SecuCode: Intrinsic PUF Entangled Secure Wireless Code Dissemination for Computational RFID Devices

The simplicity of deployment and perpetual operation of energy harvesting devices provides a compelling proposition for anew class of edge devices for the Internet of Things. In particular, Computational Radio Frequency Identification (CRFID) devices arean emerging class of battery free, computational, sensing enhanced devices that harvest all of their energy for operation. Despitewireless connectivity and powering, secure wireless firmware updates remains an open challenge for CRFID devices due to:intermittent powering, limited computational capabilities, and the absence of a supervisory operating system. We present,for the firsttime, asecurewireless code dissemination (SecuCode) mechanism for CRFIDs by entangling adevice intrinsic hardware securityprimitive—Static Random Access Memory Physical Unclonable Function (SRAM PUF)—to a firmware update protocol. The design ofSecuCode: i) overcomes the resource-constrained and intermittently powered nature of the CRFID devices; ii) is fully compatible withexisting communication protocols employed by CRFID devices—in particular, ISO-18000-6C protocol; and ii) is built upon a standardand industry compliant firmware compilation and update method realized by extending a recent framework for firmware updatesprovided by Texas Instruments. We build an end-to-end SecuCode implementation and conduct extensive experiments to demonstratestandards compliance, evaluate performance and security.