ROOT OF TRUST (RoT) APPLICATION FOR INTERNET OF THINGS (IoT) DEVICES
First Claim
1. An apparatus comprising:
- an Internet of Things (IoT) device including a processor, a memory, a flash memory, a network interface and a boot Read Only Memory (ROM);
a Root-of-Trust (RoT) application stored in the boot ROM wherein the RoT application causes the processor to perform the operations of;
running the RoT from the boot ROM after initialization of the IoT device, the RoT causing the device to perform the operations;
determining a selected image by determining if an update mode is set, wherein when the update mode is set the selected image comprises an update image and wherein when the update mode is not set, the selected image comprises a first image;
loading the selected image into memory;
determining whether a verification of a signature of the selected image is successful using a multi-time hash-based signature process; and
when the verification of the signature of the selected image is successful then transferring control to the selected image and when the verification of the signature of the selected image is not successful then performing a recovery boot.
1 Assignment
0 Petitions
Accused Products
Abstract
One embodiment provides an apparatus. The apparatus includes an Internet of Things (IoT) device including a processor, a memory, a flash memory, a network interface and a boot Read Only Memory (ROM). A Root-of-Trust (RoT) application stored in the boot ROM causes the processor run the RoT after initialization of the IoT device. The RoT causes the device to determine a selected image by determining if an update mode is set. The RoT also causes the processor to load the selected image into memory and determine whether a verification of a signature of the selected image is successful. When the verification of the signature is successful then control is transferred to the selected image and when the verification is not successful then a recovery boot is performed
-
Citations
24 Claims
-
1. An apparatus comprising:
-
an Internet of Things (IoT) device including a processor, a memory, a flash memory, a network interface and a boot Read Only Memory (ROM); a Root-of-Trust (RoT) application stored in the boot ROM wherein the RoT application causes the processor to perform the operations of; running the RoT from the boot ROM after initialization of the IoT device, the RoT causing the device to perform the operations; determining a selected image by determining if an update mode is set, wherein when the update mode is set the selected image comprises an update image and wherein when the update mode is not set, the selected image comprises a first image; loading the selected image into memory; determining whether a verification of a signature of the selected image is successful using a multi-time hash-based signature process; and when the verification of the signature of the selected image is successful then transferring control to the selected image and when the verification of the signature of the selected image is not successful then performing a recovery boot. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method comprising:
running a Root-of-Trust (RoT) from a boot Read Only Memory (ROM) after initialization of an Internet Of Things (IoT) device, the RoT causing the device to perform the operations; determining a selected image by determining if an update mode is set, wherein when the update mode is set the selected image comprises an update image and wherein when the update mode is not set, the selected image comprises a first image; loading the selected image into memory; determining whether a verification of a signature of the selected image is successful using a multi-time hash-based signature process; and when the verification of the signature of the selected image is successful then transferring control to the selected image and when the verification of the signature of the selected image is not successful then performing a recovery boot. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
17. A computer readable storage device having stored thereon instructions that when executed by one or more processors result in the following operations comprising:
running a Root-of-Trust (RoT) from a boot Read Only Memory (ROM) after initialization of an Internet Of Things (IoT) device, the RoT causing the device to perform the operations; determining a selected image by determining if an update mode is set, wherein when the update mode is set the selected image comprises an update image and wherein when the update mode is not set, the selected image comprises a first image; loading the selected image into memory; determining whether a verification of a signature of the selected image is successful using a multi-time hash-based signature process; and when the verification of the signature of the selected image is successful then transferring control to the selected image and when the verification of the signature of the selected image is not successful then performing a recovery boot. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24)
Specification