How might blockchain-enabled IoT work in practice?
Databases

How might blockchain-enabled IoT work in practice?

This is a contributed piece by Pascal Geenens, EMEA security evangelist at Radware

 

Blockchain is expected to be instrumental in digital transformation in the coming years, especially in the field of IoT. But there are technical hurdles to overcome largely because most IoT devices lack the adequate computing power to participate in blockchains directly. That said, as with most IoT initiatives, a small thing like power isn’t going to stop the world from trying. 

You just have to look at the importance of cryptocurrencies, which rely on blockchain to operate, to see the potential. Cryptocurrencies, which allow people to move money in the same way they move information on the internet, are being traded in huge sums. There are currently more than 900 different cryptocurrencies being traded and the most popular, the Bitcoin (BTC), has a market cap of over $40 billion with daily volumes averaging $1 billion and peaking at around $2 billion. 

Besides providing real opportunities for cyber criminals and clever, high risk, traders, our interest in cryptocurrencies has proven that blockchain is a viable technology to exponentially grow the IoT ecosystem. At the moment though, technologists are grappling with exactly how it will do this. 

The future of IoT is decentralised

To understand the need for technologies like blockchain for IoT, we need to understand the problem IoT will be facing in the future. Most of today’s IoT ecosystems are built around a centralised, brokered communication model.  All the IoT devices in the system are known and authenticated by and communicate through a centralised, large cloud which provides huge amounts of processing power and storage.

At its basic level, any two IoT devices exchanging information are brokered through the central system, even if they are a couple of feet away. They rely on a private network and internet cloud servers to exchange even the smallest bit of information. While the cloud provides immense potential for compute and storage, and will continue to persist as a design pattern for small scale IoT deployments, this central model will not be able to cope with the huge ecosystems we expect to see in the near future. Even if centralised cloud servers could accommodate the scale in an economical fashion, they are still the single point of failure for the whole ecosystem. 

For an ecosystem of devices to scale to millions or even billions, a decentralised approach is preferred in which each device represents an autonomous system. All communication and information exchange between devices, servers and services of the ecosystem should be based on distributed protocols. This is where blockchain can help. In fact, IBM in partnership with Samsung has published a proof of concept whitepaper for a system, known as ADEPT, that uses elements of blockchain to create distributed networks of autonomous devices to form a decentralised IoT ecosystem. 

It notes that any protocols used by the autonomous systems should be secured, authenticated and distributed, and that each node in the ecosystem should be able to perform, in a distributed fashion, three things: messaging, file sharing and coordination. It’s obvious IoT devices need to be able to message its ecosystem to alert it to a change in the environment, and do so in a distributed, secure and authenticated way.  But current IoT messaging systems such as MQTT use a central broker design and while they can be secured and authenticated, they can’t scale to support millions or billions of devices without complex hierarchical designs. 

 

Transaction history

So we are starting to see the development of new peer to peer messaging systems which provide encrypted messaging, low latency, and guaranteed delivery, store and forwarding of messages whereby the message can ‘hop-on’ to other devices. Known as Distributed Hash Tables, these allow devices to create their own hashtag and find other devices in its network. We’re likely to hear more about Telehash to name just one approach, which is an emerging open source version of this messaging technique. 

Of course, there are times when files need to be shared – like software updates or configuration settings. BitTorrent is well known as a robust peer-to-peer file sharing protocol. But it’s still not enough. When there is a need for an actual transaction, like a payment, Blockchain will be the technology of choice, as it provides a decentralised ledger where autonomous ‘things’ in the network can follow rules and verify the validity of transactions without relying on a central authority or human. 

What’s more, every device in the system keeps a complete history of all the transactions performed in the whole ecosystem and as it’s tamper proof it’s fundamentally secure which is essential if you are building complex networks where life or death is at stake – there is no risk of a ‘man in the middle’ cyberattack. 

Combine all this together and IoT becomes smart, self-supporting and self-sustaining. Blockchain allows devices to make the right decisions at the right time and log the history, ideal for situations where there must be a ledger of transactions for regulatory compliance. It will even go as far as to fix the ecosystem if something breaks based on the protocols its programmed to follow. However, we can’t get carried away yet. IoT ecosystems aren’t always closed, sometimes they need to talk to another ecosystem or network. This inherently brings risk as you create a bridge from one system to another. The minute an API or a web application in the cloud is introduced to create this bridge so you create a target for a hacker. 

 

Blind spots

Consider the recent DDoS attacks on the Bitfinex and BTC-e Bitcoin exchanges, and theft of cryptocurrency in the case of Classic Ether Wallet. It wasn’t the blockchain nodes that were targets it was the web services they relied on. Plus you can’t always rely on the inherent security of the blockchain technology. If it’s not implemented correctly you introduce weakness, as happened when a hacker exploited a blind spot in some code on the Etherum Investment Fund platform, draining it of around $53m worth of digital currency in a few hours. 

What’s curious about all of this is that many of the technologies being developed using blockchain are similar to the botnets hackers have used to cause havoc – even the IBM and Samsung pilot is strikingly close. So while we strive to create secure smart IoT ecosystems we have to build in security. Blockchain is going to be a large part of the puzzle in the future, but it is only ever going to be as good as the humans who design it – inadvertently put in a flaw and you destroy utopia.

PREVIOUS ARTICLE

«Will the CISO surpass the CIO?

NEXT ARTICLE

News Roundup: Are we about to start mining the ocean for raw smartphone materials?»
author_image
IDG Connect

IDG Connect tackles the tech stories that matter to you

Our Case Studies

IDG Connect delivers full creative solutions to meet all your demand generatlon needs. These cover the full scope of options, from customized content and lead delivery through to fully integrated campaigns.

images

Our Marketing Research

Our in-house analyst and editorial team create a range of insights for the global marketing community. These look at IT buying preferences, the latest soclal media trends and other zeitgeist topics.

images

Poll

Should the government regulate Artificial Intelligence?