[Fud] Charter Text

[Hannes Tschofenig <hannes.tschofenig@gmx.net>]

Here is a strawman proposal for a charter text. Suggestions welcome!

----

Firmware Updating Description (FUD)

Vulnerabilities with Internet of Things (IoT) devices have raised the
need for a secure firmware update mechanism that is also suitable for
constrained devices. Security experts, researchers and regulators
recommend that all IoT devices are equipped with such a mechanism. While
there are many proprietary firmware update mechanisms in use today there
is a lack of an modern interoperable approach of securely updating IoT
devices.

A firmware update solution consists of several components, including a
mechanism to transport firmware images to IoT devices and a manifest
that provides meta-data about the firmware image as well as
cryptographic information for protecting the firmware image in an
end-to-end fashion. With RFC 4018 the IETF standardized a manifest
format that uses the Cryptographic Message Syntax (CMS) to protect
firmware packages.

Since the publication of RFC 4108 more than 10 years have passed and
more experience with IoT deployments have lead to additional
functionality requiring the work done with RFC 4108 to be revisited. The
purpose of this group is to standardize a version 2 of RFC 4108 that
reflects best current practices. This group will not define any
transport mechanism.

In 2016 the Internet Architecture Board organized a workshop on
'Internet of Things (IoT) Software Update (IOTSU)', which took place at
Trinity College Dublin, Ireland on the 13th and 14th of June, 2016. The
main goal of the workshop was to foster a discussion on requirements,
challenges and solutions for bringing software and firmware updates to
IoT devices. This workshop also made clear that there are challenges
with lack of regulatory requirements, and misaligned incentives. It is
nevertheless seen as important to standardize the building blocks that
help interested parties to implement and deploy a solid firmware update
mechanism.

In particular this group aims to publish two documents, namely
 * an IoT firmware update architecture that includes a description of
the involved entities, security threats and assumptions, and
 * the manifest format itself.

This group does not aim to standardize a generic software update
mechanism used by rich operating systems, like Linux, but instead
focuses on software development practices in the embedded industry.

This group will aim to develop a close relationship with silicon vendors
and OEMs that develop IoT operating systems.

Milestones

Dec 2017     Submit "Architecture" document as WG item.

Dec 2017     Submit "Manifest Format" specification as WG item.

Jul 2018    Submit "Architecture" to the IESG for publication as an
Informational RFC.

Nov 2018     Submit "Manifest Format" to the IESG for publication as a
Proposed Standard.


Additional calendar items:

Mar 2018     Release initial version of the manifest creation tools as
open source.

Apr 2018     Release first version of manifest test tool suite as open
source.

Jun 2018     Release first IoT OS implementation of firmware update
mechanisms as open source.