Authored By: Girish BVS, Senior Solutions Architect, Technology Group, Sasken Technologies Limited
Internet of Things (IoT) has now permeated across multiple industry verticals in consumer, community and enterprise oriented use cases. This includes Industrial IoT, smart cities, smart grid, transportation logistics, healthcare and automobiles to name a few. The number of IoT compatible devices has surpassed 25 billion globally as of 2019 and continues to grow exponentially.
In a typical IoT architecture, each ‘thing’ at the lowest level collects data and acts upon commands i.e. sensors and actuators respectively. Intermediate devices aggregate and filter data, and can also potentially take decisions based on the rules or edge analytics of sensor data and can send out commands to actuators. Edge networks may also store data locally and the gateway device sends aggregated and filtered sensor data to the Cloud using the Internet as a conduit. The data is stored in the Cloud and decisions are made based on analytics. Once done, commands are sent back to the edge network device(s). These commands could also be triggered manually based on permissions and authorization. As such, this architecture poses several security threats since the attack surface is large.
There are broadly two areas that have vulnerabilities. Firstly, the data from IoT devices are transmitted and typically stored in a centralized database present in the Cloud. This data could be prone to manipulation either during transmission or when stored in a central database. The problem is accentuated when data is aggregated by multiple entities or by stakeholders who do not necessarily trust each other. If this data is extremely sensitive and the basis for automated decisions via rules and analytics, the consequences would be severe and catastrophic, if human and environmental safety aspects are involved.
The other area of vulnerability is the risk of security attacks on IoT devices directly. This may be over the network, or through other malicious IoT devices that can join the network and cause havoc. This creates a trust deficit at the origin of data, which also implies the data originating cannot be trusted. The potential vulnerabilities here are caused largely due to manual IoT device installation and configuration. This includes setting weak or easy to guess passwords, keying in shared keys etc. for authentication. Manual installations and configurations also increase the risk for malevolent activities, making the stakes very high for highly sensitive applications. Authentication of devices and communication between multiple devices usually require a central gateway or server. Solutions with this approach however would make them prone to issues associated with centralized system such as single point of failure.
Analyzing the causes of these vulnerabilities provides a solution that should meet certain requirements. It requires the ability to secure the data that includes integrity, authenticity and confidentiality right from the origin till it is consumed for analytics and decision making. This would require a method to verify that data has originated from a genuine device that has not been tampered with either by unauthorized physical access or via the network. It also entails data protection during transmission from any security threats such as man-in-the-middle attacks and replay attacks. Finally, the data stored either on the edge side or in the Cloud must be protected from tampering. Data stored in a central database is difficult to secure even with multiple levels of access protection. It is tricky, but still feasible to get unauthorized access, especially if the malicious actors are extremely competent and have the necessary resources.
Blockchain brings in many unique features that increase trust in its stakeholders. These include decentralization, the data stored is immutable, data is appended after validation and consensus, data is replicated amongst all the participating nodes, the provenance of data can be established, etc. Naturally, this seems apt to use it to store data instead of in a central database. Transactions in Blockchain are also digitally signed by the sender, which can be validated by all the participating nodes in the Blockchain network. Replay attack protection is also integral to the design by providing a separate field to validate if a transaction is already present in the Blockchain.
There is another use of Blockchain that enhances security of IoT devices and drastically reduces the vulnerabilities at the origin of data. This would involve IoT devices authentication and onboarding on the edge side of IoT, where the digital identity of the IoT device along with required credentials are stored in Blockchain. This would enable the automatic onboarding of genuine IoT devices, eliminating the need for any manual intervention. In addition, a local light-weight Blockchain network can be used that stores credentials and digital certificates of peer IoT devices, thus enabling peer devices to authenticate and securely communicate with each other, without relying on a central gateway device. This approach would make the edge IoT network extremely secure. Sasken has developed a patent-pending, working solution that provides all of this.
While Blockchain certainly brings in significant enhancement in IoT security, it is not a silver bullet that can help in every situation. Its mere presence and application alone does not guarantee comprehensive security. The use of strong and proven cryptographic techniques and key management still plays a crucial role and Blockchain can take the entire solution to higher levels of security.