Table of Contents
Fetching ...

Decentralized Firmware Integrity Verification for Cyber-Physical Systems Using Ethereum Blockchain

S M Mostaq Hossain, Amani Altarawneh

TL;DR

The paper tackles firmware integrity in Cyber-Physical Systems and the risk of insider and supply-chain attacks on firmware update mechanisms. It introduces a decentralized approach that stores firmware hashes on the public Ethereum blockchain (Sepolia) and performs runtime verification through a Python client using Web3/Infura, with on-chain $SHA-256$ hashes serving as the reference. Key contributions include a working prototype with on-chain hash storage, end-to-end hashing and verification, deployment on a public testnet, and a performance analysis of gas costs and latency, plus discussion of Layer-2 and IPFS extensions and secure boot integration. The results demonstrate feasibility and practical potential for transparent, tamper-evident CPS firmware verification without relying on centralized authorities.

Abstract

Firmware integrity is a foundational requirement for securing Cyber-Physical Systems (CPS), where malicious or compromised firmware can result in persistent backdoors, unauthorized control, or catastrophic system failures. Traditional verification mechanisms such as secure boot, digital signatures, and centralized hash databases are increasingly inadequate due to risks from insider threats and single points of failure. In this paper, we propose a decentralized firmware integrity verification framework built on the Ethereum blockchain, offering tamperproof, transparent, and trustless validation. Our system stores SHA-256 hashes of firmware binaries within smart contracts deployed on the Ethereum Sepolia testnet, using Web3 and Infura for seamless on-chain interaction. A Python-based client tool computes firmware hashes and communicates with the blockchain to register and verify firmware authenticity in realtime. We implement and evaluate a fully functional prototype using real firmware samples, demonstrating successful contract deployment, hash registration, and integrity verification through live blockchain transactions. Experimental results confirm the reliability and low cost (in gas fees) of our approach, highlighting its practicality and scalability for real-world CPS applications. To enhance scalability and performance, we discuss extensions using Layer-2 rollups and off-chain storage via the InterPlanetary File System (IPFS). We also outline integration pathways with secure boot mechanisms, Trusted Platform Module (TPM)based attestation, and zero-trust architectures. This work contributes a practical and extensible model for blockchain-based firmware verification, significantly strengthening the defense against firmware tampering and supply chain attacks in critical CPS environments.

Decentralized Firmware Integrity Verification for Cyber-Physical Systems Using Ethereum Blockchain

TL;DR

The paper tackles firmware integrity in Cyber-Physical Systems and the risk of insider and supply-chain attacks on firmware update mechanisms. It introduces a decentralized approach that stores firmware hashes on the public Ethereum blockchain (Sepolia) and performs runtime verification through a Python client using Web3/Infura, with on-chain hashes serving as the reference. Key contributions include a working prototype with on-chain hash storage, end-to-end hashing and verification, deployment on a public testnet, and a performance analysis of gas costs and latency, plus discussion of Layer-2 and IPFS extensions and secure boot integration. The results demonstrate feasibility and practical potential for transparent, tamper-evident CPS firmware verification without relying on centralized authorities.

Abstract

Firmware integrity is a foundational requirement for securing Cyber-Physical Systems (CPS), where malicious or compromised firmware can result in persistent backdoors, unauthorized control, or catastrophic system failures. Traditional verification mechanisms such as secure boot, digital signatures, and centralized hash databases are increasingly inadequate due to risks from insider threats and single points of failure. In this paper, we propose a decentralized firmware integrity verification framework built on the Ethereum blockchain, offering tamperproof, transparent, and trustless validation. Our system stores SHA-256 hashes of firmware binaries within smart contracts deployed on the Ethereum Sepolia testnet, using Web3 and Infura for seamless on-chain interaction. A Python-based client tool computes firmware hashes and communicates with the blockchain to register and verify firmware authenticity in realtime. We implement and evaluate a fully functional prototype using real firmware samples, demonstrating successful contract deployment, hash registration, and integrity verification through live blockchain transactions. Experimental results confirm the reliability and low cost (in gas fees) of our approach, highlighting its practicality and scalability for real-world CPS applications. To enhance scalability and performance, we discuss extensions using Layer-2 rollups and off-chain storage via the InterPlanetary File System (IPFS). We also outline integration pathways with secure boot mechanisms, Trusted Platform Module (TPM)based attestation, and zero-trust architectures. This work contributes a practical and extensible model for blockchain-based firmware verification, significantly strengthening the defense against firmware tampering and supply chain attacks in critical CPS environments.
Paper Structure (12 sections, 6 figures, 3 tables, 2 algorithms)

This paper contains 12 sections, 6 figures, 3 tables, 2 algorithms.

Figures (6)

  • Figure 1: System architecture showing firmware hash generation, on-chain registration, and decentralized verification among CPS device, blockchain node, and auditor.
  • Figure 2: System architecture and threat model for decentralized firmware integrity verification. The diagram illustrates interactions among the firmware device, edge verifier, Ethereum smart contract, and supporting components such as Infura and Etherscan. Potential attack vectors include hash spoofing, replay attacks, and unauthorized contract interactions.
  • Figure 3: Connection to Ethereum Sepolia testnet via Infura using the Python script connect_infura.py. The confirmation message verifies a successful Remote Procedure Call connectivity.
  • Figure 4: Firmware hash computed using compute_hash.py. The Python script processes the binary and generates a 64-character SHA-256 digest.
  • Figure 5: Smart contract deployment transaction on Sepolia testnet. The deployment is confirmed with 9 block confirmations and a transaction fee of approximately 0.0044 ETH.
  • ...and 1 more figures