Story image

Is blockchain a solution to IoT security problems?

29 Oct 18

Article by TIBCO global chief technology officer Nelson Petracek

The Internet of Things (IoT) has captured businesses and popular imagination over the last few years.

These smart, sensor-laden devices can autonomously exchange data across the internet without human intervention, creating business opportunities and opening new markets.

However, IoT has significant problems.

 It’s ripe for manipulation by criminal elements, who can harness unsecure IoT devices to create massive DDoS attacks, or simply access the data streaming through the IoT network for illicit gain. Put simply, IoT presents a challenge from a security perspective, and without standards, the situation is going to get worse.

In fact, Gartner predicts that by 2020, addressing compromises in IoT security will have increased security costs to 20% of annual security budgets, up from less than one percent in 2015.

Despite the costs, there’s no doubt that business is doubling down on IoT.

Analysts report that there will be more than 55 billion IoT devices by 2025, up from about 9 billion in 2017.

The same report finds that there will be nearly $US15 trillion in aggregate IoT investment between 2017 and 2025, and it also reports that companies’ plans to invest in IoT are accelerating.

Another technology that has recently captured our collective imagination is blockchain, which was built to underpin and authenticate cryptocurrency transactions.

Australia’s CSIRO summarises blockchain as a ‘cryptographically secured, immutable distributed ledger technology.’

Put another way, blockchain is a system of tracking almost anything, from transactions to digital identity to the provenance of goods, in a way that can’t be faked or forged.

Could using blockchain to trace and authenticate IoT data, regardless of what that data is be the answer to the problems plaguing the Internet of Things?

Blockchain broke into the business world with the rise of Bitcoin, but its uses have grown exponentially since then.

Despite this, Gartner’s hype cycle finds that blockchain has moved into the third stage of its lifecycle – the trough of disillusionment.

From here, only the most promising of blockchain technology applications will survive.

Using blockchain to determine provenance

One company that is exploring the use of blockchain with IoT is Sydney-based and China-backed startup Ultimo Digital Technologies (UDT).

The company is headed up by John Baird, a former CSIRO experimental scientist and the chair of the cybersecurity advisory council advising the New South Wales government.

UDT is experimenting with blockchain and IoT to track the integrity of goods such as baby formula and wine, both of which are easily forged and then sold to unsuspecting consumers.

China, in particular, has had massive difficulties with fake baby formula, with one instance of forged formula resulting in deaths and extended illnesses among the babies fed the illegitimate foodstuff. Wine forgery also remains a problem in growth markets like China.

The UDT trials involve using microchip embedded labels, the details of which are stored in the blockchain.

This enables the goods to be tracked from the moment they are produced, through the supply chain and to the point of sale and the final consumer purchase.

By storing the data in a blockchain, the details can’t be forged, ensuring the integrity of the end product.

So where can blockchain and the Internet of Things work together?

It’s worth considering the threats faced by IoT, including unauthorised physical access to the device, as well as software attacks, such as viruses and worms, in addition to the denial of service attacks taking down IoT networks, and the potential for man in the middle attacks, where passwords are guessed using brute force methods.

Blockchain could mitigate these threats by providing a framework for more automated security and attack prevention.

These advances using blockchain include creating a distributed system of record for sharing data across a network of key stakeholders, as well as embedding business terms for automating interactions between nodes in the system.

It also could enable consensus and agreement models for detecting bad actors and mitigating threats.

Using these techniques, a blockchain-enabled IoT deployment could improve security by allowing them to register and verify themselves against the network.

More importantly, because there is no central system to attack with blockchain, threats like denial of service attacks would be deterred by the nature of the system.

Blockchain would enable real-world business benefits, such as allowing data tracking and the creation of an immutable history of why certain decisions were made by an IoT device.

It would also permit secure software updates, as well as payments and micropayments for the completion of an IoT service or product delivery.

One last hurdle

Despite these business benefits, blockchain and IoT are still unlikely bedfellows.

That’s because the current performance and scalability of IoT are incompatible with blockchain functions.

Basically, what’s needed is a new type of blockchain that can support those predicted 55 billion devices.

And that hasn’t happened yet, however, chances are that it will, and soon.

Blockchain represents the best potential answer for solving the problems that ail IoT.

It won’t solve every problem, but there’s a good chance that blockchain will improve IoT and make it fit for purpose – that’s because, like it or not, we’re in the age of IoT now, and it’s only going to grow from here.

HPE extends cloud-based AI tool InfoSight to servers
HPE asserts it is a big deal as the system can drive down operating costs, plug disruptive performance gaps, and free up time to allow IT staff to innovate.
Digital Realty opens new AU data centre – and announces another one
On the day that Digital Realty cut the ribbon for its new Sydney data centre, it revealed that it will soon begin developing another one.
'Public cloud is not a panacea' - 91% of IT leaders want hybrid
Nutanix research suggests cloud interoperability and app mobility outrank cost and security for primary hybrid cloud benefits.
Altaro introduces WAN-optimised replication for VMs
"WAN-optimised replication allows businesses to continue working in the case of damage to on-premise servers."
DDN part of data mining mission on Mars
DataDirect Networks (DDN) today announced that it will be playing a role in one of NASA’s most critical missions.
Opinion: Data centre management can learn from the Navy
While a nuclear submarine may seem like a completely different beast from a data centre, the similarities in how they should be managed are striking and many.
14 milestones Workday has achieved in 2018
We look into the key achievements of business software vendor Workday this year
HPE building new supercomputer with €38m price tag
It will be installed at the High Performance Computing Center of the University of Stuttgart and will be the world's fastest for industrial production.