IP3 2025 – Firmware Authentication (Lot 15696)

This lot is generally related to a technique for firmware signatures to verify the authenticity and integrity of firmware to ensure it has not been tampered with or corrupted. Disclosed is a technique for receiving a signature-unaware firmware code that is not digitally signed at an industrial device and verifying that the code is received from a proxy module located remotely from the industrial device using a boot code. Also disclosed is that the proxy module has verified the validity of the signature-unaware firmware code based on a certificate generated for the signature unaware firmware code. Further disclosed is that the system installs the signature- unaware firmware code on the industrial device based on the verification. The technology may be implemented in IoT devices, software update systems, embedded systems, smart home devices, etc.