine. Depending on the degree of constraints of the IoT devices,
        such design may differ.

        A common firmware update procedure (sequences) is elaborated using a
        high-level procedure and illustrative implementation examples. Based on
        the functional entities and procedure definitions, requirements and
        capabilities are listed in the draft.

We hope to collaborate with your group by sharing the current status of ITU-T
X.secup-iot. Should you have any questions or comments, please feel free to
contact us.