Can Blockchain Secure the Internet of Things?

In December, a group of companies interested in using blockchain as a tamper-proof method in IoT applications held a meeting, New Horizons: Blockchain x IoT Summit, in Berkeley, California. The goal was to define the scope and implementation of a “smart contracts” IoT protocol layer. This consortium includes startups like Ambisafe, BitSE, Chronicled, ConsenSys, Distributed, Filament, Hashed Health, Ledger, Skuchain, and Slock.it, along with a few large companies like BNY Mellon, Bosch, Cisco, Gemalto and Foxconn.

The consortium agreed thatsecurity, trust, identity and registration and verification would be the cornerstones of any common protocol, while also acknowledging the need for integration and interoperability across multiple chip types, communication protocols, proprietary platforms, cloud service providers, and blockchain systems.

Currently participation in the group is voluntary without any formal membership or governance structures, emphasizing fast-moving open source collaboration.

Dirk Slama, Chief Alliance Officer at Bosch Software Innovations, a subsidiary of Bosch Group, one of the world’s leading manufacturing conglomerates, summed up the appeal of Blockchain in the IoT-heavy manufacturing sector:  “We are seeing tremendous potential for the application of blockchain in industrial use cases. Being able to create a tamper-proof history of how products are manufactured, moved and maintained in complex value networks with many stakeholders is a critical capability, e.g. for quality assurance and prevention of counterfeits.”

Alex Batlin, Head of Blockchain at BNY Mellon, one of the real leaders in the area of Blockchain, said “What’s missing today is a solution that provides trusted, tamper-proof guarantees for any title deed, public record, compliance event, or transaction, building on the way paper documents are used currently.

Blockchain provides some attractive properties for securing IoT applications because it maintains tamper-proof traces of encrypted transactions between devices with no need to keep such records in a central repository.  Blockchain, at least in theory, would render the “man in the middle” attack impossible, alleviating one of IoT’s biggest security concerns. It would also prevent the introduction of counterfeit parts anywhere in the supply chain.

A drawback of using blockchain, especially in IoT, is requiring devices to encrypt and decrypt transactions, and the storage of an ever-increasing transaction record history along a blockchain. Also, a device may experience a sudden burst of incoming transactions and needs to forward to many different devices or nodes efficiently. In other words, a point-to-point connection between devices or nodes can bring the whole traffic flow to a halt.

Just like with blockchain in financial services,  a loosely coupled architecture with a messaging layer between devices or nodes will make a lot of sense. A message broker in the middle can feed on each node’s transaction record ledger and act as a data burst shock absorber, a traffic manager (by disseminating or aggregating transaction records), and a cryptographic engine.  It’s an exciting development for industrial grade IoT, and we’ll be watching this space closely as it evolves.