Securing over-the-air firmware updates (FOTA) for industrial Internet of Things (IIoT) devices
Abstract
As industrial Internet of Things (IIoT) devices become integral to critical infrastructure, over-the-air (FOTA) firmware updates are essential for delivering remote functionality, custom features, and operational efficiency. However, FOTA also introduces new security risks that could impact safety and system reliability. This summary outlines a secure FOTA architecture that connects IIoT devices, gateways, cloud infrastructure, and development environments. It highlights common attack surfaces and key protections, such as secure boot, encrypted communications, and automated update processes. The paper emphasizes a shared responsibility model for cybersecurity to ensure FOTA delivers value without compromising safety.
The full paper is available on the IEEE Xplore website. You must be a member of IEEE in order to access the complete article.