Computer systems in general and personal 'data banks' in particular need protection. This can be achieved by enciphering all material and authenticating the legitimate origin of any command to the computer.

Horst FeistelScientific American (1973 volume 228 number 5)
OEM love

Over the air updating of software done more secure and from a trusted source

When developing IoT devices, one of the most difficult problems to solve is how to update the firmware on the device. Once the device is deployed, firmware updates play a critical part in its lifetime, particularly when devices have a long lifetime, are deployed in remote or inaccessible areas or where manual intervention is cost prohibitive or otherwise difficult.

In order for a device to apply an update, it has to make several decisions about the update such as does it trust the author of the update, has the firmware been corrupted, does the firmware update apply to this device, is the update older than the active firmware, when should the device apply the update, how should the device apply the update, what kind of firmware binary is it, where should the update be obtained and where should the firmware be stored? 

Robust Permissions24/7 up and running

“A device may have many modules that require updating individually. It may also need to trust several actors in order to authorize an update.”

Policy DocumentsTrusted Instructions

“When a simple set of permissions fails to encapsulate the rules required for a device make decisions about the data, a policy document can be used instead. ”

Information SafetyHashed Firmware

“The firmware image can be confidentiality protected so that attempts by an adversary to recover the plaintext binary can be prevented. Obtaining the plaintext binary is often one of the first steps for an attack to mount an attack. ”

Payload SignatureImmutable and signed

“The payload is authenticated and attempts to flash a malicious payload are notified, stored and prevented. ”

Payload Security

Cryptographic information, such as digital signatures and firmware hash

Payload Metadata

Information about where to store the firmware image

Payload Intelligence

Information about the device(s) the firmware is intented to be applied to

Payload Accountability

Pointers to the firmware image and information about the format

Payload Schedule

Information about when and by whom the firmware update has to be applied

Payload Class

Information containing the manufacturer and device class ID