Possible ICS security solution from the sensor to the cloud
It seems like nowadays everyone is talking about this new buzzword called "blockchain". It's all over the Internet! What is blockchain? What's it used for? And how can it be helpful with Industrial IoT?
In order to understand what blockchain is, let's first discuss another new buzzword, called bitcoin. According to Wikipedia, a person by the name of Satoshi Nakamoto invented bitcoin in 2008 in order to create the world's first decentralized digital currency. This means that the currency is not controlled by any central bank, but rather, by the people themselves. Unlike traditional currency, which is based on gold or silver, and printed by a central bank, bitcoin is based on a mathematical formula and is owned by the people. This means that no nation on Earth can just print more of it in order to cover their national debt, which will devaluate the currency. This also means that a country's central bank can't just decide to take away your money. It's out there on the Internet, away from their influence.
Which leads us to a new problem. If the currency is managed by the Internet, how can you keep it safe from hackers and bad guys on the Internet who want to steal your money? Also, how do you prevent counterfeiting? If the money is virtual currency, what prevents someone from just making a copy of your bitcoins, which will devaluate the currency? How will anyone even know the difference?
In order to solve the problem, Satoshi Nakamoto invented the Blockchain. A blockchain is a distributed public ledger, which contains blocks of data. This means that there are numerous copies of the ledger, all over the Internet, and all linked together. Each block contains a pointer to the previous block (except for the very first one!), a timestamp, and the transaction data. Once data is recorded to the ledger, it is permanent and unalterable. Should someone try to tamper with a blockchain's data, it will no longer match the publicly available versions on the Internet, and will become invalidated. The public provides the ultimate security. You can alter one single copy of data; however, you can't simultaneously alter millions and millions of copies. Therefore, the one that's different will get ousted, leaving your data safe and secure.
Let's now see how blockchain is applied to bitcoin. Every bitcoin (or part of it, the smallest portion is called a Satoshi, in honor of its founder) has a unique signature and can not be copied. Every bitcoin transaction is stored in a blockchain. The blockchain records that these specific Satoshis or bitcoins belong to you. If a hacker tries to alter the blockchain data to have it show that it belongs to him, his blockchain will get rejected by the public, as being tampered with. The rest of the publicly available copies of the blockchain will retain its data integrity and remain unaltered. With regards to the encryption of blockchain, I've seen figures that state it would take 60 years of constant computing power to break a single Bitcoin address. This assumes that computing speeds double every year. If we go by today's computing power, it would take about 500 million years to do the same hack!
The reason why blockchain is so popular is due to its nature of being impervious to tampering. This creates a wealth of Cybersecurity opportunities that would affect entire industries. For example, in IIoT, you have companies that are building entire ecosystems of products and solutions, and are vying to become industry leaders in their niche. For example, with Smart Homes, Smart Cities, as well as in the Industrial IoT space, integrators are building IoT Gateways and applications that interoperate with many different vendors' sensors and devices. Let's not forget connected autonomous vehicles and passenger drones! The question is, how truly secure are all these devices?
According to Cisco, by 2020, it is estimated that the number of connected devices is expected to grow exponentially to 50 billion. Some of the challenges, mentioned by Cisco, that we are facing with this exponential growth, are as follows:
- Many IoT devices are small, inexpensive devices with little to no physical security.
- Crypto algorithms have a limited lifetime before they are broken. This means that the best algorithms can get hacked, and it's only a matter of time before hackers adapt and learn how to get around them.
- You can read the full article published by Cisco here.
In short, it would seem that many, if not all, of the ecosystems in IoT are not truly secure.
One way of securing IoT ecosystems would be through the use of microchips. For example, Amazon Web Services (AWS) partnered with Microchip Technology (based out of Long Island, New York) to develop a secure provisioning platform, and associated microchip to streamline IoT security.
A current challenge with chip manufacturers is that they want to keep their technology to themselves, and lock out anyone else from integrating with it. This makes sense from their perspective, as these companies have invested considerable resources into developing their product, and want to reap the rewards of being the only one who has access to it. However, this approach is short sighted for two reasons:
- It stifles innovation when no one else can play in your sandbox.
- Because of that, it will prevent an ambitious person from creating a killer app (that will sell millions or billions of your microchips), which you may have never considered!
There is a blockchain startup company, Chronicled, based out of San Francisco, that introduced a blockchain based platform that enables companies and manufacturers to register and verify physical items (i.e. IIoT Devices) in an irrefutable and decentralized network (i.e. public blockchain). Chronicle's platform serves companies that manufacture Bluetooth Low Energy (BLE) and Near Field Communication (NFC) microchips.
Companies that want to integrate their solutions with these microchips are able to do so in a secure and tamper proof way, via Chronicled's blockchain platform. The blockchain will serve as a central authority for registration of the IIoT device, as well as verifying its identity (i.e. to ensure you're not a hacker).
In conclusion, by leveraging publicly verifiable technology such as blockchain, we are able to build secure, interoperable ecosystems for IIoT that will support our exponential growth of connected devices for years to come.
My question for you is, how will blockchain technology secure your business?
This article was written by Avrohom Gottheil, CEO of New York based SimiPlex Technologies, LLC, where he leverages 20+ years in Telecom to enable people to chat with their smart devices as easily as they speak with each other. Avrohom is a Top-ranked global IoT expert by Postscapes.com, and a frequent speaker on using technology to accelerate revenue growth.