A post by Dr Cathy Mulligan (Imperial College), Tony Kenyon (Guardtime) and Kacper Zylka (Imperial College).
Imperial College’s Blockchain research group (IC3RE) together with Guardtime have been investigating how distributed ledger technology – aka Blockchain – can be used to secure digitally-enabled critical infrastructure. Together they are providing an early warning system that embedded sensors have been compromised.
Cities around the globe are under increasing pressure to deliver high quality services to a growing number of citizens. Digital technology is being adopted – in what is sometimes called the ‘smart-city’ – to better manage assets, and deepen understanding of key services like waste, water, power and transport.
But as digital technologies become more deeply embedded into our urban environment they also create vulnerabilities to hacking, data manipulation and possibly breaches of citizens’ and corporations’ privacy. A recent report by HP outlined that as many as 70% of Internet of Things devices are inherently insecure.
This is a new threat landscape for cities to deal with. Traditionally cities have dealt with security from the physical perspective, but augmenting the civil infrastructure with digital technologies creates a lot more complexity.
Hacking of this digitally-enhanced infrastructure can place citizens lives at risk and cause significant economic damage to a city. At the same time, the contrasting lifespans of civil infrastructure and digital ones can further complicate issues. An average sensor currently has a lifespan of between 18 months and 4 years on average, but the lifespan of civil infrastructure can be significantly longer – from 80 years for housing to 150 years for a bridge or a tunnel.
How can we ensure the integrity of digital infrastructure in a manner which is future proof?
Security Issues in Smart City Sensors
We need to address multiple aspects of security when embedding sensors into infrastructure, including but not limited to:
1) Ensuring integrity of sensor state
2) Ensuring integrity of telemetry transmitted by the sensor
3) Preventing manipulation of telemetry/state while in transmission
4) Informing system administrators that a system may have be compromised
Working together with Guardtime, we investigated how blockchain could possibly assist with these security issues.
Blockchains
Blockchain is most commonly associated with the digital currency Bitcoin, but the underlying principle is now gaining attention far beyond financial services.
Blockchains – a subset of distributed ledger technology (DLT) – allow untrusting parties with common interests to co-create a permanent, unchangeable and transparent record of exchange and processing, without relying on a central authority. See the UK’s Brackett review for more info.
It is beyond the scope of this article to describe DLT in detail but it is useful to note that in contrast to traditional means of storing transactions – databases – DLTs provide a historical transaction record – allowing users to see how assets have transferred ownership over the years.
System Solution Overview
Using Guardtime’s KSI solution , we developed a proof of concept called Blockchain-based Attestation for Industrial Systems (BAFIS)*. This is a hardware and software architecture that can be deployed in multiple facilities, and which performs continuous attestation of firmware of low-end embedded devices at the facility.
A user interface was also developed, which informed human operators when action needed to be taken after a possible system compromise.
The system does the following:
1. Registers IoT devices into the blockchain, (ID, firmware and configuration state)
2. Provides periodic verification of state, with alerts on tamper events
3. Provides an optional rollback to a known gold image or configuration
This is illustrated below in Figure 1:
Figure 1: System Overview of KSI-enabled smart city security solution
Future work
Our future work in this space includes some of the following open research questions:
1. Where possible, depending on volume and format, creating a process where telemetry off a sensor can be signed.
2. Verification of sensor data upon receipt at upstream data recipients.
3. Periodically verify data stored in back-end decision-making engines to assure data integrity over the lifespan of the data
* – Zylka, K., 2016, “Blockchain-based Attestation for Industrial Systems”, MSc. Thesis, Department of Computing
Dr Catherine Mulligan is a Research Fellow in the Innovation and Entrepreneurship group with a joint appointment to the Department of Computing where she is Co-Director of the Imperial College Centre for Cryptocurrency Research. She is a Fellow and an Expert of the World Economic Forum for Blockchain Technologies.
Tony Kenyon is the CTO EMEA at Guardtime. Prior to joining Guardtime Tony spent over 20 years providing engineering direction for new products and solutions across enterprise, finance, and telco market.