{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,10]],"date-time":"2025-09-10T22:51:41Z","timestamp":1757544701513,"version":"3.40.3"},"publisher-location":"Cham","reference-count":29,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030417017"},{"type":"electronic","value":"9783030417024"}],"license":[{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2020]]},"DOI":"10.1007\/978-3-030-41702-4_14","type":"book-chapter","created":{"date-parts":[[2020,3,2]],"date-time":"2020-03-02T00:02:26Z","timestamp":1583107346000},"page":"223-239","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":4,"title":["Automated Security Analysis of IoT Software Updates"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-2802-0922","authenticated-orcid":false,"given":"Nicolas","family":"Dejon","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5408-4735","authenticated-orcid":false,"given":"Davide","family":"Caputo","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7155-7429","authenticated-orcid":false,"given":"Luca","family":"Verderame","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5246-2157","authenticated-orcid":false,"given":"Alessandro","family":"Armando","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2272-2376","authenticated-orcid":false,"given":"Alessio","family":"Merlo","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2020,3,2]]},"reference":[{"key":"14_CR1","unstructured":"Padilla, F.J.A., Baccelli, E., Eichinger, T., Schleiser, K.: The future of IoT software must be updated. In: IAB Workshop on Internet of Things Software Update (IoTSU) (2016)"},{"key":"14_CR2","doi-asserted-by":"crossref","unstructured":"Armando, A., Costa, G., Merlo, A., Verderame, L.: Enabling BYOD through secure meta-market. In: Proceedings of the 2014 ACM Conference on Security and Privacy in Wireless Mobile Networks, WiSec 2014, pp. 219\u2013230. ACM, New York (2014)","DOI":"10.1145\/2627393.2627410"},{"key":"14_CR3","doi-asserted-by":"publisher","first-page":"123","DOI":"10.1007\/s10207-014-0252-y","volume":"14","author":"A Armando","year":"2015","unstructured":"Armando, A., Costa, G., Merlo, A., Verderame, L.: Formal modeling and automatic enforcement of Bring Your Own Device policies. Int. J. Inf. Secur. 14, 123\u2013140 (2015)","journal-title":"Int. J. Inf. Secur."},{"key":"14_CR4","doi-asserted-by":"publisher","first-page":"48","DOI":"10.1109\/MC.2014.164","volume":"47","author":"A Armando","year":"2014","unstructured":"Armando, A., Costa, G., Verderame, L., Merlo, A.: Securing the \u201cbring your own device\u201d paradigm. Computer 47, 48\u201356 (2014)","journal-title":"Computer"},{"key":"14_CR5","doi-asserted-by":"publisher","first-page":"4428","DOI":"10.1109\/JIOT.2018.2815038","volume":"5","author":"E Baccelli","year":"2018","unstructured":"Baccelli, E., et al.: RIOT: an open source operating system for low-end embedded devices in the IoT. IEEE Internet Things J. 5, 4428\u20134440 (2018)","journal-title":"IEEE Internet Things J."},{"key":"14_CR6","doi-asserted-by":"crossref","unstructured":"Bettayeb, M., Nasir, Q., Talib, M.A.: Firmware update attacks and security for IoT devices. In: Proceedings of the ArabWIC 6th Annual International Conference Research Track, ArabWIC 2019. ACM (2019)","DOI":"10.1145\/3333165.3333169"},{"key":"14_CR7","doi-asserted-by":"crossref","unstructured":"Bormann, C., Ersue, M., Keranen, A.: Terminology for constrained-node networks. Internet Engineering Task Force (IETF), Fremont, CA, USA (2014)","DOI":"10.17487\/rfc7228"},{"key":"14_CR8","unstructured":"Celik, Z.B., McDaniel, P., Tan, G.: SOTERIA: automated IoT safety and security analysis. In: Proceedings of the 2018 USENIX Annual Technical Conference (2018)"},{"key":"14_CR9","doi-asserted-by":"crossref","unstructured":"Celik, Z.B., Tan, G., McDaniel, P.: IoTGuard: dynamic enforcement of security and safety policy in commodity IoT. In: Network and Distributed Systems Security (NDSS) Symposium 2019 (2019)","DOI":"10.14722\/ndss.2019.23326"},{"key":"14_CR10","doi-asserted-by":"crossref","unstructured":"Clarke, E.M., Klieber, W.: Model checking and the state explosion problem. Technical report (2011)","DOI":"10.1007\/978-3-642-35746-6_1"},{"key":"14_CR11","doi-asserted-by":"publisher","unstructured":"Doddapaneni, K., Lakkundi, R., Rao, S., Kulkarni, S., Bhat, B.: Secure FoTA object for IoT. In: 2017 IEEE 42nd Conference on Local Computer Networks Workshops (LCN Workshops) (2017). https:\/\/doi.org\/10.1109\/LCN.Workshops.2017.78","DOI":"10.1109\/LCN.Workshops.2017.78"},{"key":"14_CR12","series-title":"IFIP Advances in Information and Communication Technology","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/978-0-387-34892-6_1","volume-title":"Protocol Specification, Testing and Verification XV","author":"R Gerth","year":"1996","unstructured":"Gerth, R., Peled, D., Vardi, M.Y., Wolper, P.: Simple on-the-fly automatic verification of linear temporal logic. PSTV 1995. IAICT, pp. 3\u201318. Springer, Boston, MA (1996). https:\/\/doi.org\/10.1007\/978-0-387-34892-6_1"},{"key":"14_CR13","unstructured":"Goldblatt, R.: Logics of time and computation. Center for the Study of Language and Information, Stanford (1992)"},{"key":"14_CR14","doi-asserted-by":"publisher","first-page":"720","DOI":"10.1109\/JIOT.2015.2505901","volume":"3","author":"O Hahm","year":"2015","unstructured":"Hahm, O., Baccelli, E., Petersen, H., Tsiftes, N.: Operating systems for low-end devices in the Internet of Things: a survey. IEEE Internet Things J. 3, 720\u2013734 (2015)","journal-title":"IEEE Internet Things J."},{"key":"14_CR15","doi-asserted-by":"crossref","unstructured":"Hunkeler, U., Truong, H.L., Stanford-Clark, A.: MQTT-S - a publish\/subscribe protocol for wireless sensor networks. In: 2008 3rd International Conference on Communication Systems Software and Middleware and Workshops (COMSWARE 2008) (2008)","DOI":"10.1109\/COMSWA.2008.4554519"},{"key":"14_CR16","unstructured":"IETF: Firmware manifest format (2019). https:\/\/tools.ietf.org\/html\/draft-moran-suit-manifest-01. Accessed 11 Sept 2019"},{"key":"14_CR17","unstructured":"IETF: Website of: A firmware update architecture for internet of things devices draft-ietf-suit-architecture-06 (2019). https:\/\/tools.ietf.org\/pdf\/draft-ietf-suit-architecture-06.pdf. Accessed 11 Sept 2019"},{"key":"14_CR18","unstructured":"IETF: Website of: Firmware updates for internet of things devices - an information model for manifests draft-ietf-suit-information-model-03 (2019). https:\/\/tools.ietf.org\/html\/draft-ietf-suit-information-model-03. Accessed 11 Sept 2019"},{"key":"14_CR19","unstructured":"IETF: Website of: Ietf suit draft architecture (2019). https:\/\/tools.ietf.org\/html\/draft-ietf-suit-architecture. Accessed 7 Aug 2019"},{"key":"14_CR20","doi-asserted-by":"crossref","unstructured":"Kolehmainen, A.: Secure firmware updates for IoT: a survey. In: 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData) (2018)","DOI":"10.1109\/Cybermatics_2018.2018.00051"},{"key":"14_CR21","doi-asserted-by":"publisher","DOI":"10.1109\/MVT.2017.2778751","author":"TK Kuppusamy","year":"2018","unstructured":"Kuppusamy, T.K., DeLong, L.A., Cappos, J.: Uptane: security and customizability of software updates for vehicles. IEEE Veh. Technol. Mag. (2018). https:\/\/doi.org\/10.1109\/MVT.2017.2778751","journal-title":"IEEE Veh. Technol. Mag."},{"key":"14_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"585","DOI":"10.1007\/978-3-642-22110-1_47","volume-title":"Computer Aided Verification","author":"M Kwiatkowska","year":"2011","unstructured":"Kwiatkowska, M., Norman, G., Parker, D.: PRISM 4.0: verification of probabilistic real-time systems. In: Gopalakrishnan, G., Qadeer, S. (eds.) CAV 2011. LNCS, vol. 6806, pp. 585\u2013591. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-22110-1_47"},{"key":"14_CR23","doi-asserted-by":"crossref","unstructured":"Nguyen, D.T., Song, C., Qian, Z., Krishnamurthy, S.V., Colbert, E.J., McDaniel, P.: IotSan: fortifying the safety of IoT systems. In: CoNEXT 2018 - Proceedings of the 14th International Conference on Emerging Networking EXperiments and Technologies (2018)","DOI":"10.1145\/3281411.3281440"},{"key":"14_CR24","unstructured":"RIOT: Riot-os (2019). https:\/\/www.riot-os.org. Accessed 7 Aug 2019"},{"key":"14_CR25","doi-asserted-by":"publisher","first-page":"54","DOI":"10.1109\/MSP.2018.1331033","volume":"16","author":"E Ronen","year":"2018","unstructured":"Ronen, E., Shamir, A., Weingarten, A.O., Oflynn, C.: IoT goes nuclear: creating a Zigbee chain reaction. IEEE Secur. Priv. 16, 54\u201362 (2018)","journal-title":"IEEE Secur. Priv."},{"key":"14_CR26","doi-asserted-by":"publisher","first-page":"62","DOI":"10.1109\/MIC.2012.29","volume":"16","author":"Z Shelby","year":"2012","unstructured":"Shelby, Z., Castellani, A.P., Bormann, C.: CoAP: an application protocol for billions of tiny internet nodes. IEEE Internet Comput. 16, 62\u201367 (2012)","journal-title":"IEEE Internet Comput."},{"key":"14_CR27","doi-asserted-by":"publisher","first-page":"1172","DOI":"10.1016\/j.future.2017.08.010","volume":"92","author":"FA Teixeira","year":"2019","unstructured":"Teixeira, F.A., Pereira, F.M., Wong, H.C., Nogueira, J.M., Oliveira, L.B.: SIoT: securing Internet of Things through distributed systems analysis. Future Gener. Comput. Syst. 92, 1172\u20131186 (2019)","journal-title":"Future Gener. Comput. Syst."},{"key":"14_CR28","unstructured":"Xu, L., Sun, F., Su, Z.: Constructing precise control flow graphs from binaries. Technical report, University of California (2009)"},{"key":"14_CR29","doi-asserted-by":"publisher","first-page":"71907","DOI":"10.1109\/ACCESS.2019.2919760","volume":"7","author":"K Zandberg","year":"2019","unstructured":"Zandberg, K., Schleiser, K., Acosta, F., Tschofenig, H., Baccelli, E.: Secure firmware updates for constrained iot devices using open standards: a reality check. IEEE Access 7, 71907\u201371920 (2019)","journal-title":"IEEE Access"}],"container-title":["Lecture Notes in Computer Science","Information Security Theory and Practice"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-41702-4_14","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,3,2]],"date-time":"2024-03-02T01:07:34Z","timestamp":1709341654000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-41702-4_14"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020]]},"ISBN":["9783030417017","9783030417024"],"references-count":29,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-41702-4_14","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2020]]},"assertion":[{"value":"2 March 2020","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"WISTP","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"IFIP International Conference on Information Security Theory and Practice","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Paris","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"France","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2019","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"11 December 2019","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"12 December 2019","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"13","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"wistp2019","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/www.wistp.org\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"42","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"12","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"2","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"29% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"2.7","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}