Liaison statement
LS on IoT secure update procedure

State Posted
Posted Date 2018-02-06
From Group ITU-T-SG-17-TSB
From Contact Xiaoya Yang
To Group suit
To Contacts Dave Thaler
David Waltermire
Russ Housley
CcDavid Waltermire
Russ Housley
Scott Mansfield
Kathleen Moriarty
Dave Thaler
Software Updates for Internet of Things Discussion List
Eric Rescorla
Response Contact
Purpose For information
Attachments SG17-LS084
ITU-T SG 17 would like to congratulate the establishment of the new working group on Software Updates for Internet of Things, i.e., SUIT WG.

We would like to inform you that we have a work item under development, draft Recommendation ITU-T X.secup-iot Secure Software Update for IoT devices. The work item was initially discussed at the August 2016 SG17 meeting, and was officially approved as a work item at the August/September 2017 SG17 meeting. We believe this work item is closely related to the scope of the WG SUIT.

To facilitate the discussion, this liaison statement provides the brief overview of the ITU-T X.secup-iot below:

        This draft Recommendation provides 1) a basic model for updating IoT software/firmware; 2) a common update procedure (sequences) for IoT firmware
         (including software), and 3) the requirements and capabilities for updating IoT firmware. A common software/firmware update procedure is defined
         with general requirements. With these, IoT secure updates can be securely implemented in common among stakeholders in IoT context comprising
         IoT device developer and IoT system/service providers.

        The network architecture of IoT devices may differ, but four functional entities are required in all the cases, i.e., Device core, Communicator, Status
        tracker, and Firmware server. A Device core stores and uses firmware on an IoT device. A Communicator checks the firmware status of the IoT device
        and initiate firmware update procedure upon needed. A Status tracker keeps tabs on the status of IoT devices under its administration. For instance, it
        checks the list of IoT devices that has already completed the update. A Firmware server distributes firmware packages. The list of capabilities of these
        functional entities are elaborated in the later section. A Device core communicates with a Communicator; multiple Communicators communicate with
        a Status tracker, which may communicate with multiple Firmware servers.

        Note that most of these functional entities may reside inside one node. For instance, a webcam runs the functions of Device core and Communicator
        while a web server may serve as Status tracker and Firmware server. Multiple Communicators may reside inside one gateway machine. Depending on
        the degree of constraints of the IoT devices, such design may differ.

        A common firmware update procedure (sequences) is elaborated using a high-level procedure and illustrative implementation examples. Based on the
        functional entities and procedure definitions, requirements and capabilities are listed in the draft.

We hope to collaborate with your group by sharing the current status of ITU-T X.secup-iot. Should you have any questions or comments, please feel free to contact us.