"Secure Blockchain-based Software Updates for IoT Devices" by Gabriel Jerome Solomon

Date of Award

2025

Document Type

Dissertation

Publisher

Santa Clara : Santa Clara University, 2025

Degree Name

Doctor of Philosophy (PhD)

Department

Computer Science and Engineering

First Advisor

Yuhong Liu

Abstract

Several billion Internet of Things (loT) devices are deployed worldwide enabling people to control their homes, automobiles, door locks, and appliances. With their increasing growth, loT devices have become popular targets of various malicious computer-based attacks. Due to this, frequent updates to keep their software up to date are essential to their security. However, state-of-the-art software update delivery and payment systems incorporate multiple services in a client-server structure requiring multiple transits of information between client and server, while also creating a wide attack surface. IoT devices are also resource-constrained devices making them challenging to secure with complex resource-expensive security algorithms and techniques. This thesis proposes a blockchain-based end-to-end secure software update delivery framework for IoT devices that ensures confidentiality, integrity, availability, efficiency, and auditability for verified software delivery, while also offloading the cryptographic computation from resource-constrained loT devices to a decentralized blockchain system. The proposed framework leverages Ciphertext-Policy Attribute-Based Encryption (CP-ABE), a customized authorization policy to not only ensure that software updates can only be decrypted and installed on authorized loT devices but also significantly reduce the computational overhead for key generation and key delivery on the manufacturer side. Furthermore, secure and atomic software delivery and payments between IoT devices and the manufacturer are assured through smart contracts. The authenticity of the delivered software is guaranteed by offloading the computation-based signature validation to smart contracts. Compliance audits are satisfied through immutable records on the blockchain's public ledger, and the smart contracts efficiently guarantee the delivery of software updates in exchange for payment. While many IoT devices are stationary, the thesis proposes to extend the framework to address challenges in mobile loT devices, specifically in the rapidly growing Autonomous Vehicle (AV) domain. Today, thousands of AVs with large software systems are deployed across the United States. AVs are very dependent on frequent software updates for security, to address bugs fixes, and to add new features. In addition, the National Highway Traffic Safety Administration has regulations for vehicle recalls that require manufacturers to have proof that software updates have occurred. Due to the mobility of AVs, AV software updates occur through slow Over-The-Air (OTA), or they must remain stationary while at home for a Wi-Fi connection, or faster but still location-constrained hardwired in dealership connections. This thesis proposes a blockchain-based distributed, auditable, and secure service that also leverages the mobility of AV for efficient delivery of software updates and utilize AVs ability for vehicle-to-vehicle communication. The proposed framework utilizes blockchain, ciphertext-policy attribute-based encryption, erasure-coding, and a novel non-concurrent multi-signature scheme to provide confidentiality, integrity, availability, and auditability for AV software updates.

Download

Available for download on Saturday, April 10, 2027

Share

COinS