The Update Framework (TUF) is a tool that helps programmers make sure that software update systems are secure. Even in the event that the repository or signing keys are compromised, it provides defence against attacks. Developers can include TUF’s flexible framework and specification into any software updating system.
The Linux Foundation, which incorporates TUF as a part of the Cloud Native Computing Foundation (CNCF), is in charge of TUF. TUF is a graduated project, now used in production scenarios by many open-source and technology organisations. Additionally, the car sector makes heavy use of a TUF variant known as Uptane to secure over-the-air upgrades.
Why use TUF?
There are thousands of different software update systems in use right now. It’s important to remember that even a typical Windows user’s PC probably has twenty or more various software updaters on it. Despite their differences, these systems have one thing in common: they both seek for and download updates that bring new features or fix security flaws.
Software is a living thing; some repositories get updates on project or software metadata every few minutes. The necessity for reliable protection for the systems in charge of managing updates has grown as their volume keeps increasing.
While numerous tactics have been used over the past ten years to improve the validity of update files and strengthen the security of update systems, many of them have shown to be weak points in the event of an attack.
TUF was established about ten years ago as a way to protect systems from key compromises and other threats that could corrupt a repository or spread malware. The following are the main goals that guided its design:
- Creating a framework including libraries, file types, and tools that can be used to protect both brand-new and existent software update systems.
- Providing tools to reduce the effects of key compromises.
- Making sure there is flexibility to meet the various demands of different software update systems.
- Facilitating easy integration with existing software update systems.
Software Updates
An application that runs on a client system and is in charge of locating, acquiring, and installing software updates is referred to as a software update system. Software update systems fall into three main categories:
- Application updaters. Built-in components that give an application the ability to update itself on its own. For instance, Firefox updates itself using an application updater.
- Package managers. For installing additional libraries or dependencies, available for several programming languages. Examples include Ruby’s RubyGems, Python’s pip/easy_install combined with PyPI, Perl’s CPAN, and PHP’s Composer.
- System package managers. Used by operating systems to control software updates and installations on client computers. APT from Debian, YUM from Red Hat, and YaST from openSUSE are a few examples.
The majority of software update systems generally follow a similar update procedure, which can be summed up as follows, even though the specific techniques may vary.
- Update detection: The system is made to be aware when updates are available. This can entail routine inspections or alerts from a central server or repository.
- Download of updates: When an update is found, the system starts downloading the required files for the update. Obtaining files from a distant server or repository may be necessary.
- Update Installation: The system makes the changes brought about by the update after downloading the update files. This often entails replacing or changing current configurations or files to comply with the update’s requirements.
How does TUF secures the updates?
By including verifiable information about the status of a repository or application, TUF enhances the security of software upgrades. This is accomplished by providing metadata that contains key trust information, file cryptographic hashes, metadata signatures, metadata version numbers, and metadata expiration dates. The purpose of this metadata is to act as a record that can be checked to determine the validity of update files.
The beauty of TUF is that it may protect your software update system from the difficulties of handling this additional metadata or understanding the underlying procedures. TUF is in charge of locating updates, downloading them, and comparing them to the repository metadata that was also downloaded. TUF securely sends the downloaded update files to your software update system for installation if they pass the verification process.