Blockchain is increasingly being seen as an ideal solution to protect Internet of Things (IoT) traffic. Here, Antony Savvas outlines why.
With cyber threats increasing and the threat landscape widening with the advent of the cloud and increasing IoT deployments, blockchain solutions should now be considered to protect both data travelling between IoT endpoints and the locations used to store that data.
Provenance
The underlying concept of blockchain – as demonstrated in the financial industry with cryptocurrencies – ensures any transaction between two parties is valid, with the provenance of transactions able to be checked in a distributed digital ledger. With IoT data flows blockchain can be used to ensure only valid and trusted devices are interacting on a network, instead of rogue intruder ones.
The history of data flows can be used to spot anomalies in data patterns between devices using machine learning (ML) and artificial intelligence (AI) techniques, which are already being used in other network security tools.
The distributed nature of blockchain also removes single points of failure, as organisations no longer have to rely on often complicated and unreliable monolithic security gateway systems for their data. And although the “blocks” are publicly visible their contents are available only to organisations with the correct encryption key.
In addition, you can only add blockchain transactions, not remove or alter them, making blockchain attractive for IoT operations.
Industrial
IoT industrial devices require secure communications for updating their firmware and for the storage, retrieval and transmission of sensitive data. Blockchain can enable this and stop third-party code and third-party control or misdirection of content being added to IoT devices.
An example of this could be an IoT device accessing critical data in petrochemical industrial processes from a blockchain, and executing functionality using verified firmware and verified data stored on that blockchain.
Blockchain, therefore, enables the widespread, safe and cost-effective deployment of IoT process controllers across a multitude of industrial environments.
Making alliances
The security opportunities offered by blockchain is why leading blockchain actors like Cisco, Gemalto and Bosch have launched the Trusted IoT Alliance, which aims to bring companies together to develop an IoT open source blockchain protocol to support all industries.
“Blockchain can be used to provide a solid foundation for data and device integrity in complex multi-stakeholder environments,” says Anoop Nannra, Trusted IoT Alliance board member and head of Cisco’s blockchain initiative.
The Alliance wants to create a “birth certificate” for all things on IoT networks – anything from cars and shipping containers to drones, energy meters and CCTV cameras – that can be logged and managed across decentralised blockchain systems. Details about the things and their event logs can then be checked to meet security requirements.
Although blockchain doesn’t solve every security problem for IoT devices, such as the hijacking of IoT devices for use in DDoS botnets, it can certainly be used to help protect data from attackers if major players in different industries can settle on blockchain IoT standards and procedures.
The author is freelance technology writer, Antony Savvas.