Firmware for Smart City IoT updated via Blockchain


Smart city operates myriads of devices, which control each aspect of the City IoT infrastructure. These devices are spread all over the city in thousands of locations. Some of them collect, process, and report data up to the city management system, some act using instructions provided to them from the central location. A leader in Smart-cities technology needed a trusted way to monitor the state of IoT devices. They required a secure method to deploy firmware and configuration updates to devices, Over The Air (OTA)

The challenge

The heavily distributed network of devices across any major city, imposes some challenges to orchestrate the activity:

  • Keeping software up to date
  • Keeping configuration up to date
  • Device Event propagation to CMS
  • High Availability
  • Trustable history of operations and events

The suggested Solution

  • Create a Blockchain device management system, using Hyperledger fabric, to provide immutable content over a secure channel
  • Implement an event notifications system to alert devices when new updated become available
  • Design an access control and device management system device identities
  • Solution supports postpones upgrades, operational log and events checking

IOT – “Things update”

One of the challenging requirements of an IoT platform is the Over-the-Air (OTA) update of the Things, operation which needs resources and might be slow, as it requires the verification of the image integrity as well as the download process. The update operations, need to be automatic and secure. Authentication allows the system to identify the originator and recipient of the request, and verify and trace the sequence of operations, overall providing a better control and a higher level of security for the system.

In a non-blockchain IoT platform, updated operations occur over-the-air (OTA) under centralized control of a CMS (Central Management System): the update operation is sent to a Gateway, which manages the Things updates through a secure channel only.

The original approach can be affected with malicious actions such as:

  • Unauthorized device reconfiguration
  • Upgrade of IoT device to modified firmware

System events logging

While the operating system produces critical data events, such as device updates, alarms, warnings and etc. This data should not be altered or lost. We need to be sure that is was issued by a specific device or user for administrative purposes.

In the original implementation of IoT platforms, all events are stored inside centralized CMS: the event from device is sent to a Gateway, which should retransmit it to CMS.

Again, the original approach can be affected with malicious actions such as:

  • Log record modification or deletion
  • Unauthenticated record creation

In this solution, Blockchain is used to store data and perform access control:

  • User registry – stores information about users of system.
  • Device registry – stores information about IoT device of system (IOTRegistry compatible format).
  • Firmware storage – stores information about device firmware, update history, metadata and etc.
  • Events storage – stores information about events emitted by devices

The solution – Simplified Message Flow using Blockchain technology

In general, the CMS and devices exchange certain requests and events. These communications happen using MQTT as Message Queue service and Hyperledger Fabric as blockchain service. Communications between CMS and devices outlined below, in this section


The image above shows a sequence diagram for the message flow from Thing to CMS: the end device (Thing) generate an event/alert and sent it to the GW through the 6LowPAN wireless mesh network. The GW uses the IoT protocol API to create the event the blockchain by executing the corresponding smart contract. Eventually the event is notified to CMS if it has subscribed to those events/alerts.


The above image shows the message for the message flow in the reverse direction: from CMS to Thing:

CMS calls the Blockchain IoT API to submit FW update or Configuration change requests. The API functions generate messages to the blockchain node, which maps them into the corresponding smart contract and create the blockchain transaction. On the other end point, the GWs get notified about the new requests, it gets the FW and configuration changes and forward trusted requests to the Thing (end device node)

Using the blockchain based solution, increases the security in the data transfers between CMS and GW and provides more reliable and auditable data storage, utilizing blockchain based approaches for components interaction.

Customer can reliably trace each device update and initiator, query device status history and events, because each action is backed by cryptography.

Further extensions of this solution could look into:

  • Development of tokenization approaches of IoT devices, utilizing blockchain.
  • Deeper integration of blockchain based IoT device management in client`s solutions
Benefits & Outcomes
  • Data integrity and immutability
  • Strong data authenticity
  • Reliable and decentralized configurations and events delivery
  • Trusted communication channel within untrusted environment
Further Info

Another example is a real production solution launched for a client, where the firmware updates of the “things” in the smart city run through our blockchain solution. This provides an instant, shared record of what was updated, when it was updated and with what solution. All the participants in the smart city network then know that these IoT devices are all updated and with which version of the update. The next stage is to develop the network further and start to develop the new chips.


Research Project – Researched by Antony July 2023

© Antony Welfare 2024