Author(s): Sandhya Guduru
Firmware security is a growing concern in IoT environments, as many devices are shipped with outdated or vulnerable software. Traditional security methods, such as manual testing and patching, are time-consuming and ineffective against the increasing complexity of firmware architectures. This research proposes an automated approach to firmware security using QEMU-based emulation, AFL++ fuzzing, and CVSS scoring to identify vulnerabilities. Additionally, secure OTA updates are implemented through Mender, ensuring compliance with The Update Framework (TUF) and leveraging Ed25519 cryptographic signatures for protection. By integrating these technologies, this framework enhances IoT security by automating both vulnerability detection and firmware updates, reducing the risks of cyberattacks.
View PDF