{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,16]],"date-time":"2026-06-16T14:48:17Z","timestamp":1781621297479,"version":"3.54.5"},"reference-count":44,"publisher":"MDPI AG","issue":"2","license":[{"start":{"date-parts":[[2022,1,11]],"date-time":"2022-01-11T00:00:00Z","timestamp":1641859200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Sensors"],"abstract":"<jats:p>Internet of Things (IoT) device security is one of the crucial topics in the field of information security. IoT devices are often protected securely through firmware update. Traditional update methods have their shortcomings, such as bandwidth limitation and being attackers\u2019 easy targets. Although many scholars proposed a variety of methods that are based on the blockchain technology to update the firmware, there are still demerits existing in their schemes, including large storage space and centralized stored firmware. In summary, this research proposes a highly secure and efficient protection mechanism that is based on the blockchain technology to improve the above disadvantages. Therefore, this study can reduce the need of storage space and improve system security. The proposed system has good performance in some events, including firmware integrity, security of IoT device connection, system security, and device anonymity. Furthermore, we confirm the high security and practical feasibility of the proposed system by comparing with the existing methods.<\/jats:p>","DOI":"10.3390\/s22020530","type":"journal-article","created":{"date-parts":[[2022,1,11]],"date-time":"2022-01-11T20:33:04Z","timestamp":1641933184000},"page":"530","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":29,"title":["A Highly Secure IoT Firmware Update Mechanism Using Blockchain"],"prefix":"10.3390","volume":"22","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-4247-914X","authenticated-orcid":false,"given":"Woei-Jiunn","family":"Tsaur","sequence":"first","affiliation":[{"name":"Computer Center, National Taipei University, New Taipei City 237303, Taiwan"},{"name":"Department of Computer Science and Information Engineering, National Taipei University, New Taipei City 237303, Taiwan"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Jen-Chun","family":"Chang","sequence":"additional","affiliation":[{"name":"Department of Computer Science and Information Engineering, National Taipei University, New Taipei City 237303, Taiwan"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4958-2043","authenticated-orcid":false,"given":"Chin-Ling","family":"Chen","sequence":"additional","affiliation":[{"name":"School of Computer and Information Engineering, Xiamen University of Technology, Xiamen 361005, China"},{"name":"School of Information Engineering, Changchun Sci-Tech University, Changchun 130600, China"},{"name":"Department of Computer Science and Information Engineering, Chaoyang University of Technology, Taichung City 413310, Taiwan"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"1968","published-online":{"date-parts":[[2022,1,11]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","unstructured":"Zhang, Z., and Cho, M. (2014, January 17\u201319). IoT Security: Ongoing Challenges and Research Opportunities. Proceedings of the IEEE 7th International Conference on Service-Oriented Computing and Applications, Matsue, Japan.","DOI":"10.1109\/SOCA.2014.58"},{"key":"ref_2","unstructured":"Jgamblin (2021, November 25). Mirai BotNet. Available online: https:\/\/github.com\/jgamblin\/Mirai-Source-Code."},{"key":"ref_3","unstructured":"Herzberg, B., Bekerman, D., and Zeifman, I. (2021, November 25). Breaking Down Mirai: An IoT DDoS Botnet Analysis. Available online: https:\/\/www.incapsula.com\/blog\/malware-analysis-mirai-ddos-botnet.html."},{"key":"ref_4","unstructured":"FCA US LLC Wired (2021, October 15). FCA US Responds to Wired Car Hack Story with Security Patch. Available online: http:\/\/www.todaysmotorvehicles.com\/article\/automotive-design-electronics-safety-hackers-patch-wired-fca-072315\/."},{"key":"ref_5","unstructured":"Cui, A., Costello, M., and Stolfo, S. (2013, January 24\u201327). When Firmware Modifications Attack: A Case Study of Embedded Exploitation. Proceedings of the 20th Symposium on Network and Distributed System Security, San Diego, CA, USA."},{"key":"ref_6","unstructured":"Mercer, D. (2021, November 25). Smart Home Will Drive Internet of Things Top 50 Billion Devices, Says Strategy Analytics. Available online: https:\/\/www.strategyanalytics.com\/strategy-analytics\/."},{"key":"ref_7","unstructured":"Insecam (2021, November 25). Network Live IP Video Cameras Directory. Available online: https:\/\/www.insecam.org\/."},{"key":"ref_8","unstructured":"Cottrell, A., Bethur, J., Markey, T., Srikant, M., and Srinivasan, L. (2006). Secure Firmware Update. (US20060143600A1), U.S. Patent."},{"key":"ref_9","doi-asserted-by":"crossref","first-page":"527","DOI":"10.1007\/s11277-011-0385-5","article-title":"Security Challenges in the IP-based Internet of Things","volume":"61","author":"Heer","year":"2011","journal-title":"Wirel. Pers. Commun."},{"key":"ref_10","doi-asserted-by":"crossref","first-page":"71907","DOI":"10.1109\/ACCESS.2019.2919760","article-title":"Secure firmware updates for constrained IoT devices using open standards: A reality check","volume":"7","author":"Zandberg","year":"2019","journal-title":"IEEE Access"},{"key":"ref_11","doi-asserted-by":"crossref","first-page":"1152","DOI":"10.1007\/s11227-016-1870-0","article-title":"Blockchain-based Secure Firmware Update for Embedded Devices in An Internet of Things Environment","volume":"73","author":"Lee","year":"2017","journal-title":"J. Supercomput."},{"key":"ref_12","doi-asserted-by":"crossref","unstructured":"Boudguiga, A., Bouzerna, N., Granboulan, L., Olivereau, A., Quesnel, F., Roger, A., and Sirdey, R. (2017, January 26\u201328). Towards Better Availability and Accountability for IoT Updates by Means of a Blockchain. Proceedings of the IEEE European Symposium on Security and Privacy Workshops, Paris, France.","DOI":"10.1109\/EuroSPW.2017.50"},{"key":"ref_13","doi-asserted-by":"crossref","unstructured":"Yohan, A., and Lo, N. (2019, January 10\u201313). An Over-the-blockchain Firmware Update Framework for IoT Devices. Proceedings of the IEEE Conference on Dependable and Secure Computing, Kaohsiung, Taiwan.","DOI":"10.1109\/DESEC.2018.8625164"},{"key":"ref_14","unstructured":"Krebs (2021, November 25). Mirai IoT Botnet Co-Authors Plead Guilty. Available online: https:\/\/krebsonsecurity.com\/2017\/12\/mirai-iot-botnet-co-authors-plead-guilty\/."},{"key":"ref_15","doi-asserted-by":"crossref","first-page":"80","DOI":"10.1109\/MC.2017.201","article-title":"DDoS in the IoT: Mirai and Other Botnets","volume":"50","author":"Kolias","year":"2017","journal-title":"Computer"},{"key":"ref_16","doi-asserted-by":"crossref","unstructured":"Sinanovi\u0107, H., and Mrdovic, S. (2017, January 21\u201323). Analysis of Mirai Malicious Software. Proceedings of the 25th International Conference on Software, Telecommunications and Computer Networks, Split, Croatia.","DOI":"10.23919\/SOFTCOM.2017.8115504"},{"key":"ref_17","unstructured":"Sarkar, S. (2021, November 25). Thousands of Printers Hacked across the Globe after Critical Flaw Exposed. Available online: https:\/\/www.techradar.com\/news\/thousands-of-printers-hacked-across-the-globe-after-critical-flaw-exposed."},{"key":"ref_18","doi-asserted-by":"crossref","first-page":"2084","DOI":"10.1109\/COMST.2016.2535718","article-title":"Bitcoin and Beyond: A Technical Survey on Decentralized Digital Currencies","volume":"18","author":"Tschorsch","year":"2016","journal-title":"IEEE Commun. Surv. Tutor."},{"key":"ref_19","unstructured":"Nakamoto, S. (2021, November 25). Bitcoin: A Peer-to-peer Electronic Cash System. Available online: https:\/\/bitcoin.org\/bitcoin.pdf."},{"key":"ref_20","unstructured":"HOMESTEAD (2021, November 25). Ethereum: Blockchain App Platforms. Available online: https:\/\/www.ethereum.org\/."},{"key":"ref_21","unstructured":"Wood, G. (2021, December 31). Ethereum: A Secure Decentralized Generalized Transaction Ledger; Ethereum Yellow Paper. Available online: https:\/\/ethereum.github.io\/yellowpaper\/paper.pdf."},{"key":"ref_22","doi-asserted-by":"crossref","unstructured":"Atzei, N., Bartoletti, M., and Cimoli, T. (2017, January 22\u201329). A Survey of Attacks on Ethereum Smart Contracts. Proceedings of the International Conference on Principles of Security and Trust, Uppsala, Sweden.","DOI":"10.1007\/978-3-662-54455-6_8"},{"key":"ref_23","unstructured":"Bartoletti, M., Carta, S., Cimoli, T., and Saia, R. (2017). Dissecting Ponzi Schemes on Ethereum: Identification, Analysis, and Impact. arXiv."},{"key":"ref_24","unstructured":"HOMESTEAD (2021, November 25). Hyperledger: The Linux Foundation Projects. Available online: https:\/\/www.hyperledger.org\/."},{"key":"ref_25","unstructured":"Cachin, C. (2016, January 25). Architecture of the Hyperledger Blockchain Fabric. Proceedings of the Workshop on Distributed Cryptocurrencies and Consensus Ledgers, Chicago, IL, USA."},{"key":"ref_26","unstructured":"HOMESTEAD (2021, November 25). An Introduction to IOTA. Available online: https:\/\/iotasupport.com\/whatisiota_de.shtml."},{"key":"ref_27","unstructured":"Popov, S. (2021, November 25). The Tangle. Available online: https:\/\/iota.org\/IOTA_Whitepaper.pdf."},{"key":"ref_28","doi-asserted-by":"crossref","unstructured":"Burkhardt, D., Werling, M., and Lasi, H. (2018, January 17\u201320). Distributed Ledger. Proceedings of the IEEE International Conference on Engineering, Technology and Innovation, Stuttgart, Germany.","DOI":"10.1109\/ICE.2018.8436299"},{"key":"ref_29","doi-asserted-by":"crossref","unstructured":"Moubarak, J., Filiol, E., and Chamoun, M. (2018, January 18\u201320). On Blockchain Security and Relevant Attacks. Proceedings of the IEEE Middle East and North Africa Communications Conference, Jounieh, Lebanon.","DOI":"10.1109\/MENACOMM.2018.8371010"},{"key":"ref_30","doi-asserted-by":"crossref","unstructured":"Saraf, C., and Sabadra, S. (2018, January 11\u201312). Blockchain Platforms: A Compendium. Proceedings of the IEEE International Conference on Innovative Research and Development, Bangkok, Thailand.","DOI":"10.1109\/ICIRD.2018.8376323"},{"key":"ref_31","doi-asserted-by":"crossref","unstructured":"Moubarak, J., Filiol, E., and Chamoun, M. (2017, January 18\u201320). Comparative Analysis of Blockchain Technologies and TOR Network: Two Faces of the Same Reality. Proceedings of the 1st Cyber Security in Networking Conference, Rio de Janeiro, Brazil.","DOI":"10.1109\/CSNET.2017.8242004"},{"key":"ref_32","doi-asserted-by":"crossref","first-page":"39","DOI":"10.3233\/JCS-2007-15103","article-title":"Securing Vehicular Ad Hoc Networks","volume":"15","author":"Raya","year":"2007","journal-title":"J. Comput. Secur."},{"key":"ref_33","doi-asserted-by":"crossref","unstructured":"Zhang, C., Lu, R., Lin, X., Ho, P., and Shen, X. (2008, January 13\u201318). An Efficient Identity-based Batch Verification Scheme for Vehicular Sensor Networks. Proceedings of the Twenty-seventh IEEE INFOCOM, Phoenix, Arizona.","DOI":"10.1109\/INFOCOM.2008.58"},{"key":"ref_34","unstructured":"Moran, B., Tschofenig, H., and Birkholz, H. (2021, November 25). Firmware Updates for Internet of Things Devices\u2014An Information Model for Manifests. Available online: https:\/\/tools.ietf.org\/id\/draft-ietf-suit-information-model-02.html."},{"key":"ref_35","unstructured":"Rosenfeld, M. (2014). Analysis of HashRate-based Double-spending. arXiv."},{"key":"ref_36","unstructured":"Whittaker, Z. (2021, November 25). Hackers Dropped a Secret Backdoor in Asus\u2019 Update Software. Available online: https:\/\/techcrunch.com\/2019\/03\/25\/asus-update-backdoor\/."},{"key":"ref_37","unstructured":"Cyborkian (2021, November 25). Internet Chemotherapy. Available online: https:\/\/archive.fo\/PQAnU."},{"key":"ref_38","doi-asserted-by":"crossref","unstructured":"Jiang, B., Liu, Y., and Chan, W. (2018, January 3\u20137). ContractFuzzer: Fuzzing Smart Contracts for Vulnerability Detection. Proceedings of the 33rd ACM\/IEEE International Conference on Automated Software Engineering, Montpellier, France.","DOI":"10.1145\/3238147.3238177"},{"key":"ref_39","unstructured":"Siegel, D. (2021, November 25). Understanding the DAO Attack. Available online: https:\/\/www.coindesk.com\/understanding-dao-hack-journalists."},{"key":"ref_40","unstructured":"Unknown Author (2021, November 25). GovernMental. Available online: http:\/\/governmental.github.io\/GovernMental\/."},{"key":"ref_41","doi-asserted-by":"crossref","first-page":"941","DOI":"10.1109\/TC.2013.26","article-title":"Identity-Based Secure Distributed Data Storage Schemes","volume":"63","author":"Han","year":"2014","journal-title":"IEEE Trans. Comput."},{"key":"ref_42","doi-asserted-by":"crossref","first-page":"82721","DOI":"10.1109\/ACCESS.2019.2924045","article-title":"A Survey on IoT Security: Application Areas, Security Threats, and Solution Architectures","volume":"7","author":"Hassija","year":"2019","journal-title":"IEEE Access"},{"key":"ref_43","doi-asserted-by":"crossref","first-page":"781","DOI":"10.1016\/j.future.2017.08.036","article-title":"Searchain: Blockchain-based Private Keyword Search in Decentralized Storage","volume":"107","author":"Jiang","year":"2020","journal-title":"Future Gener. Comput. Syst."},{"key":"ref_44","doi-asserted-by":"crossref","first-page":"219","DOI":"10.1016\/j.ins.2018.06.071","article-title":"Block-Secure: Blockchain Based Scheme for Secure P2P Cloud Storage","volume":"465","author":"Li","year":"2018","journal-title":"Inf. Sci."}],"container-title":["Sensors"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1424-8220\/22\/2\/530\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,13]],"date-time":"2025-10-13T13:27:08Z","timestamp":1760362028000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1424-8220\/22\/2\/530"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,1,11]]},"references-count":44,"journal-issue":{"issue":"2","published-online":{"date-parts":[[2022,1]]}},"alternative-id":["s22020530"],"URL":"https:\/\/doi.org\/10.3390\/s22020530","relation":{},"ISSN":["1424-8220"],"issn-type":[{"value":"1424-8220","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022,1,11]]}}}