PUF-based Robust Over-the-Air Software Update Protocol for IoT Devices

Secure software/firmware updates continue to be a critical challenge, particularly for resource-constrained IoT devices, where traditional cryptographic mechanisms are deemed unsuitable given their significant computational and energy overhead. This article promotes PROUD, a novel approach that is both robust and lightweight. Specifically, hardware-embedded Physical Unclonable Functions (PUFs) are leveraged for device-specific authentication and software/firmware integrity verification. PROUD employs PUFs as tamper-proof identifiers, eliminating the vulnerabilities of conventional key storage-based methods. The design also incorporates a streamlined verification process that validates the authenticity of the update during over-the-air transfers, ensuring resilience against unauthorized modifications. Prototype implementation on a Xilinx Artix-7 FPGA shows that PROUD imposes minimal overhead, in terms of logic (790 LUT, 373 FF), latency (1.4ms) and power (6mW). PROUD marks a step towards more autonomous, hardware-rooted trust models, offering a scalable and secure path for Software/firmware updates in IoT ecosystems.