Rethinking IoT Security With Blockchain: A Challenging Path Forward

What's the best way to secure IoT devices? When embedded directly, Blockchain's distributed trust architecture could enable secure end-to-end data transfer for use in asset tracking, connected medical devices and more. However, there are challenges along that path, stemming from edge compute requirements and the difficulties of implementing blockchains well in general.

1422
Image of a blockchain network with bitcoins floating around
Illustration: © IoT For All

Connected devices are everywhere—in your home, in your car and sometimes even in your body. However, as the number of IoT devices grows, the opportunities for security breaches grow as well.

Without a built-in method of data authentication, connected devices are susceptible to risks such as hijacking, man-in-the-middle attacks, spoofing or data breaches.

Security Is Mission-Critical for IoT

Take the following recent nightmarish vulnerability, for example. In March 2019, the FDA issued a warning that Medtronic’s implanted cardiac devices are susceptible to cybersecurity attacks because they don’t employ on-device encryption, authentication or authorization security techniques.

In mission-critical instances like this, IoT security shortcomings can result in life-threatening vulnerabilities. More generally speaking, security concerns have stalled consumers, OEMs and manufacturers alike from adopting IoT devices, slowing the growth and opportunity for connected devices.

Blockchain as a Security Framework

Blockchain is a viable option to protect against these attacks and heighten end-to-end security. By leveraging cryptographic techniques like hashing and consensus algorithms, blockchain legitimizes data that’s being collected and transferred between devices to ensure it’s safe from corruption. This verification process is an important development as worldwide IoT security spending is expected to climb to $3.1 billion by 2021.

Additionally, blockchain distributes trust across multiple devices and makes it easier for devices to talk to each other. At its core, this distributed architecture relies on a tamper-proof ledger that stores devices’ provenance of transactions. This record can unlock a wealth of information, including data’s origin and ownership, when it’s securely accessed.

In cases where it’s applied to asset tracking, blockchain’s ledger can improve supply chain visibility by recording products’ location from the point of manufacturing to the point of use. Walmart, for example, revamped its food safety strategy by partnering with IBM to develop a blockchain solution that tracks and locates products in the event of contamination or recall.

However, this ledger is traditionally stored and computed by thousands of computers around the world. Implementing this technology on a low-power IoT device opens the door to a new set of challenges.

Running Blockchain at the Edge

IoT networks can have millions of devices generating thousands of transactions each and every second, so running blockchain on end-devices requires enough computational power and storage space to process these transactions with minimal latency. Configuring this amount of computing ability into a cost-effective, space- and resource-constrained IoT device is a hurdle because of the high levels of power and space required to compute and store the vast distributed ledger.

To address these challenges, companies like Skynet and Filament have begun to develop specialized chips optimized to run blockchain on battery operated IoT devices.

These chips are among the key components needed to construct a hardware architecture for IoT devices with embedded blockchain technology. Other elements include cryptographic accelerators and secure processors, which run cryptography and provide tamper-proof storage. Overall, the hardware architecture for IoT devices with blockchain is similar to existing blockchain hardware wallets.

Before developers leverage blockchain for IoT applications, they should consider the trade-off between scale and security. Although blockchain cryptography offers valuable security benefits, it has costly space and computation requirements that make it an improbable option for inexpensive or low-power applications. Developers should also select a hardware architecture that conserves space by balancing cost with the features required by that particular application.

Distributed Trust Architectures

When these trade-offs are properly assessed, blockchain has the potential to improve IoT security in products and industries ranging from the smart home to smart farms. Think of how Telstra is utilizing blockchain to secure IoT devices that contain personal information via facial and fingerprint recognition. Or, how Pavo integrates blockchain on farm-facing IoT devices to monitor crop performance for enhanced agricultural efficiency.

By leveraging a distributed trust architecture, blockchain is equipped to establish a secure framework on smaller, low-power devices. With the potential to become the basis of Web 3.0, blockchain can eliminate hacking among IoT devices, including life-critical medical devices, while empowering the Internet of Things to become more useful and universal than ever before.

Avatar
As a Senior Director of Software Technology and Architecture in the CTO group at Flex, Anoop Nair’s responsibilities include defining software policies and standards, determining technological direction and implementing software strategies to meet long term Flex corporate initiatives. He has over 15 years of software leadership experience in major R&D organizations and several startups, most notably Intel, Blackberry and Lucent. He has innovated in several areas in the IoT and wireless domain and has patents in this area.