Secure Updates

Unauthorized software and firmware updates are a major threat vector for IoT devices. Unlike other cyber-attacks, IoT breaches can have physical consequences that result in loss of life or property. They can also introduce substantial legal liability and erode brand reputation.

There are three critical security requirements for delivering updates securely to IoT devices:

  • Securing access to the updates

  • Verifying the source of the updates

  • Verifying the integrity of the updates

Device Authority’s Secure Updates solution delivers each of these critical requirements for IoT environments. Through the application of our dynamic key generation technology, access to secure updates is restricted to authorized devices. Updates are also specifically encrypted for target devices and are not exposed as unprotected software or firmware downloads. Lastly, secure updates ensure that both the update source and the integrity of the updates themselves are verified, delivering end-to-end protection for device updates.

Device Authority’s Secure Updates solution does not rely on network transport security for update protection and is transport-agnostic to support both Over-the-Air (OTA) and Over-the-Network (OTN) updates utilizing various transport protocols.

Find out more in our Secure Over-the-Air Updates white paper.