Blockchain for IoT Security
2019-06-28
One of the speakers in the blockchain forum is Mr. Dominik Schiener; Co-Chairman of the Board of Directors & Founder of the IOTA Foundation. In his keynote, Mr. Schiener pointed out the importance of an added security measure for IoT devices and how blockchain can achieve the desired outcome.
IoT as Opportunity and Risk
Mr. Schiener started his speech by mentioning the 3 technologies that constantly come up whenever digital transformation is mentioned: IoT, AI, and blockchain. IoT is no longer a buzzword and it continues to have a real impact on people’s lives and businesses. 10 to 15 years ago, no devices were connected and they require manual input and operation; in essence barely anything was automated. However, today’s devices are almost the complete opposite; smart devices connected to the cloud and each other are everywhere. This change is achievable by the development of IoT which makes people’s lives easier and at the same time took away the need for constant manual control. Now, all devices and machines can talk to one another and the cloud.
However, there is a trust problem within IoT and the companies that manufacture, design, or utilize them. Mr. Schiener stated that the main problem is in how IoT was built; which in his opinion was built under wrong premises and infrastructures. This in turn makes IoT a security threat to the users; especially as IoT devices are used more and more everywhere. This means mission critical infrastructures such as electricity, communication, or water become more easily targeted by malicious actors. IoT devices have been hacked and used to target humans by having the devices perform purposes not at all intended by the manufacturers or users. The security aspect in IoT has to be taken much more seriously or more damage can be wrought by malicious actors.
Connection to the cloud is paramount to IoT devices as without the connection, the devices cannot function. An added problem is that IoT is built largely on proprietary software. This means even a single flaw in the source code; which often passes under the radar for a long time before it was found; can be utilized by sophisticated hackers to infiltrate the systems. In an era when malicious actors act on a state level, this threat has never been greater. Mr. Schiener added that another problem that exists: many companies do not know they have been compromised until months after the attack. IoT today is a single point of failure, meaning a single company or entity owns the devices and their infrastructures, making it easy to intrude into the system and take ownership of the entire network of devices.
Blockchain as the Solution
The progression of IoT aims to achieve smart decentralization; where smart devices are able to communicate with the cloud and other machines. The collective of devices makes the entire network smart; constantly sharing data from each other. Devices may even learn from one another; making trust a much more important component in the system. Through biomimetic designs, systems that allow devices to communicate and share data can be created. This is where IT needs to go; not just creating a singular smart device, but a collective of devices that is smart together. This is where blockchain can contribute much more. When it comes to the future of IoT, it will not work without a distributed ledger which can further facilitate trust in inter-machine communication in terms of data, transactions, and the process itself. There are 3 important aspects in the blockchain supported communication.
The first is data security. Thanks to distributed ledgers, devices can share data in a secure way. Because the data becomes immutable as soon as it enters the ledger, confirmed to be authentic, and the system knows where the data came from and can verify it. With verifiable immutable data, it becomes possible to build entire new protocols and applications.
The second aspect is transactions. One of the goals of IoT and blockchain is to create machines that are not just automated, but also able to make smart decisions and to create autonomous machines. According to Mr. Schiener, the only way to make autonomous machines is by giving them a wallet. One machine can pay another machine for data, computation, energy, etc. It is about making machines autonomous and giving them the ability to transact with each other. This can potentially open a new economy on its own where machines make humans’ lives easier by transacting in their own economy and enabling new use cases and business models.
The third aspect is in securing the process; making sure that the machine does only what it is supposed to; essentially limiting its capabilities only to its desired functions. It is important that it’s not just automating the processes within the machine, but within the collective of machines. This is why smart contracts are necessary; to make sure these networks become networks of trust. Only through networks of trust is it possible for one machine to verify that the data it received from another machine is verified and the process automated.
The only way to make sure that IoT is going to be secure is if a standardized, free to use, and open source protocol is used and that it becomes the backbone of IoT and the machine economy.
Conclusion
IoT and AI are no longer buzzwords, but blockchain still need to prove itself and show that it is production ready and can create serious impact to people’s lives and businesses. The challenge is to overcome the limitations of blockchain. Traditionally, distributed ledgers have a trilemma that need to be solved: decentralization, scalability, and security. Creating a new economy through blockchain is needed to combine governance, technology, and ecosystem.
At the end of the day, the distributed ledgers need to actually get adopted and utilized. The only way to make sure that IoT will actually take off is if open permissionless networks exist; that anybody can utilize the technology, participate, and innovate. Only through that can the technology have an equal if not even bigger impact than the internet.
To watch the full forum session, visit our YouTube channel here.
【Media Contact】
Taipei Computer Association Tel: +886-2-25774249 Fax: +886-2-25785392
David Liu #360 Email: david_liu@mail.tca.org.tw
Sharlene Hung #324 Email: sharlene@mail.tca.org.tw
<<BACK