Wisecr: Secure Simultaneous Code Dissemination to Many Batteryless Computational RFID Devices
Yang Su, Michael Chesser, Yansong Gao, Alanson Sample and Damith Ranasinghe
Emerging ultra-low-power tiny scale computing devices run on harvested energy, are intermittently powered, have limited computational capability, and perform sensing and actuation functions under the control of a dedicated firmware operating without the supervisory control of an operating system. Wirelessly updating or patching firmware of such devices is inevitable. We consider the challenging problem of simultaneous and secure firmware updates or patching for a typical class of such devices—Computational Radio Frequency Identification (CRFID) devices. We propose Wisecr, the first secure and simultaneous wireless code dissemination mechanism to multiple devices that prevents malicious code injection attacks and intellectual property (IP) theft, whilst enabling remote attestation of code installation. Importantly, Wisecr is engineered to comply with existing ISO compliant communication protocol standards employed by CRFID devices and systems. We comprehensively evaluate Wisecr’s overhead, demonstrate its implementation over standards compliant protocols, analyze its security, implement an end-to-end realization with popular CRFID devices and open-source the complete software package on GitHub.