Description
Software updates are essential to ensure cybersecurity by addressing flaws and vulnerabilities.
This thesis proposes a secure updating design tailored for high-end embedded
devices running Linux and U-Boot with secure boot capabilities. Combining the design from
Lingstädt’s master’s thesis and the popular updating software SWUpdate, the design fortifies
the updating process so that an embedded device with root compromised Linux can be
restored. Through literature review and analysis of existing update solutions, coupled with
an examination of open-source software, the thesis establishes a comprehensive understanding
of the update landscape. The proposed system design incorporates SWUpdate within
Linux and adaptations to U-Boot for parsing and verifying the integrity and authenticity of
updates. A Proof of Concept implementation using emulation software QEMU demonstrates
the feasibility of parsing and verifying updates with its metadata and image. The security
discussion considers the defined attacker model, with proposed enhancements including the
adoption of an Authenticated Watchdog Timer and a Trusted Computing Base. While laying
the groundwork for a resilient update solution in combination with SWUpdate, further refinement
and testing on exemplary hardware are needed for practical deployment, alongside
future research on the whole system design.
|
Thesis topic in co-operation with the Fraunhofer Institute for Applied and Integrated Security AISEC, Garching