ISORC 2018 paper 19
advertisement
See discussions, stats, and author profiles for this publication at: https://www.researchgate.net/publication/327075273
IoT Data Integrity Verification for Cyber-Physical Systems Using Blockchain
Conference Paper · July 2018
DOI: 10.1109/ISORC.2018.00019
CITATIONS
READS
9
911
1 author:
Caciano Machado
Federal University of Santa Catarina
6 PUBLICATIONS 15 CITATIONS
SEE PROFILE
All content following this page was uploaded by Caciano Machado on 31 August 2018.
The user has requested enhancement of the downloaded file.
IoT Data Integrity Verification for
Cyber-Physical Systems using Blockchain
Caciano Machado† and Antônio Augusto Fröhlich‡
Software/Hardware Integration Lab – LISHA
Department of Informatics and Statistics – INE
Federal University of Santa Catarina – UFSC
PO Box 476, 88040-900 - Florianópolis, SC, Brazil
{caciano† ,guto‡ } at lisha.ufsc.br
Abstract—Blockchain technologies can enable decentralized
and trustful features for the Internet of Things (IoT). Although,
existing blockchain based solutions to provide data integrity
verification for semi-trusted data storages (e.g. cloud providers)
cannot respect the time determinism required by Cyber-Physical
Systems (CPS). Additionally, they cannot be applied to resourceconstrained IoT devices. We propose an architecture that can
take advantage of blockchain features to ensure data integrity
verification of data produced by IoT devices even in the realm of
CPS. Our architecture is divided into three levels each of them
responsible for tasks compatible with the resources capabilities.
The first level, composed of sensors, actuators and gateways,
introduces the concept of Proof-of-Trust (PoT), an energyefficient, time-deterministic and secure communication based
on the Trustful Space-Time Protocol (TSTP). Upper levels are
responsible for keeping data persistence and integrity verification
in semi-trusted storage. The work also comprises a performance
evaluation of a critical path of data to demonstrate that the
architecture respect time-bounded operations demanded by the
sense-decide-actuate cycle of CPSs.
Keywords—blockchain, data integrity verification, cyber physical systems, internet of things
I.
I NTRODUCTION
Distributed ledgers are starting to be used to verify data
integrity in the Internet of Things (IoT) [1]. However, the
processing and energy demands of traditional blockchain mining algorithms based on Proof-of-Work (PoW) can hardly be
matched by IoT devices [2]. Additionally, a whole class of IoT
devices, namely those that are Cyber-Physical Systems (CPS),
have stringent timing requirements that get hindered by most
blockchain consensus algorithms [3]. Puzzlingly, this class
of IoT devices, which we will refer to as CPS@IoT, has a
strong need for data integrity, particularly regarding failure
liability. Efforts to achieve low-energy consumption, such as
Proof-of-Stake (PoS) and Proof-of- Elapsed Time (PoET), pose
other restrictions from the perspective of CPS@IoT: highcost, storage capacity or the need of a Trusted Execution
Environment (TEE) [4].
In order to enable data integrity verification for CPS@IoT,
we propose a split blockchain architecture organized in three
levels: IoT, Fog, and Cloud. The first level, IoT, aims at
establishing a domain of trust for a group of CPS devices
that communicate with each other and with a fog gateway
exclusively using a secure, energy-efficient, time-deterministic
protocol such as the Trustful Space-Time Protocol (TSTP) [5].
We named this level’s algorithm Proof-of-Trust (PoT). The
second level, Fog, provides fault tolerance to IoT data and
produces the cryptographic digests that are subsequently used
for integrity verification. A set of collaborative fog gateways
uses the Proof-of-Luck (PoL) time-predictable consensus algorithm [6] to replicate the data produced at the first level.
They subsequently apply SHA-256 to generate digests for the
replicated data. Data is kept at this level only until the third
level acknowledges it. The third level, Cloud, permanently
stores the IoT data and uses a public ledger to store the
associated cryptographic digests. Only the digests are stored in
the blockchain. This level does not dictate any specific secure
cloud storage nor the public ledger.
Data-integrity protection is one of the fundamental goals of
cryptography. Primitives such as digital signatures and message
authentication codes (MACs), when applied to a full file F,
allow an entity in possession of F to verify that it has not
been subjected to tampering. When we deal with semi-trusted
remote data storages as cloud providers, we cannot blindly
rely on their integrity verification mechanisms because there
is no guarantee for neutral auditing (Garg and Bawa [7]).
Actually, providers can act covering data lose, corruption
or even tampering. Additionally, protocols that rely on third
parties to audit data are prone to subversion of these entities
that could act maliciously.
In summary, the main contributions of this work are:
1)
2)
3)
An energy-efficient and time-predictable for data
integrity verification in semi-trusted storages for
resource-constrained CPS@IoT;
A three level blockchain architecture in which the
first level is based on PoT;
A proof of concept of the protocol in a WSN with
our IoT platform.
The remainder of this paper is organized as follows. In the
next section we cover the concept of PoT explaining the TSTP
protocol security. In Section III, we present our proposed split
blockchain architecture and its components. In Section IV, we
show real-world case studies for this architecture. In Section V,
we describe an evaluation of our proposal with a proof of
concept implementation. We present related works in data
integrity verification and applications of blockchain for IoT
in Section VI. Finally, in Section VII we conclude.
II.
P ROOF - OF -T RUST
To bridge the gap between the time-determinim and energyefficiency requirements of conventional CPSs and the limitations of typical consensus algorithms of public ledgers we
propose the concept of Proof-of-Trust (PoT). The fundamental
rationale behind PoT is the fact that many CPS infrastructures
now feature sophisticated secure, energy-efficient, deterministic communication protocols, such as the Trustful Space-Time
Protocol (TSTP) [5]. Communicating peers in such systems
(usually machines) intrinsically share a high-level of trust
on each other and on the data they produce. We exploit
these features to define a low-overhead, time-deterministic
transaction model to store data produced by CPSs on the Cloud
in a way that enables the integrity of such data to be verified. In
this section, we discuss the most relevant design characteristics
of such protocols communication protocols to enable PoT.
A. Key Management
For this task, TSTP relies on node’s uuids to add twoway authentication node’s uuid should be a 128 bit (or larger)
random and secret number disclosed only for the communicating gateways. As a result, TSTP ties the previously calculated
Master Secret to this uuid, validating together the Master
Secret itself.
As attack narrowing mechanisms, TSTP uses node’s synchronized clock information and geographic position in the key
generation. Synchronized clocks are an essential part of TSTP
to produce One-Time Passwords (OTPs) and could be acquired
with protocols as IEEE 1588 Precision Time Protocol (PTP).
Additionally, the position of nodes is used in the deployment
phase requiring nodes to be placed in specific locations predefined by the user in order to advance in the Master Secret
generation. Nodes outside the boundaries specified are not
allowed to establish ECDH keys. Both Speculative PTP and
the Heuristic Environmental Consideration Over Positioning
System (HECOPS), respectively used for time synchronization
and position estimation of nodes, are explained in Section II-C.
TSTP trustfulness is tackled at MAC layer by extensive
use of the Advanced Encryption Standard (AES) hardware
accelerators available in most IEEE 802.15.4 implementations.
The adoption of this widespread symmetric-key algorithm as
the foundation of the infrastructure’s trustfulness brings several
practical benefits (e.g. performance and power consumption),
but also brings the major drawback of symmetric-key encryption: both parties must share a secret key.
In summary, a Poly1305-AES hardware accelerated algorithm which input combines the node’s Master Secret, uuid
and timestamp generates a OTP that is used in the key
bootstrapping to validate nodes, gateways and the Master Key
(Figure 1). Subsequently, the same algorithm derives shared
secrets valid for their respective time windows that are used in
communication authentication and encryption (Section II-B).
Generating the keys before deployment and storing them
for subsequent distribution would lessen the infrastructure
security to the level of key management, involving humans.
Generating the keys in servers and sending them to the nodes
over the network would also make room for additional attacks,
since decrypting the message containing the key at any time
would reveal the key itself. Additionally, IoT deepens these
key management issues because of the number of devices and
their resource limitations [8].
B. Message Authentication and Encryption
Once the Master Secret has been validated, TSTP is ready
to trustful communication, derivating disposable keys based
on the Master Secret, uuid and time. Both authentication and
encryption mechanisms take advantage of low-cost hardware
to compute AES encryption and Poly1305-AES digests.
To overcome such difficulties, an Elliptic Curve DiffieHellman (ECDH) establishes shared keys (Master Secret) over
insecure channels for TSTP (Figure 1). ECDH has a good
processing/security trade-off, making it suitable for resourceconstrained devices. However, ECDH alone enables only confidentiality between pairs and does not authenticate them.
Figure 2.
Figure 1.
TSTP Security Key Bootstraping
TSTP Message Payload Digest
Message authentication (Figure 2) is achieved with a payload digest calculated with Poly1305-AES and attached to
the payload. Both payload and digest compose the data to
be encrypted further (Figure 3). The key used for message
encryption is produced in the same way as the OTP from the
key bootstrapping explained in the previous subsection. This
approach requires an attacker, besides finding out the uuid, to
break the discrete logarithm problem for elliptic curves, which
is far from a trivial problem. Moreover, for critical scenarios,
Figure 3.
TSTP Message AES Encryption
ECDH and Master Secret could be regenerated periodically
reduce attack impacts.
C. Temporal and Spatial Synchronization
Besides the application benefits of position estimation,
knowing the geographic localization of nodes enables attack
narrowing mechanisms covered in Section II-A. TSTP uses
the Heuristic Environmental Consideration Over Positioning
System (HECOPS) [9] to estimate node’s location via multilateration given that nodes can estimate their distances to one
another and there are anchor nodes that know their position.
Anchor nodes could be TSTP gateways with GPS receivers or
pre-set positions in case of fixed devices.
In addition to cryptographic secrets generation and renewal
(Section II-A), high precision time synchronization is essential
for CPS@IoT nodes and gateways in order to respect the sensedecide-actuate deadlines. In our architecture, precise time also
plays a critical role in the IoT data replication and agreement
protocols (Section III-A). The Speculative PTP (SPTP) [10]
can keep a network synchronized with sub-millisecond precision time.
SPTP is based on IEEE 1588 Precision Time Protocol
(PTP) and enables sensors to synchronize their clocks by
taking advantage of passing messages of any type and introducing only one extra message on the network. Basically,
retransmitting a message M1 with PTP Req bit set and
receiving the answer M2 from the original sender is sufficient
to calculate the delay and synchronize clocks. Any node with
enough confidence in its clock can play the Master part (and
naturally, any node can be a Slave). Additionally, the gateway,
which typically has more resources, could be equipped with a
GPS receiver to propagate its precise clock time to slave nodes
as illustrated by Figure 4.
In resume, TSTP security assures data confidentiality, authenticity, integrity and temporality between the nodes and
their gateways. We call these properties Proof-of-Trust (PoT).
A more in-depth presentation and discussion about this protocol can be found in [11].
III.
S PLIT B LOCKCHAIN
Our approach to ensuring data integrity verification in the
realm of CPS connected to the IoT is to split the blockchain
Figure 4.
TSTP’s time synchronization example.
architecture into three levels depicted in Table I. It complements the functionalities of current efforts (Liu et al [1]) by
creating a chain of trust of IoT data from the node to the cloud
storage.
Level
IoT
Fog
Cloud
Features
Secure, time-deterministic,
energy-efficient communication
Fault tolerance (replication
and digesting)
Data storage and
integrity verification
Table I.
Algorithm
RT
PoT
Yes
PoL
Yes
Any
No
P ROPOSED SPLIT BLOCKCHAIN ARCHITECTURE
From the perspective of a node (sensor or actuator), it must
rely on the integrity of data communication from its peers
and gateways within the network. Trustful communication is
provided by the first level of our architecture, IoT, which
relies on the Embedded Parallel Operating System (EPOS)
lightweight security adopted by TSTP that we call Proof-ofTrust (PoT) and detailed in Section II.
From the point of view of the gateways, they should provide trust of data for gateways from the same network and for
the nodes they serve. Gateways should also establish reliable
communication with the cloud storage and the blockchain.
This is achieved in the second level, Fog, and provides IoT
data agreement between a few redundant gateways from a
CPS in order to tolerate faults and avoid losing data. For this
architecture, we assume that the set IoT gateways processes
provide fault tolerance within a local network (e.g. multiple
WSN sinks) or even within the same computer (e.g. multiple
processor cores).
IoT data, previously agreed between the redundant IoT
gateways, is logged temporarily in slices which are processed
further to generate and store the cryptographic digests in a
public blockchain. This task is controlled by the slice manager
(Section III-A) which also keeps a copy of the cryptographic
digests of the slices in every working redundant IoT gateway
within a CPS until the blockchain consensus.
The third level, Cloud, represents the semi-trusted data storage provider used by the gateways and the blockchain of choice
that supports decentralized data integrity verification without
the need of third party auditors. The blockchain consolidates
cryptographic digests of IoT data (Section III-B) produced
within a network and prior agreed between the gateways. These
digests enable further integrity verification of IoT data stored
in the cloud provider. This allows the CPS system owner to
verify if his data was tampered or corrupted. Our architecture
relies on an Ethereum [12] Smart Contract which serve as
a data storage for cryptographic digests, although any public
ledger able to store and retrieve data could be used. The public
Ethereum blockchain is immutable and deployed in a fully
decentralized way with public auditability. This means that
data stored in it cannot be repudiated and that we do not need
third parties in our data integrity verification protocol.
To enable the data integrity verification without compromising the time deadlines imposed by the sense-decideactuate cycle, the architecture decouples the time-deterministic
part from the public blockchain integration, as illustrated
in Figure 5. The elements inside the dotted box and their
interactions respect well-known deadlines. We assume realtime communication for CPS network and their respective
IoT gateways, as provided by PoT, detailed in Section II. We
also assume real-time for the redundant gateways agreement
protocol which can be achieved by algorithms as Proof-ofLuck (PoL).
gateway processes that broadcast every message they receive
to their peers. Upon receiving those broadcasts, each gateway
process merges with their IoT data that will periodically
undergo an agreement protocol.
The chosen algorithm for agreement between gateways is
the Proof-of-Luck (PoL) [6]. PoL relies on trusted execution
environments (TEEs), such as Intel SGX-enabled CPUs. This
feature increases the cost of gateways but enables timedeterministic agreement. The agreement is responsible for
guaranteeing the same copy of IoT data between all redundant
gateways within a TSTP network. Every gateway participating
in the PoL generates a random number in the interval [0 − 1)
every round of the algorithm. The greatest number of each
round wins the proof and defines the values of IoT data that
will be used for further steps of the data integrity verification.
Gateways’ serial numbers are used as tie-breakers for eventual
draws. PoL can provide data redundancy in a fail-stop model
where IoT gateway processes halt when they detect malfunctioning.
An important component of the architecture is the slice
manager which handles data used to generate the cryptographic
digests sent to the blockchain. Considering the amount of
data produced by sensors and the costs for introducing data
into the public ledger, our devised architecture limits the data
integrity verification to time-bounded slices of data. A slice
is a container that stores IoT data temporarily in memory. As
illustrated in Figure 6, each slice stores data generated within
two timestamps, an initial time ti, and a final time tf that
determine fixed size pre-defined intervals ∆t (e.g. 1 minute, 6
hours or 4 days). Also, slices could accept delayed data when
it is still valid and possible to store it in the slice.
Figure 6.
Figure 5.
Blockchain based data integrity verification for IoT CPS
A. Replication, agreement and slice hashing
The architecture uses multiple gateways to provide fault
tolerance for IoT CPS. These gateways must synchronize IoT
data in order to prevent inconsistencies in the slices of data
used to generate the cryptographic digests that are sent to
the blockchain. We assume that IoT redundant gateways are
interconnected with a reliable and fast network as a dedicated
Gigabit Ethernet or even are processes running in different
processor cores of the same device communicating using IPC
mechanisms. The replication of IoT data is executed by the IoT
Slice hashing
When a slice is closed (dashed box in Figure 6), which
means that it no longer accepts new data, a new one is created
with initial timestamp tin equals to the final timestamp of
the previous slice tfn−1 . The final timestamp of this new slice
depends on the pre-defined time interval ∆t configured for the
system. From this point forward, the slice data is destroyed and
the only information kept from it is an SHA-256 digest which
will be further sent to a blockchain for persistent storage.
Each slice’s SHA-256 digest is kept in the memory of all
redundant IoT gateways within a CPS until it is confirmed
in the blockchain.
Only one of the working IoT gateways proceeds with
the blockchain interaction. The gateway responsible for this
task and its backup are chosen using the same agreement
algorithm used to agree about IoT data. In case of a slice
manager gateway crash, a backup IoT gateway assumes the
slice management.
B. Public ledger integration and integrity verification
A SHA-256 digest is calculated for each closed data slice
and is sent to an API that calls a smart contract function
to insert the SHA-256 digest in the blockchain as illustrated
in Figure 6(2) and Figure 5(10). After the smart contract
blockchain transaction receives 12 confirmations 1 we consider that the store was successful and that we can remove
the digest from the slice manager memory (dashed rounded
box in Figure 6). Currently, the Ethereum blockchain takes
approximately 15 seconds to confirm a block, which means it
takes 3 minutes to store a digest safely. Consequently, each
redundant gateway should keep a copy of the digest Thus,
when a block with an insertion operation reaches consensus in
the Ethereum network, the SHA-256 digest of the respective
slice will be eventually available locally for each Ethereum
node.
In a public Ethereum network, every operation that changes
the state of a smart contract consumes gas 2 . Therefore, we
need to earn gas prior to insertion of SHA-256 digests in the
smart contract. The typical methods to earn gas are: executing
a miner node, which will be rewarded by the Ethereum network
for each block mined; buying ether from an exchange; receive
transfers from other accounts. In a private Ethereum network,
we can create ether out of thin air just by defining an amount
of ether in the creation of the blockchain.
Read operations are computationally cheaper than insert
operations and do not consume gas because they just need
to read the state of the smart contract that is already spread
over the Ethereum nodes. This operation can be executed any
time to verify data integrity of IoT data stored in the Cloud.
When someone wants to verify whether some data stored in
the cloud was not corrupted, it sends the TSTP coordinates
and timestamp to the verify function. This function fetches
all data within the same slice of the requested data from the
cloud storage and generates again its SHA-256 digest. If the
digest equals to the digest in the blockchain, then we can
trust the values within the slice. Note that this method cannot
distinguish which data was changed within a slice, it can only
determine whether some data was changed in the slice interval.
IV.
C ASE S TUDY
A. LISHA’s IoT platform
The Software and Hardware Integration Laboratory (Laboratório de Integração de Software e Hardware – LISHA) build
an IoT platform [13] that focuses on smart, trustful and important things. Smart in the sense that we can rely on Data Mining
and Machine Learning applied to the very same data produced
while operating in order to become more efficient. Important
because we distinguish nice and useful things like smartphones
1 12 confirmations means 12 blocks created after the confirmation of the
block with the submitted transaction. Waiting for 12 confirmations intends to
avoid that transactions are lost in orphaned blocks because of a fork in the
blockchain.
2 This is the name used to refer to an amount of ether, the Ethereum
cryptocurrency.
and toys from more important things as vehicles, buildings,
healthcare equipment, factories and warfare machinery. Finally,
trustful because we must guarantee the reliability between
things and data produced by them. A key element in our IoT
platform is that IoT domains preserve temporal determinism
for control purposes and are connected to the cloud through fog
gateways. Fog gateways act as the edge between IoT domains
and the Internet, and provide services closer to the things. Most
of our platform is based on EPOS Mote III hardware running
EPOS 2 Operating System with the TSTP protocol. Currently,
we have many deployments integrated with our platform which
we can highlight a hydrologic monitoring and control system,
a smart building environment and a solar farm monitoring
system.
B. Hydrological Monitoring and Control
The Hydrological Monitoring and Control [14] begun from
studies required by the Joinville city to evaluate the impact of
building a new Campus of the Federal University of Santa
Catarina (UFSC) in the local indicated in the map in Figure 7.
These studies aimed to evaluate pluviometric patterns and to
characterize the hydric system in order to estimate the impact
of urbanization in superficial drainage and soil infiltration in
a region that is prone to floods. Additionally, it was planned
to support procedures and programs to mitigate/compensate
potential impacts of urbanization, determine urban expansion
and control floods. Later, these studies became a long-term
project which also aims to monitor flow dynamics and water
quality in the hydrographic basin.
Figure 7.
Joinville’s basin monitored with EPOS III Motes
The limnimetric scales and rain gauges spread over the
basin use EPOS Mote III hardware with the EPOS 2 Operating
System and are connected to our IoT infrastructure through
GPRS and the Internet. The role of the blockchain based data
integrity protocol in this scenario will be to provide trust for
data generated from EPOS.
C. Smart Solar Building
The UFSC Smart Solar Building is a live laboratory to
perform experiments on sustainability, renewable energies,
and intelligent automation. It operates the monitoring and
automation with EPOS Mote III running on EPOS 2 with
the TSTP protocol. The building has solar panels on the roof
that generate electric energy that exceeds its consumption
thus provides a good environment for smart grid studies in
blockchain technologies.
V.
E VALUATION
We evaluated a proof of concept to validate our architecture
and estimate its impact on the sense-decide-act cycle of CPS.
The proof of concept environment deployed two TSTP gateways, each one with a 1.2 GHz ARM Cortex-A53 processor
with four cores ARMv8-A and 1GB of RAM. They executed a
Linux kernel version 4.9.65 with glibc 2.19 and an instance of
geth 3 version 1.7.2 process with mining capabilities disabled.
Additionally, we run two geth 1.7.2 instances with mining
enabled in an Intel Xeon server with three 2.4GHz E5620
cores. These processes represent miners from the public
Ethereum network which are rewarded for executing the Proofof-Work algorithm. The interconnection between the gateways
was a gigabit network switch, and the communication from
TSTP gateways to the server was with a cascading of gigabit
switch/routers to the university datacenter. We created a private
blockchain with an account prepared with gas enough to
execute the smart contracts operations for all the experiment. A
simplified version of the smart contract deployed with solidity
compiler version 0.4.15 is below.
pragma solidity ^0.4.15;
contract MACMapping {
mapping (uint128 => uint256) macmap;
function () public payable { }
function insertMAC(uint128 id, uint256 val)
public returns (bool) {
macmap[id] = val;
return true;
}
function readMAC(uint128 id)
public returns (uint256 mac) {
mac = macmap[id];
return mac;
}
}
The smart contract has a mapping structure macmap which
maps a 128 bit id with an SHA-256 digest. This structure
is modified by insertMAC every time a new cryptographic
digest is inserted in the blockchain, so its transactions have
to be mined, consuming gas. The function readMAC do not
change the blockchain because it just reads the state of the
smart contract.
In our evaluation, the IoT gateway operates as the sink
of a TSTP network and executes an IoT gateway process
that sends time-series data received from the WSN to the a
remote semi-trusted storage. Although our scenario presents
an evaluation using time series data storage, it is suitable for
other types of remote semi-trusted data storages without any
loss of functionality. We assumed that applications’ sensedecide-actuate procedures are real-time, and that gateways’ IoT
data replication and agreement are also time bounded. The IoT
gateway process also communicates with a logger using SysV
IPC message queues as illustrated in Figure 5(1). The logger
sends data to the remote storage and to the slice manager. The
communication to the logger is critical to the sense-decideactuate cycle, so we evaluated its overhead. We measured the
average time of 1000 messages from IoT gateway process to
logger with 83 bytes of data. The mean obtained is 5.894µs
3 Ethereum
node implementation written in Go language
and standard deviation σ equals 0.144µs. The results presented
an error of ±0.020µs with a confidence interval of 99, 999%.
µ
5.894µs
σ
0.144µs
error
±0.020µs
CI
99, 999%
The additional delay imposed by the log mechanism is
negligible for a typical TSTP WSN with IEEE 802.15.4 radios
which has communication latencies in the order of hundreds of
ms [15] in each hop. This demonstrates that our architecture
is suitable for the sense-decide-actuate cycle and can be
implemented to provide additional data integrity guarantees
for remote semi-trusted storage in CPS@IoT.
VI.
R ELATED W ORKS
The most important protocols for data integrity verification are Provable Data Possession (PDP) [16] and Proofs
of Retrievability (PoR) [17], respectively used for untrusted
and semi-trusted data storages. They intend to reduce I/O
costs of data integrity verification using cryptographic proofs
of knowledge of data instead of retrieving the entire data.
Retricoin [18], Permacoin [19], Sia [20], Filecoin [] and
Storj [21] enable decentralized data distribution in multiple
storage providers and data integrity verification with PoR.
Each of those systems is based in a blockchain which mining
algorithm is the PoR itself. Furthermore, Filecoin introduces
the concept of Proof-of-Replication (PoRep) that guarantees
the availability and integrity of replicas in the nodes of a
decentralized storage.
Alternatively, considering that decentralized data storages
will be not practical until they achieve acceptable efficiency
for IoT, Liu et al [1] proposed a decentralized blockchainbased framework for data integrity verification for remote
semi-trusted storages similar to the depicted in our architecture. In their proposal, they provide data integrity verification
for both the data owners and the data consumers of cloud
storage services, without relying on any third party auditors.
Although, their protocol does not provide time-bounded operations and its requirements are not suitable for resourceconstrained CPS@IOT. Additionally, their work considers
that one block confirmation is enough for consensus in the
Ethereum blockchain, ignoring that forks could happen and
undo previous already confirmed blocks. We only consider that
the block is immutable in the blockchain after 12 confirmations. The Ethereum community accepts this value as safe for
most transactions.
The possibilities of blockchain technologies attracted the
attention of the IoT related community. We highlight the
following works that aim to integrate IoT with distributed
ledgers. The first work is a systematic literature review [22]
that classifies works according to the use of the blockchain
in IoT in order to foster a decentralized and private-by-design
IoT.
A work in progress from Özyılmaz and Yurdakul [23] has
some similarities with our architecture. They presented a proofof-concept of a LPWAN based IoT deployment to interact
with a blockchain infrastructure through a gateway. Aung and
Tantidham [24] discussed the application of blockchains for
smart homes.
Dorri et al [25] proposes the use of a blockchain without
coins and without consensus protocol presenting a smart home
scenario simulated in Cooja. They evaluate a hierarchical
architecture which consists of three layers (smart home, cloud
storage, and overlay) and argue that it is suitable for IoT processing latency and scalability requirements. Despite being an
interesting proposal to provide trust for IoT, we consider that
their use of blockchain terminology is controversial because of
the lack of a fundamental element of conventional distributed
ledgers: a distributed consensus algorithm.
The work from Christidi and Devetsikiotis [26] talks about
the benefits of using blockchain and smart contracts for a
distributed and decentralized architecture for IoT. Another
work [27] focuses on the very idea of fog computing for cloudbased IoT, where services are provided at the edge of IoT
networks in order to distribute load and decrease latency. Kim
and Lee dealt with the problem of authorization, authentication
and trust of things [28], and suggested the use of a distributed
ledger to avoid centralized third parties. The use of blockchains
to guarantee the traceability of the information shared by
food supply chain members (producers, processors, storage,
distributors, retailers, consumers and authority organizations)
using IoT was presented by Tian [29].
Some initiatives [30] [31] propose the application of smart
contracts for smart grids. They intend to support auditable
multiparty transactions based on predefined rules between
distributed energy resources (DER) and customers, without the
need of third parties.
ADEPT (Autonomous Decentralized Peer-to-Peer Telemetry), is a proof-of-concept platform that consists of three
elements: Ethereum, Telehash and BitTorrent to provide decentralized management and service payment for IoT devices.
Filament, provides sensors with long-range radios called “Taps.
Taps can form mesh networks, communicate with each other in
a distributed and secure manner via a protocol called telehash,
and interact with each other via smart contracts on a common
blockchain. The sensors themselves do not connect to the
Internet to cut down on deployment costs but can connect
to gateway nodes that provide such connectivity. IOTA is a
blockchainless approach that uses a directed acyclic graph
(DAG) called tangle. To issue a transaction, every node must
work to approve two other transactions, contributing to the
network security.
VII.
C ONCLUSION
Even though most of the existing blockchain technologies
still poses technical challenges and limitations, we strongly
believe that they could enable trustful and decentralized features for IoT. We proposed a blockchain based architecture that
can provide trust for data produced by CPS@IoT and stored
in remote semi-trusted data storages. Other similar solutions
cannot be applied to such systems because they require that
the nodes participate in the blockchain, which is not possible
for most resource-constrained devices.
In our proposal, a split blockchain architecture divides
tasks between three levels to create a chain of trust for IoT
data. The first level uses the lightweight TSTP security to
maintain a Proof-of-Trust (PoT) between the low-resource and
energy nodes. PoT guarantees time-determinism, authenticity,
confidentiality and integrity of IoT data. Upper levels are responsible for keeping data persistence and integrity verification
in semi-trusted storage.
Besides subdividing tasks according to the computational
resources available on the devices of each level, our approach
additionally takes into account their inherent weakness. For
example, semi-trusted remote storage such as a cloud provider,
regardless of its affordable and large capacity, still needs extra
security mechanisms to ensure the integrity of data because
clients cannot rely on neutral verification from providers.
To demonstrate that the architecture does not compromise
the sense-decide-actuate cycle of CPS, we evaluated the timings from the critical path of IoT data and shown that it
is insignificant compared to delays of typical TSTP communication. We also assumed that applications’ sense-decideactuate procedures are real-time as well as the replication and
agreement protocols between redundant gateways within the
same network.
For future works, we plan to investigate the use of hash
mechanisms that can verify the integrity of specific data instead
of whole slices. This modification could impact in the size of
verification data stored in the blockchain that could imply in
financial costs for mining transactions in public ledgers. We
also aim to investigate time-deterministic agreement protocols
for the redundant gateways that do not need to rely on TEE.
R EFERENCES
[1]
[2]
[3]
[4]
[5]
[6]
[7]
[8]
[9]
B. Liu, X. L. Yu, S. Chen, X. Xu, and L. Zhu, “Blockchain Based Data
Integrity Service Framework for IoT Data,” in Proceedings of the 2017
IEEE International Conference on Web Services (ICWS), Honolulu,
USA, 2017, pp. 468–475.
A. Babay, E. Wagner, M. Dinitz, and Y. Amir, “Timely, Reliable,
and Cost-Effective Internet Transport Service Using Dissemination
Graphs,” in Proceedings of the 37th IEEE International Conference
on Distributed Computing Systems (ICDCS), Atlanta, USA, June 2017,
pp. 1–12.
R. Jacob, M. Zimmerling, P. Huang, J. Beutel, and L. Thiele, “Endto-End Real-Time Guarantees in Wireless Cyber-Physical Systems,” in
Proceedings of the 2016 IEEE Real-Time Systems Symposium (RTSS),
Porto, Portugal, Nov 2016, pp. 167–178.
F. McKeen, I. Alexandrovich, A. Berenzon, C. V. Rozas, H. Shafi,
V. Shanbhogue, and U. R. Savagaonkar, “Innovative Instructions and
Software Model for Isolated Execution,” in Proceedings of the 2nd
ACM International Workshop on Hardware and Architectural Support
for Security and Privacy (HASP), Tel-Aviv, Israel, 2013, pp. 10:1–10:1.
D. Resner and A. A. Fröhlich, “Design rationale of a cross-layer,
Trustful Space-Time Protocol for Wireless Sensor Networks,” in Proceedings of the 20th IEEE Conference on Emerging Technologies
Factory Automation (ETFA), Luxembourg, Luxembourg, Sep. 2015, pp.
1–8.
M. Milutinovic, W. He, H. Wu, and M. Kanwal, “Proof of Luck:
an Efficient Blockchain Consensus Protocol,” in Proceedings of the
1st Workshop on System Software for Trusted Execution (SysTEX) at
ACM/IFIP/USENIXMiddleware 2016, Trento, Italy, Dec 2016, pp. 2:1–
2:6.
N. Garg and S. Bawa, “Comparative Analysis of Cloud Data Integrity
Auditing Protocols,” Journal of Network and Computing Applications,
vol. 66, no. C, pp. 17–32, May 2016.
Q. Jing, A. V. Vasilakos, J. Wan, J. Lu, and D. Qiu, “Security of the
Internet of Things: Perspectives and Challenges,” Wireless Networks,
vol. 20, no. 8, pp. 2481–2501, Nov. 2014.
R. Reghelin and A. A. Fröhlich, “A Decentralized Location System
for Sensor Networks Using Cooperative Calibration and Heuristics,”
in Proceedings of the 9th ACM International Symposium on Modeling
Analysis and Simulation of Wireless and Mobile Systems (MSWiM), New
York, USA, 2006, pp. 139–146.
[10]
[11]
D. Resner, A. A. Fröhlich, and L. F. Wanner, “Speculative Precision
Time Protocol: Submicrosecond clock synchronization for the IoT,” in
Proceedings of the 21st IEEE International Conference on Emerging
Technologies and Factory Automation (ETFA), Berlin, Germany, Sept
2016, pp. 1–8.
D. Resner and A. Augusto Fröhlich, “Key Establishment and Trustful
Communication for the Internet of Things,” in Proceedings of the 4th
International Conference on Sensor Networks (SENSORNETS), Setúbal,
Portugal, 2015, pp. 197–206.
[12]
G. Wood, “Ethereum: A secure decentralised generalised transaction ledger,” 2018, [Online]. Available: https://github.com/ethereum/
yellowpaper. [Accessed: 07-February-2018].
[13]
A. A. Fröhlich, “The Internet of Things at LISHA,” 2017, [Online].
Available: https://iot.lisha.ufsc.br. [Accessed: 04-February-2018].
[14]
S. Malutta1, G. Gracioli, J. C. Pscheidt, T. G. Neto, A. Thiesen, C. V.
Arruda, C. A. Pompêo, A. A. Fröhlich, and N. B. Bonumá, “Monitoramento Hidrológico da Bacia Hidrográfica no Campus da UFSC em
Joinville utilizando a Plataforma EPOSMote III,” in Proceedings of the
XXII Simpósio Brasileiro de Recursos Hídricos, Florianópolis, Brazil,
Nov. 2017.
[15]
D. Resner and A. Augusto Fröhlich, “TSTP MAC: A Foundation for the
Trustful Space-Time Protocol,” in Proceedings of the 14th IEEE/IFIP
International Conference on Embedded and Ubiquitous Computing
(EUC 2016)., Paris, France, Sep. 2016.
[16]
G. Ateniese, R. Burns, R. Curtmola, J. Herring, L. Kissner, Z. Peterson,
and D. Song, “Provable Data Possession at Untrusted Stores,” in
Proceedings of the 14th ACM Conference on Computer and Communications Security (CCS), Alexandria, USA, 2007, pp. 598–609.
[17]
A. Juels and B. S. Kaliski, Jr., “PORs: Proofs of Retrievability for Large
Files,” in Proceedings of the 14th ACM Conference on Computer and
Communications Security (CCS), Alexandria, USA, 2007, pp. 584–597.
[18]
B. Sengupta, S. Bag, S. Ruj, and K. Sakurai, “Retricoin: Bitcoin Based
on Compact Proofs of Retrievability,” in Proceedings of the 17th ACM
International Conference on Distributed Computing and Networking
(ICDCN), Singapore, Singapore, 2016, pp. 14:1–14:10.
[19]
A. Miller, A. Juels, E. Shi, B. Parno, and J. Katz, “Permacoin:
Repurposing Bitcoin Work for Data Preservation,” in Proceedings of
the 2014 IEEE Symposium on Security and Privacy, San Jose, USA,
May 2014, pp. 475–490.
[20]
D. Vorick and L. Champine, “Sia: Simple Decentralized Storage,”
Nov 2014, [Online]. Available: https://sia.tech. [Accessed: 04-February2018].
[21]
S. Wilkinson, T. Boshevski, J. Brandoff, J. Prestwich, G. Hall, P. Gerbes,
P. Hutchins, and C. Pollard, “Storj: A Peer-to-Peer Cloud Storage
Network,” Dec 2016, [Online]. Available: https://storj.io. [Accessed: 04February-2018].
[22]
M. Conoscenti, A. Vetrò, and J. C. D. Martin, “Blockchain for the
Internet of Things: A systematic literature review,” in IEEE/ACS
13th International Conference of Computer Systems and Applications
(AICCSA), Agadir, Morocco, Nov. 2016, pp. 1–6.
[23]
K. R. Özyılmaz and A. Yurdakul, “Work-in-progress: integrating lowpower IoT devices to a blockchain-based infrastructure,” in Proceedings
of the 2017 IEEE International Conference on Embedded Software
(EMSOFT), Seoul, South Korea, Oct 2017, pp. 1–2.
[24]
Y. N. Aung and T. Tantidham, “Review of Ethereum: Smart home case
study,” in Proceedings of the 2nd IEEE International Conference on
Information Technology (INCIT), Nakhonpathom, Thailand, Nov 2017,
pp. 1–4.
[25]
A. Dorri, S. S. Kanhere, R. Jurdak, and P. Gauravaram, “Blockchain
for IoT security and privacy: The case study of a smart home,” in
Proceedings of the 2017 IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom Workshops),
Athens, Greece, Mar 2017, pp. 618–623.
[26]
K. Christidis and M. Devetsikiotis, “Blockchains and Smart Contracts
for the Internet of Things,” IEEE Access, vol. 4, pp. 2292–2303, 2016.
[27]
M. Samaniego and R. Deters, “Hosting Virtual IoT Resources on EdgeHosts with Blockchain,” in 2016 IEEE International Conference on
View publication stats
[28]
[29]
[30]
[31]
Computer and Information Technology (CIT), Nadi, Fiji, Dec 2016, pp.
116–119.
H. Kim and E. A. Lee, “Authentication and Authorization for the
Internet of Things,” IT Professional, vol. 19, no. 5, pp. 27–33, Oct
2017.
F. Tian, “A supply chain traceability system for food safety based on
HACCP, blockchain Internet of things,” in 14th IEEE International
Conference on Service Systems and Service Management (ICSSSM),
Dalian, China, Jun 2017, pp. 1–6.
M. Mylrea and S. N. G. Gourisetti, “Blockchain for smart grid resilience: Exchanging distributed energy at speed, scale and security,”
in Proceedings of the 2017 Resilience Week (RWS), Wilmington, USA,
Sep 2017, pp. 18–23.
M. W. J. W. Paul Heitmann, Terry Oliver, “Electric power technical
whitepaper - Building a robust value mechanism to facilitate transactive
energy,” LO3 Energy, Tech. Rep., 2017.
