[Suit] Common firmware update flaws

Hannes Tschofenig <Hannes.Tschofenig@arm.com> Thu, 17 September 2020 06:58 UTC

Return-Path: <Hannes.Tschofenig@arm.com>
X-Original-To: suit@ietfa.amsl.com
Delivered-To: suit@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 11CA43A0BEA for <suit@ietfa.amsl.com>; Wed, 16 Sep 2020 23:58:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=JDssAA2Y; dkim=pass (1024-bit key) header.d=armh.onmicrosoft.com header.b=JDssAA2Y
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pT9apInE2L2q for <suit@ietfa.amsl.com>; Wed, 16 Sep 2020 23:58:00 -0700 (PDT)
Received: from EUR03-AM5-obe.outbound.protection.outlook.com (mail-eopbgr30056.outbound.protection.outlook.com [40.107.3.56]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4F3AD3A11E6 for <suit@ietf.org>; Wed, 16 Sep 2020 23:57:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=rIEphsRCavs8jeJHy1W2rwuBsT58fx1eukCdSzoJmSE=; b=JDssAA2YKqOmkHGwZ8KtAOZk9jTeKbhhWJGuzOWQJ1m8Kn7EEU54S3PlKT3LYPq/Rg59jHhw41Qyu0QY2P6IshnQpf/4NJXxC41WiK8s0xJRAwqhrneo3c3h2CQYpHghbM43h9Y+kuSHNX63ese9wB23+5/8fkACE57jZU/PvHA=
Received: from AM5PR04CA0035.eurprd04.prod.outlook.com (2603:10a6:206:1::48) by DBBPR08MB4252.eurprd08.prod.outlook.com (2603:10a6:10:c2::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3391.13; Thu, 17 Sep 2020 06:57:29 +0000
Received: from AM5EUR03FT003.eop-EUR03.prod.protection.outlook.com (2603:10a6:206:1:cafe::6f) by AM5PR04CA0035.outlook.office365.com (2603:10a6:206:1::48) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3391.13 via Frontend Transport; Thu, 17 Sep 2020 06:57:29 +0000
X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; ietf.org; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;ietf.org; dmarc=bestguesspass action=none header.from=arm.com;
Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com;
Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by AM5EUR03FT003.mail.protection.outlook.com (10.152.16.149) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3391.15 via Frontend Transport; Thu, 17 Sep 2020 06:57:29 +0000
Received: ("Tessian outbound 7161e0c2a082:v64"); Thu, 17 Sep 2020 06:57:29 +0000
X-CR-MTA-TID: 64aa7808
Received: from 2364d11fd11b.1 by 64aa7808-outbound-1.mta.getcheckrecipient.com id 20904210-8D1B-4059-9DB2-3940FB8F6830.1; Thu, 17 Sep 2020 06:57:24 +0000
Received: from EUR01-DB5-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id 2364d11fd11b.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Thu, 17 Sep 2020 06:57:24 +0000
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=gvRopem1Dx+NE/PXkVLwEcymz7uVCKuPb/xPfYkj2QSmdoS1NFX64m38lngLBP7OU+WGrWAETgUh0bCQqXisxPWt5koKrsAdYQZIE+lCykYzJLYSTlGcdES/TKWGCU5N8RGZJ7UhXABSYSTErVNT4Ucbpr8D1/O49r90SuM8ZPc/qtUJocI12useZGkPr8ywcPAR8KCp/gFBnjKvq2abI1Oy2ZO5Jj4oESS5P+AI6zF2gjhjATLWIdoqBpzQtXoq22t0Kr9lEnkvkQMcsCy8IjB5EdnjdgbpUedrqdYJZFOWMZlB8ec9O2TXWaw9Ius8y1US97mR460auxhmrnVyIA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=rIEphsRCavs8jeJHy1W2rwuBsT58fx1eukCdSzoJmSE=; b=XWDAj0ZTk8AZDKB+gXMwKAu6FPzr263k7jPraDhC2M56yowULOES4fCmtz5EYp/WgOT+etJ8lkZxywQaVO7KRifaEL0PrxP9rV2UqNcm5yf+bZkT3QCjg4GFaJbAtOQVf5yq2swqgQTL/v+Ojbn0eODIMYglypiUUhzCAVGWWWjBPxznKvWs3ILr+AxpScA01Lv12LzYq7Wqvil39dWj2QUVuEtMb0a9J2sLYYT0n0rfQ6+oZ7AW2zXj4bN/kcR1Z1EAhqWq0McXYOreM4tVf4p+4hzpoBTjDpwA4S6MIMlaaZeRztfxrmHE+IObRziW2tvsRvRpGKxrBzra5nta5g==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=armh.onmicrosoft.com; s=selector2-armh-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=rIEphsRCavs8jeJHy1W2rwuBsT58fx1eukCdSzoJmSE=; b=JDssAA2YKqOmkHGwZ8KtAOZk9jTeKbhhWJGuzOWQJ1m8Kn7EEU54S3PlKT3LYPq/Rg59jHhw41Qyu0QY2P6IshnQpf/4NJXxC41WiK8s0xJRAwqhrneo3c3h2CQYpHghbM43h9Y+kuSHNX63ese9wB23+5/8fkACE57jZU/PvHA=
Received: from AM0PR08MB3716.eurprd08.prod.outlook.com (2603:10a6:208:106::13) by AM0PR08MB4977.eurprd08.prod.outlook.com (2603:10a6:208:163::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3391.14; Thu, 17 Sep 2020 06:57:23 +0000
Received: from AM0PR08MB3716.eurprd08.prod.outlook.com ([fe80::900e:c64d:a006:4860]) by AM0PR08MB3716.eurprd08.prod.outlook.com ([fe80::900e:c64d:a006:4860%6]) with mapi id 15.20.3391.015; Thu, 17 Sep 2020 06:57:23 +0000
From: Hannes Tschofenig <Hannes.Tschofenig@arm.com>
To: 'suit' <suit@ietf.org>
Thread-Topic: Common firmware update flaws
Thread-Index: AdaMvnA4R+ZSnBgPSuyAMcdkw4wW5w==
Date: Thu, 17 Sep 2020 06:57:23 +0000
Message-ID: <AM0PR08MB3716F68A9DD2AC86EE540710FA3E0@AM0PR08MB3716.eurprd08.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ts-tracking-id: 95864D23DD720B4DB298C6FDAB997D1D.0
x-checkrecipientchecked: true
Authentication-Results-Original: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=arm.com;
x-originating-ip: [80.92.122.149]
x-ms-publictraffictype: Email
X-MS-Office365-Filtering-HT: Tenant
X-MS-Office365-Filtering-Correlation-Id: aaff50c0-4bca-4978-77a8-08d85ad6f154
x-ms-traffictypediagnostic: AM0PR08MB4977:|DBBPR08MB4252:
X-Microsoft-Antispam-PRVS: <DBBPR08MB4252C5755B76F0C2220F7C17FA3E0@DBBPR08MB4252.eurprd08.prod.outlook.com>
x-checkrecipientrouted: true
nodisclaimer: true
x-ms-oob-tlc-oobclassifiers: OLM:6108;OLM:9508;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam-Untrusted: BCL:0;
X-Microsoft-Antispam-Message-Info-Original: YpoHqqdEQWs4gfdDtd6kGXuFFeXkukLdLVCQg2+9irk/K9pSpmSztTkU7g4ZNK+0bp3DmNiWYHdIvwAxlwFzHySj60r1plg4+HhrfzWM/P9ksWYKDduLQwBYIZw26SgEJJrtI+rNAkXlE9FLtSsdlvQuzEYNYy8V8md728eXZsrxZ+AjukD2YYyCwLGc4Y8V/Q+JBfs+GLLT5tgQ6ZuelaUCRvuKOlY+rPl6q1WIIQtIr8b65nK4rPWmcUK0b42GGAYU5yqZQKY4w5hDzlSqe2wTfYvIygAt7s7nrWTxzMVTyLRA0qzz3oKd+trwjHb6paYQna6M0/cbi6E3x3RrHw==
X-Forefront-Antispam-Report-Untrusted: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM0PR08MB3716.eurprd08.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(346002)(39860400002)(376002)(396003)(366004)(136003)(83380400001)(8676002)(5660300002)(7696005)(52536014)(15650500001)(6506007)(2906002)(3480700007)(26005)(86362001)(55016002)(9686003)(6916009)(478600001)(33656002)(76116006)(316002)(66476007)(66556008)(186003)(64756008)(66446008)(66946007)(8936002)(71200400001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata: emM8KBeFbT0VP8fgCHdvz6dAg/VD7pMJfAJpkU2RG8q0IWph1CcTjoDfeaSzOUcBNqFbp5E25TzJ7UD+OF5hMhmrtLvRZolTf+Rz3PGETjIyE+HIzGa+rthHx3yo63iVtkU4cmicedxMtdhbrb2l4829DrmEz96u0EYR2ZABOvk6X5mCt/J1ProFHODxLOTXA/9L1RxGbp29OvnBaGaHA1tmunsmHP61ecgir5o1WUl28nfN91JbfYYi6wnvrxTJwFp8W/eJxB9FpfmrKH0xxcKxsObN/bd/BUZlcMCL4m/WKCVKzTadHLkk99cUM3QxMik79kGliXDlLVj8LVbIdVLtq5CRd3j9bxhTTjqYUkp8O66O+A9Z/Mp8jkmb89o4J2ydI2+V+EMq6P5kD40fTjC+K3wnfiDjv5yQQku/NxpZKlRDdrsgjbuMMtRq9EBIC1vcop40NNbOAiuSsEFGTXnHnww3bjwZ14bOdWocV73Hm4WOiiuZ9aMN5/BWPyAjAi2pfl6gero2v5FgMsfX50FAMIYpVxARgm0ZIw4HejHU8dtBMM1VuJnwSws75xJ5AMTVDEDusgFayx41hqZZc7itFCFDpfvCesA89bgjWHL/FvlJCyYU469wWgYq+V/IW1vw1f+Fc9HNPbn5HmA31g==
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_AM0PR08MB3716F68A9DD2AC86EE540710FA3E0AM0PR08MB3716eurp_"
MIME-Version: 1.0
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR08MB4977
Original-Authentication-Results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=arm.com;
X-EOPAttributedMessage: 0
X-MS-Exchange-Transport-CrossTenantHeadersStripped: AM5EUR03FT003.eop-EUR03.prod.protection.outlook.com
X-MS-Office365-Filtering-Correlation-Id-Prvs: e0c2bca0-2201-4bd0-7727-08d85ad6edd4
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: GiWODMhzpLNWCNOGrriNEbJ5GM2cUIikuHRVK3rqAvIpAOfKuJFIgJ2ZdwVjx7CtOPuWMZK3QzM4sQQxLS0kPhwWfW1zE9JVsce2SSSQBdGLyS+MMG40h+yxVys/30c+wD9zmgo0p023LNRpsdM3aN/+xP3rHFjasnIzEil/XaXQqKKFrvddLfgXz9nPuIFlXmiYTQ5X8JMm59PDtyomP6JJBfbBzAK0HpO6Dr9YsFVsiLYnAGOmv/DzVlk3TomZeOmr9ekFsFkmkL7589HPaTbfbfSoJF6lqcZ+5wRVlJBrcLK3S+CVQOUcvSxiR+8vc8ohZv4oHWU2Q+bnC/tPrN6wG6m9jZE6PYOiOWrcH70dnanheFp48riIhEtZRh6taKON238uNQwj4a1d7KrIVQ==
X-Forefront-Antispam-Report: CIP:63.35.35.123; CTRY:IE; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:64aa7808-outbound-1.mta.getcheckrecipient.com; PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com; CAT:NONE; SFS:(4636009)(396003)(136003)(39860400002)(376002)(346002)(46966005)(478600001)(3480700007)(33656002)(70586007)(70206006)(8936002)(316002)(36906005)(52536014)(8676002)(6506007)(356005)(47076004)(81166007)(6916009)(5660300002)(7696005)(15650500001)(83380400001)(82740400003)(26005)(82310400003)(55016002)(9686003)(336012)(86362001)(2906002)(186003); DIR:OUT; SFP:1101;
X-OriginatorOrg: arm.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 17 Sep 2020 06:57:29.0771 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: aaff50c0-4bca-4978-77a8-08d85ad6f154
X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d; Ip=[63.35.35.123]; Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com]
X-MS-Exchange-CrossTenant-AuthSource: AM5EUR03FT003.eop-EUR03.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DBBPR08MB4252
Archived-At: <https://mailarchive.ietf.org/arch/msg/suit/KTe3VNWALiRcxqsbjg8mB1tVKXc>
Subject: [Suit] Common firmware update flaws
X-BeenThere: suit@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Software Updates for Internet of Things <suit.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/suit>, <mailto:suit-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/suit/>
List-Post: <mailto:suit@ietf.org>
List-Help: <mailto:suit-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/suit>, <mailto:suit-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Sep 2020 06:58:02 -0000

Hi all,

In his review, Bob Briscoe suggested to list "common practices that are insecure, and perhaps some common misconceptions about secure firmware update" in the SUIT architecture document.

So far, nobody suggested to include such a list in the architecture document and hence I would like to reach out to the group.

There are different ways to write such a text and the key decisions are:


  1.  Should we include references to published flaws or keep the description abstract?
  2.  Should we include only examples that we later fix with the SUIT manifest? For example, a firmware update can change the nature of a product (e.g. excluding the use of third party printer cartridges).

Question 1: Would you like to have such text to be added?

Question 2: If so, what is your answer to (a) and (b)?

Your feedback is appreciated. Text contributtions are welcome!

Ciao
Hannes

IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.