Abstract

The increasing vulnerabilities found in Internet of Things (IoT) devices have raised the need for a solid mechanism of securing the firmware update of these connected objects, since firmware updates are one way to patch vulnerabilities and add security features. This survey analyses the types of attacks that target the firmware update operation in IoT devices and the available secure firmware update methods for IoT devices in the literature between 2004 and 2018. In addition, several popular firmware analysis and vulnerability detection tools are presented. We believe this paper will open the possibility for firmware analysis, attacks and security and therefore help researchers to develop new mechanisms to protect the embedded systems.