LAUSR

With the rapidly increasing number of Internet of Things (IoT) devices, various interconnected devices have become targets of growing cyberattacks. Keeping the firmware of an IoT device up-to-date is one feasible way to protect the device against cyberattacks. The existing approaches of firmware update (including distribution and validation) are not scalable in distribution to increasing numbers of devices, however, let alone able to provide reliable validation. To address the above issues, this study proposes a hybrid update scheme, including distributed membership-based firmware sharing for firmware distribution and smart-contract-enabled firmware validation via a blockchain (BC). This hybrid update approach leverages the advantages of a peer-to-peer network and a blockchain. Evaluation of the study has shown that the proposed distributed membership-based firmware sharing is more secure and scalable to an increasing number of devices. The proposed smart-contract-enabled firmware validation is more efficient than the firmware validation in existing studies since it can effectively reduce unwanted repeat validation via a smart contract in a blockchain. In addition, it can help make sure all members of an IoT-enabled service having the right firmware before providing the service to users. Such designs can improve service quality and also reduce as much human intervention to leverage the strengths of an IoT-enabled application or system.