Blockchain Based Cybersecurity For IoT By Arunmani Subramanian, VP - Emerging Technologies, YASH Technologies

Blockchain Based Cybersecurity For IoT

Arunmani Subramanian, VP - Emerging Technologies, YASH Technologies | Monday, 14 February 2022, 12:25 IST

  •  No Image

IoT is persuasive and exciting owing to the innumerable innovation possibilities which can open doors to incredible benefits for humankind in the coming decades. Connected devices can generate and transmit critical data for business benefits, leading to efficiency improvement and quality decision making, yielding significant direct & indirect capital gains. IDC predicts that these devices are would grow to 41 billion, capable of generating 80 ZB of data by the mid of the next decade.

IoT usage stands as a testimony to heterogeneity. IoT is leveraged across healthcare, agriculture, energy, retail, aviation, manufacturing, logistics, and home automation to a large scale smart city program. The application of IoT varies by domain. In the manufacturing vertical, IoT is leveraged for industrial automation, safety, security, optimizing the supply chain, better asset, and resource management. While in logistics, it can be leveraged for fleet management, predicting fleet maintenance, and improving safety measures through vehicle telematics. In a smart city program, IoT can be leveraged for optimizing logistics, public safety, and surveillance.

"Blockchain, as a trustless decentralized and immutable system, mandates every participating node to be identified by critical pairs or certificates and every communication encrypted by unique keys"

IoT technical implementations are often a cumulative effort of independent hardware vendors to device manufacturers, connectivity providers, solution providers, consultants or system integrators, and solution operator's post deployment. The devices itself can be a specialized microcontroller or sophisticated hardware, connecting to the edge device through different network protocols ranging to 3G to 5G, LoPWAN, CoAP, and others. The edge itself can diversify from being a mere gateway to a sophisticated appliance, providing significant real time functionality before typically leading to centralized data centers are cloud based storage.

The variety, volume in business demand, cost of implementation, and other factors lead to fragmentation and non-standardized technical implementation, exposing a large matrix of surface threats for the hackers to exploit. The common vulnerabilities exploited include insecure leaf devices, a subpar configuration in communication channels or the inadequate communication channels, poorly secured application layers, leading access to central servers and poor operations with a lack of monitoring/upgrades post implementation. Potential exploitation in IoT can lead to loss of customer data, IP loss, direct financial loss resulting in operational risk, legal issues accompanied by penalties, and reputation loss.

IoT implementation needs to transform from a centralized system to a decentralized system to handle large scale and secure implementations. In the decentralized system, there is no single, trusted entity participating. Each communication made by any participating entity must be secured, authenticated verified, and validated before the proposal is accepted as the participation is in a trust less environment. `Blockchain' can be a promising solution in such trustless, decentralized, cryptographically secured applications.

Blockchain, as a trustless decentralized and immutable system, mandates every participating node to be identified by critical pairs or certificates and every communication encrypted by unique keys. The message is validated and verified for origin through certs and business rules through smart contracts before being stored in an immutable cryptographically secure storage. It creates a secured environment where every node is aware of the other participating node, messages secured with non repudiation guaranteed, promoting privacy. Blockchain features of immutable and decentralized data storage support essential aspects of cybersecurity design principles like audibility and fault tolerance.

Implementation of blockchain principles on IoT applications can create robust systems. IoT leaf devices can be designed as clients in a blockchain network. Once the device is a part of the blockchain, it inherently follows the decentralized, trustless execution in the form of secure communication, verification, validation, and immutable storage, leading to data protection in rest and motion. In a blockchain world, threats typically exploit vulnerabilities at the clients than at the core of the cryptographically secure blockchain. In a blockchain-based IoT implementation, a leaf device's vulnerability can be mitigated by enforcing manufacturers to produce devices that imbibe secure design principles. A few instances of such design principles including, the secure root of trust, secure storage of keys, upgradeable firmware, health monitoring, and reporting, and physical tamper resistance along with multi line of defense. The proposed approach of blockchain secured IoT implementations needs to be analyzed for limitations in technologies for specific use cases in consideration.

CIO Viewpoint

Marketing Tech - A CIO Perspective

By Satish Panchapakesan, Senior Vice President & CIO, Arvind Fashions

Blockchain Based Cybersecurity For IoT

By Arunmani Subramanian, VP - Emerging Technologies, YASH Technologies

Data Science & Machine Learning In Fintech

By Jainendra Kumar, Head - Global Delivery Center-India & Senior Director Product Development Software, Diebold NixDorf

CXO Insights

Cyber Security - A Perspective

By Manu Sharma, Director - Information Technology And Corporate Security, OnMobile Global Limited

How Low-Code Is Transforming The Future Of Work...

By Deepak Pargaonkar, VP - Solution Engineering, Salesforce

Incorporating Blockchain Capabilities into...

By Tamal Chowdhury, SVP, Artificial Intelligence, Course5i

Facebook