Bird
Raised Fist0
IOT Protocolsdevops~10 mins

Secure boot and firmware updates (OTA) in IOT Protocols - Interactive Code Practice

Choose your learning style10 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime

Start learning this pattern below

Jump into concepts and practice - no test required

or
Recommended
Test this pattern10 questions across easy, medium, and hard to know if this pattern is strong
Practice - 5 Tasks
Answer the questions below
1fill in blank
easy

Complete the code to verify the firmware signature before booting.

IOT Protocols
if verify_signature(firmware, [1]):
    boot(firmware)
Drag options to blanks, or click blank then click option'
Apublic_key
Bprivate_key
Cfirmware_hash
Dencryption_key
Attempts:
3 left
💡 Hint
Common Mistakes
Using the private key to verify the signature instead of the public key.
2fill in blank
medium

Complete the code to start the OTA update process securely.

IOT Protocols
ota_update.start_secure_update([1])
Drag options to blanks, or click blank then click option'
Aupdate_url
Bunencrypted_firmware
Cfirmware_version
Dsigned_firmware
Attempts:
3 left
💡 Hint
Common Mistakes
Starting update with unencrypted or unsigned firmware.
3fill in blank
hard

Fix the error in the code that checks firmware integrity using a hash.

IOT Protocols
if firmware_hash == [1](firmware).hexdigest():
    accept_update()
Drag options to blanks, or click blank then click option'
Asign
Bdecrypt
Chashlib.sha256
Dencrypt
Attempts:
3 left
💡 Hint
Common Mistakes
Using encrypt or decrypt functions instead of hashing.
4fill in blank
hard

Fill both blanks to create a dictionary comprehension that maps firmware versions to their hashes for verification.

IOT Protocols
version_hashes = {version: [1] for version in firmware_versions if version [2] '1.0.0'}
Drag options to blanks, or click blank then click option'
Aget_hash(version)
B>
C==
D<
Attempts:
3 left
💡 Hint
Common Mistakes
Using equality instead of greater than for filtering versions.
5fill in blank
hard

Fill all three blanks to create a secure OTA update check that verifies signature, version, and hash.

IOT Protocols
if verify_signature(firmware, [1]) and firmware_version [2] current_version and firmware_hash [3] expected_hash:
    apply_update(firmware)
Drag options to blanks, or click blank then click option'
Apublic_key
B>
C==
Dprivate_key
Attempts:
3 left
💡 Hint
Common Mistakes
Using private key for verification, wrong comparison operators, or incorrect hash check.

Practice

(1/5)
1. What is the main purpose of secure boot in IoT devices?
easy
A. To ensure only trusted software runs on the device
B. To speed up the device startup time
C. To allow any software to run without restrictions
D. To backup device data automatically

Solution

  1. Step 1: Understand secure boot concept

    Secure boot checks the software's authenticity before running it on the device.

  2. Step 2: Identify the main goal

    The goal is to prevent untrusted or malicious software from running.

  3. Final Answer:

    To ensure only trusted software runs on the device -> Option A

  4. Quick Check:

    Secure boot = trusted software only [OK]
Hint: Secure boot means only trusted software runs [OK]
Common Mistakes:
  • Thinking secure boot speeds startup
  • Believing secure boot allows any software
  • Confusing secure boot with data backup
2. Which of the following is the correct command to verify a firmware update signature using openssl?
easy
A. openssl verify -CAfile ca.pem firmware.sig
B. openssl sign -verify firmware.bin
C. openssl dgst -verify ca.pem -signature firmware.sig firmware.bin
D. openssl check firmware.sig firmware.bin

Solution

  1. Step 1: Recall openssl dgst verify syntax

    The correct syntax to verify a signature is: openssl dgst -verify [pubkey/cert] -signature [signature] [file].

  2. Step 2: Match the command with syntax

    openssl dgst -verify ca.pem -signature firmware.sig firmware.bin matches this syntax exactly for verifying firmware signature.

  3. Final Answer:

    openssl dgst -verify ca.pem -signature firmware.sig firmware.bin -> Option C

  4. Quick Check:

    Verify signature = openssl dgst -verify [key] -signature [sig] [file] [OK]
Hint: Verify signature uses 'dgst -verify' and '-signature' flags [OK]
Common Mistakes:
  • Using 'openssl sign' instead of 'dgst'
  • Missing '-verify' or '-signature' flags
  • Using wrong command like 'openssl check'
3. Given this pseudo-code for OTA update verification:
if verify_signature(firmware, signature, public_key):
    install_firmware(firmware)
else:
    reject_update()

What happens if the signature does not match?
medium
A. Update is rejected and not installed
B. Signature is ignored and update proceeds
C. Device reboots automatically
D. Firmware is installed anyway

Solution

  1. Step 1: Analyze the conditional logic

    If verify_signature returns false, the else branch runs.

  2. Step 2: Understand else branch action

    The else branch calls reject_update(), meaning the update is not installed.

  3. Final Answer:

    Update is rejected and not installed -> Option A

  4. Quick Check:

    Signature mismatch = reject update [OK]
Hint: If signature fails, update is rejected [OK]
Common Mistakes:
  • Assuming firmware installs despite bad signature
  • Thinking device reboots automatically
  • Ignoring signature verification result
4. You wrote this OTA update script snippet:
if verify_signature(firmware, signature, public_key):
    install_firmware(firmware)
else:
    install_firmware(firmware)

What is the main problem here?
medium
A. Firmware is never installed
B. Signature verification function is missing
C. Public key is not used in verification
D. Firmware is installed even if signature verification fails

Solution

  1. Step 1: Review the else branch code

    Both if and else branches call install_firmware(firmware).

  2. Step 2: Understand security impact

    This means firmware installs regardless of signature check, breaking security.

  3. Final Answer:

    Firmware is installed even if signature verification fails -> Option D

  4. Quick Check:

    Else installs firmware = security risk [OK]
Hint: Else should reject update, not install firmware [OK]
Common Mistakes:
  • Ignoring else branch code
  • Assuming verification function is missing
  • Confusing public key usage
5. You want to implement a secure OTA update system that:
- Verifies firmware signature
- Supports rollback if update fails
- Uses secure boot to prevent unauthorized code

Which sequence of steps best achieves this?
hard
A. Enable secure boot -> Install firmware -> Verify signature -> Rollback if failure
B. Enable secure boot -> Verify signature -> Install firmware -> Rollback if failure
C. Verify signature -> Install firmware -> Enable secure boot -> Rollback if failure
D. Install firmware -> Verify signature -> Enable secure boot -> Rollback if failure

Solution

  1. Step 1: Enable secure boot first

    Secure boot must be active to prevent unauthorized code from running at startup.

  2. Step 2: Verify firmware signature before installing

    Check the update is trusted before installation to avoid bad firmware.

  3. Step 3: Install firmware and support rollback

    Install only if verified, and rollback if update fails to keep device safe.

  4. Final Answer:

    Enable secure boot -> Verify signature -> Install firmware -> Rollback if failure -> Option B

  5. Quick Check:

    Secure boot first, verify, install, rollback [OK]
Hint: Enable secure boot first, then verify before install [OK]
Common Mistakes:
  • Installing firmware before verifying signature
  • Enabling secure boot after installation
  • Skipping rollback support