S. P. Veed, S. M. Daftary, B. Singh, M. Rudra, S. Berhe (University of the Pacific), M. Maynard (Data Independence LLC) F. Khomh (Polytechnique Montreal)

The quality of software update systems is critical for the performance, security, and functionality of IoT devices. Grounded in NIST IR 8259A standards, which emphasize secure updates, device integrity, and minimal disruption, this paper evaluates how these requirements align with user expectations and challenges. By examining the standard’s technical requirements, the study identifies gaps where user feedback can inform improvements in update mechanisms. A survey of 52 participants provides feedback into user behaviors and concerns regarding software updates. Key challenges include performance degradation, dissatisfaction with interface changes, and inconsistent cross-platform experiences. Users prioritize security alongside performance and feature updates but express reservations about system slowdowns and time-intensive update processes. The findings highlight the need for secure, fast, and user-focused update systems that align with NIST standards. Proposed strategies include lightweight updates, context-aware notifications, and rigorous testing protocols to improve system reliability and user compliance.

View More Papers

Onion Franking: Abuse Reports for Mix-Based Private Messaging

Matthew Gregoire (University of North Carolina at Chapel Hill), Margaret Pierce (University of North Carolina at Chapel Hill), Saba Eskandarian (University of North Carolina at Chapel Hill)

Read More

cozy: Comparative Symbolic Execution for Binary Programs

Caleb Helbling, Graham Leach-Krouse, Sam Lasser, Greg Sullivan (Draper)

Read More

Revisiting Physical-World Adversarial Attack on Traffic Sign Recognition: A...

Ningfei Wang (University of California, Irvine), Shaoyuan Xie (University of California, Irvine), Takami Sato (University of California, Irvine), Yunpeng Luo (University of California, Irvine), Kaidi Xu (Drexel University), Qi Alfred Chen (University of California, Irvine)

Read More

Statically Discover Cross-Entry Use-After-Free Vulnerabilities in the Linux Kernel

Hang Zhang (Indiana University Bloomington), Jangha Kim (The Affiliated Institute of ETRI, ROK), Chuhong Yuan (Georgia Institute of Technology), Zhiyun Qian (University of California, Riverside), Taesoo Kim (Georgia Institute of Technology)

Read More