TCG Guidance for Secure Update of Software and Firmware on Embedded Systems


Firmware and software updates for embedded systems are of increasing importance. Attackers constantly target the firmware and software in embedded systems, such as appliances and connected door locks, searching for vulnerabilities to exploit in order to establish a permanent foothold on the device. As a result, designers of embedded systems must be prepared to deliver firmware and software updates that customers must promptly install to ensure that these connected devices remain secure.


With this document, TCG is sharing a set of guidelines and best practices for secure software and firmware updates. By following these guidelines, manufacturers can keep their products secure throughout the lifetime of the products, not just when they are purchased. As a result, manufacturers can avoid bad publicity, recalls and other problems caused by infected machines.