SECURE IOT DEVICE UPDATE
First Claim
1. An apparatus for updating, comprising:
- an IoT device including a first memory adapted to store run-time data for the device, and at least one processor that is adapted to execute processor-executable code that, in response to execution, enables at least two independent execution environments for the application processor including first independent execution environment and a second execution environment, wherein the first independent execution environment has at least one capability that the second independent execution environment does not have, and further configured in response to execution to enable actions, including;
communicating a request that is associated with a requested update from the second independent execution environment to the first independent execution environment;
validating the requested update;
communicating instructions associated with the validated update from the first independent execution environment to the second independent execution environment;
for image binaries associated with the validated update, sending image requests from the second independent execution environment to a cloud service;
receiving, by the first independent execution environment, the requested image binaries from the cloud service;
using the first independent execution environment to write the received image binaries to a second memory; and
validating the written image binaries.
1 Assignment
0 Petitions
Accused Products
Abstract
The disclosed technology is generally directed to updating of applications, firmware and/or other software on IoT devices. In one example of the technology, a request that is associated with a requested update is communicated from a normal world of a first application processor to a secure world of the first application processor. The secure world validates the requested update. Instructions associated with the validated update are communicated from the secure world to the normal world. Image requests are sent from the normal world to a cloud service for image binaries associated with the validated update. The secure world receives the requested image binaries from the cloud service. The secure world writes the received image binaries to memory, and validates the written image binaries.
-
Citations
20 Claims
-
1. An apparatus for updating, comprising:
an IoT device including a first memory adapted to store run-time data for the device, and at least one processor that is adapted to execute processor-executable code that, in response to execution, enables at least two independent execution environments for the application processor including first independent execution environment and a second execution environment, wherein the first independent execution environment has at least one capability that the second independent execution environment does not have, and further configured in response to execution to enable actions, including; communicating a request that is associated with a requested update from the second independent execution environment to the first independent execution environment; validating the requested update; communicating instructions associated with the validated update from the first independent execution environment to the second independent execution environment; for image binaries associated with the validated update, sending image requests from the second independent execution environment to a cloud service; receiving, by the first independent execution environment, the requested image binaries from the cloud service; using the first independent execution environment to write the received image binaries to a second memory; and validating the written image binaries. - View Dependent Claims (2, 3, 4, 5, 6, 7, 11, 12, 13, 14, 15, 16, 17, 19, 20)
-
8. A method for updating, comprising:
-
communicating, in at least one processor that includes a first independent execution environment and a second independent execution environment, wherein the first independent execution environment has at least one capability that the second independent execution environment does not have, a request that is associated with a requested update from a second independent execution environment of a first application processor to a secure world of the first application processor; validating the requested update; communicating instructions associated with the validated update from the secure world to the second independent execution environment; for image binaries associated with the validated update, sending image requests from the second independent execution environment to a cloud service; receiving, by the secure world, the requested image binaries from the cloud service; using the secure world to write the received image binaries to memory; and validating the written image binaries. - View Dependent Claims (9, 10)
-
-
18. A processor-readable storage medium, having stored thereon processor-executable code that is configured to, upon execution by at least one processor, enable at least two independent execution environments for the processor including a first independent execution environment and a second execution environment, wherein the first independent execution environment has at least one capability that the second independent execution environment does not have, and further configured in response to execution to enable actions, including:
-
communicating a request that is associated with a requested update from the second independent execution environment to the secure world; validating the requested update; communicating instructions associated with the validated update from the secure world to the second independent execution environment; for image binaries associated with the validated update, sending image requests from the second independent execution environment to a cloud service; receiving, by the secure world, the requested image binaries from the cloud service; using the secure world to write the received image binaries to memory; and validating the written image binaries.
-
Specification