ReviewBlockchain's adoption in IoT: The challenges, and a way forward
Introduction
There has been an exponential growth in the Internet of Things (IoT) based services in the world, especially in telehealth, manufacturing and in urban areas to form smart cities. IoT is expected to connect 30 billion devices by 2020 (Lund et al., 2014). Use of IoT technology will not only improve the quality of life of people but also contribute to the world economy. IoT is predicted to create about USD 7.1 trillion contributions to the global economy by 2020 (Lund et al., 2014). However, at the same time, IoT devices are vulnerable to a vast number of security and privacy issues, which are known to the manufacturers but security in IoT devices is either neglected or treated as an afterthought (Wurm et al., 2016). According to IBM Institute for Business value (Brody and Pureswaran, 2014), it is critical for the future of IoT that its operational model is revived from costly, trusted and over-arched centralized architecture to a self-regulating and self-managed decentralized model. Such a transformation will provide scalability, reduced cost of infrastructure, autonomy, secure operations in a trustless environment, user-driven privacy, access control and redundancy against network attacks. In this regard, blockchain is being considered as one of the possible mechanisms to realize desired decentralization and resultant trustless networks (Christidis and Devetsikiotis, 2016).
Although blockchain was initially conceived as a financial transaction (TX) protocol in the form of Bitcoin, but due to its cryptographic security benefits such as pseudonymous identities (IDs), decentralization, fault tolerance, TX integrity and authentication, researchers and security analysts around the world are focusing on the blockchain to resolve security and privacy issues of IoT. However, default limitations of Bitcoin blockchain, such as scalability, latency in TX confirmation, large storage, intensive computation and energy requirements, and privacy leakage infer that blockchain technology has to be assessed deeply before it can be used securely and efficiently in an IoT environment.
Related Work. Till date, numerous surveys and some research on blockchain-based IoT technology (Christidis and Devetsikiotis, 2016; Yli-Huumo et al., 2016; Survey on blockchain, 2015; Pilkington, 2016; Tschorsch and Scheuermann, 2015; Dorri et al., 2016; Huh et al., 2017; Conoscenti et al., 2016; Bonneau et al., 2015) has been published but either these papers focus on general applications of the blockchain or discuss technical aspects concerning digital currencies. They do not give an insight into blockchain challenges related to IoT. For instance (Yli-Huumo et al., 2016), highlights various security, privacy and performance issues such as DDoS attacks, 51% attack, data malleability, authentication, cryptographic, energy consumption, and usability problems. However, these issues have been discussed concerning cryptocurrencies such as Bitcoin, Ripple and Bitcoin exchanges. The paper also identifies some of the research areas such as scalability, smart contracts, licensing, IoT, security, and privacy, which have been neglected in current research. For most of the part (Yli-Huumo et al., 2016), presents the methodology of its research and broadly highlights the current research topics. Moreover, if we look from IoT perspective (Yli-Huumo et al., 2016), does not focus on this issue. Similarly (Survey on blockchain, 2015), carries out a detailed survey of blockchain technologies and their impact on society and economy. It discusses the problems associated with Bitcoin blockchain. It also draws attention to the wide utilization of blockchain technologies, but IoT is just a point in the long list of potential use cases of the blockchain. Finally, it addresses the issues related to administration and policy guidelines.
In another work (Pilkington, 2016), authors give an overview of blockchain technology, discuss its variants such as Ethereum (Buterin et al., 2014), Ripple (Xrp, 2013), Gridcoin (Gridcoin white paper, 2018), etc., and present a gist of some non-financial applications of the blockchain. It also does not address issues concerning blockchain's adoption in IoT. Similarly (Tschorsch and Scheuermann, 2015), presents a wholesome survey on technical aspects of digital currencies. It discusses the Bitcoin characteristics and related concepts especially the consensus protocols in much detail but with respect to digital currencies. Although the papers mentioned above have covered various aspects of digital currencies and blockchain in detail, but they are not focused on IoT. Moreover, authors in (Dorri et al., 2016) present a lightweight architecture of a smart home. However, the paper just focuses on the limitations of Bitcoin blockchain and propose a solution to avoid Bitcoin's issues of computation intensiveness, latency in TX confirmation and scalability. Correspondingly, the authors compare the security and performance efficiency of their solution with Bitcoin blockchain only.
In yet another work, authors in (Huh et al., 2017) propose one of the use cases of the blockchain for IoT, i.e., configuring and managing IoT devices using blockchain smart contracts. By doing so, authors aim to avoid the security and synchronization issues involved in a client-server model. Where, if a server gets malicious then all the connected devices will be vulnerable to security issues. Therefore, taking advantage of blockchain's trust-free distributed architecture the IoT devices are proposed to be configured and managed through Ethereum smart contracts (Buterin et al., 2014). Moreover (Conoscenti et al., 2016) carries out a literature review of blockchain applications beyond cryptocurrencies and their suitability to IoT. The review also aims at finding a solution to Bitcoin blockchain related vulnerabilities, such as integrity attacks, de-anonymization techniques, and adaptability of Bitcoin blockchain in IoT concerning high TX input in IoT. Whereas (Christidis and Devetsikiotis, 2016), gives an insight into the working of blockchain and smart contracts (Buterin et al., 2014). The authors prudently highlight the blockchain-IoT use cases such as a marketplace for sharing services and resources between IoT devices, P-2-P (Peer-to-Peer) market for renewable energy and supply chain management (SCM). The paper also highlights some issues about the use of blockchain in IoT. These issues include low TX throughput, high latency in PoW-based blockchains, the privacy of users and TX contents, legal matters associated with smart contracts and the need for changes. Similarly, authors in (Bonneau et al., 2015) have also made a valuable contribution to the Bitcoin research. They have carried out an in-depth analysis of numerous Bitcoin properties, stability issues, and Bitcoin forks. Authors also gave an overview of alternatives to Bitcoin consensus and user anonymity/privacy techniques.
Therefore, to cover the gaps in the literature concerning blockchain's adoption in IoT, there is a requirement of carrying out a comprehensive survey to find out that how does existing blockchain technologies impact IoT? Similarly, how can IoT leverage blockchain to resolve its security issues? and what are the impediments in doing so? This paper thus carries out a methodical review of the IoT threat environment, resultant IoT security and performance requirements and the impact of progression in blockchain technologies on IoT. The benefits afforded by the blockchain technologies and some of the blockchain-based IoT applications are pitched against the IoT security and performance requirements to identify the voids. We also carried out a comparison of some of the notable blockchain consensus protocols based on certain security and efficiency factors to determine a suitable technology for the IoT. It is presumed that Hyperledger-Fabric meets the most of the IoT requirements such as user authentication and authorization, identity management, data confidentiality, low latency in TX confirmation and means to achieve autonomous IoT operations using smart contracts also known as “Chaincodes”. To discover some practical issues involved in the integration of IoT devices with the blockchain, we implemented an Ethereum blockchain-based IoT supported supply chain monitoring system in an experimental setting. We discovered that there are some challenges in securely sending sensor data from the IoT devices to the blockchain. It is also noticed that currently there is no mechanism to perform a device integrity check, to ascertain the validity of IoT devices. Whereas, it is an important security requirement, since, IoT devices mostly operate in an unprotected environment and are vulnerable to physical compromise, which can result into malicious device operation. We also establish that there is a requirement for IoT-oriented TX validation rules and IoT-focused consensus protocol to meet the specific needs of IoT environment. In the end, a way forward is recommended to address some of the significant blockchain issues. Hence, there are many factors that make our work distinguished from our predecessors.
Contributions of the Paper. The primary objective of this paper is to identify unscaled challenges that hamper the total adoption of blockchain in an IoT environment. The major contributions of the paper are:
- 1.
Detailed analysis of progression in blockchain technology and its impact on IoT in view of security and performance requirements of IoT.
- 2.
Identification of some unique and practical challenges to the blockchain's adoption in IoT.
- 3.
Analysis of few existing blockchain applications and related voids.
- 4.
A way forward to address some of the critical IoT related blockchain issues.
Section snippets
IoT background
This section presents a brief background on IoT including IoT architecture, the difference between IoT and traditional networks, threat environment and some security and performance requirements of IoT systems.
Blockchain: an overview
The Bitcoin (Nakamoto, 2008) has very innovatively transformed the method of financial value transfer without any trusted third party. The underlying technology of Bitcoin is blockchain. In simple terms, blockchain comprises a series of blocks in such a way that every new block is cryptographically connected to the previous block. In the case of Bitcoin, the blocks contain a record of financial TXs between Bitcoin users. Due to its inherent benefits, such as immutability, auditability, TX
Progression of blockchain technology and its impact on IoT
Bitcoin blockchain has revolutionized the distributed ledger technology with its significant cryptographic security and immutability. IoT can leverage the key benefits of the blockchain (as shown in Fig. 4) to resolve its ever-growing security and privacy issues. E.g., The challenge of secure data sharing between heterogeneous IoT devices and guarantee of the trustworthiness of their data, can be met by the common blockchain platform that guarantees the immutability of data. Therefore, the
Challenges to Blockchain's adoption in IoT
To identify some real issues concerning blockchain's adoption in IoT, we implemented a test case scenario of an IoT-based supply chain monitoring system (Makhdoom et al., 2018). The customer orders frozen food products and also decides a temperature threshold that has to be maintained during the shipment by the seller. An alert is generated for the customer, whenever the temperature threshold policy is violated during shipment. The test scenario and the challenges discovered while integrating
Latest trends in blockchain-based IoT applications and related voids
Researchers and innovators around the world are developing and investigating ingenious ways to implement blockchain in IoT environment. These use cases aim to take advantage of the inherent benefits of the blockchain such as decentralized control, immutability, cryptographic security, fault tolerance, data integrity and authentication, and capability to run smart contracts. Table 6 shows some of these applications, the purpose of their development and respective blockchain platform. It is
Gap analysis
In spite of inherent benefits of the blockchain, i.e., TX integrity, TX authentication, non-repudiation, an auditable log of events, etc., there are numerous challenges (highlighted in Section 5), that needs due consideration for a secure adoption of blockchain in IoT. Further elaborating on these issues, firstly, the current consensus protocols such as PoW, PoS, PoET, IOTA, PoA, and Proof of Activity are designed for public blockchains (PoS and PoET also support permissioned blockchains) in
IoT-centric consensus protocol and transaction validation rules
The design and development of an ideal consensus protocol for an IoT environment demands that the requirements of a consensus protocol for a blockchain-based IoT system be distinguished from existing general purpose and cryptocurrency oriented consensus protocols. Some of these requirements are shown in Fig. 13. The points mentioned in blue color are concerning security/consistency and the points shown in the green color pertains to the performance requirements. The foremost requirement for IoT
Conclusion and future work
No doubt, IoT is the future of an autonomous digitized economy of the world by liquefying and personalizing the physical objects (Brody and Pureswaran, 2014). However, to achieve this status, it has to undergo a conceptual transformation both at the design and the development stages. That day is not far off, once machines will interact with machines without human intervention to achieve performance efficiency, durability, operational effectiveness, and financial economy. Therefore, it is
Imran Makhdoom (S′18) received the B.E. degree in telecommunications engineering and the master's degree in information security from the National University of Sciences and Technology, Pakistan, in 2004 and 2015, respectively. He is currently pursuing the Ph.D. degree with the University of Technology Sydney researching on IoT security. Before that, he worked as a Project Manager on various wireless communication and IT projects involving Satellite, OFC and CISCO networks. He has also served
References (166)
Ransomware attacks: detection, prevention and cure
Netw. Secur.
(2016)- et al.
Internet of things, blockchain and shared economy applications
Proced. Comput. Sci.
(2016) - et al.
Iot security: review, blockchain solutions, and open challenges
Future Generat. Comput. Syst.
(2018) - et al.
Understanding the Limits of Lorawan
IEEE Commun. Mag.
(2017) - et al.
Securing the internet of things: a review
Iss. Inf. Syst.
(2016) - et al.
Internet of things: a survey on enabling technologies, protocols, and applications
IEEE Commun. Surv. Tutor.
(2015) National Blockchain Ecosystem
(2017)An Introduction to Iota
(2017)- et al.
Hyperledger fabric: a distributed operating system for permissioned blockchains
- et al.
A prototype evaluation of a tamper-resistant high performance blockchain-based transaction log for a distributed database
Privacy and security in internet of things and wearable devices
IEEE Trans. Multi-Scale Comput. Syst.
Ripple: overview and outlook
Security in network layer of iot: possible measures to preclude
Understanding Blockchain Consensus Models
Proof of activity: extending bitcoin's proof of work via proof of stake [extended abstract] y
ACM SIGMETRICS Perform. Eval. Rev.
State machine replication for the masses with bft-smart
Bigchaindb: The Blockchain Database
Securing smart cities using blockchain technology
Bitcoin developer guide
Bitcoin-Developer-Guide, Transactions, Developer Guide
Difference between Miners and Nodes
Warning: Better Security Has Costs
Scalability
Blockchain Size
Sok: research perspectives and challenges for bitcoin and cryptocurrencies
Survey of Security and Privacy Issues of Internet of Things
Towards robust distributed systems
Device Democracy: Saving the Future of the Internet of Things
A Next-generation Smart Contract and Decentralized Application Platform
The Value of Blockchain Technology
On Public and Private Blockchains
On Settlement Finality
Architecture of the hyperledger blockchain fabric
Blockchains Consensus Protocols in the Wild
Practical privacy-preserving medical diagnosis using homomorphic encryption
Practical byzantine fault tolerance and proactive recovery
ACM Trans. Comput. Syst.
Practical byzantine fault tolerance
Machine-to-machine communications in ultra-dense networks—a survey
IEEE Commun. Surv. Tutor.
On security analysis of proof-of-elapsed-time (poet)
Blockchains and smart contracts for the internet of things
IEEE Access
Slock.it 3 Minutes Demo
Blockchain for the internet of things: a systematic literature review
Information propagation in the bitcoin network
Blockbench: a framework for analyzing private blockchains
Blockchain in Internet of Things: Challenges and Solutions
Blockchain for iot security and privacy: the case study of a smart home
Mirai “internet of Things” Malware from Krebs Ddos Attack Goes Open Source
Blockchain Project Antshares Explains Reasons for Choosing Dbft over Pow and Pos
Cited by (0)
Imran Makhdoom (S′18) received the B.E. degree in telecommunications engineering and the master's degree in information security from the National University of Sciences and Technology, Pakistan, in 2004 and 2015, respectively. He is currently pursuing the Ph.D. degree with the University of Technology Sydney researching on IoT security. Before that, he worked as a Project Manager on various wireless communication and IT projects involving Satellite, OFC and CISCO networks. He has also served in a semi-government organization for various cyber-security auditing tasks from 2014 to 2016. He is an EC-Council Certified Secure Computer User and certified IoT specialist from University of California Irvine, USA. He was a recipient of the President's Gold Medal for securing the first position in his master's degree.
Mehran Abolhasan (S′01–M′03–SM′11) received the B.E. degree in computer engineering and the Ph.D. degree in telecommunications from the University of Wollongong in 1999 and 2003, respectively. He is currently an Associate Professor and the Deputy Head of the School of Electrical and Data Engineering, University of Technology Sydney. He has authored over 120 international publications and has won over $3 million in research funding. His current research interests are software-defined networking, IoT, wireless mesh, wireless body area networks, cooperative networks, 5G networks and beyond, and sensor networks.
Haider Abbas (SM′16) is a Cyber Security Professional, an Academician, a Researcher, and an Industry Consultant who took professional trainings and certifications from the Massachusetts Institute of Technology, USA; Stockholm University, Sweden; the Stockholm School of Entrepreneurship, Sweden; IBM, USA; and the EC Council. He received the M.S. degree in engineering and management of information systems and the Ph.D. degree in information security from the KTH-Royal Institute of Technology, Stockholm, Sweden, in 2006 and 2010, respectively. His professional career consists of activities ranging from research and development and industry consultations (government and private), through multi-national research projects, research fellowships, doctoral studies advisory services, international journal editorships, conferences/workshops chair, invited/keynote speaker, technical program committee member, and reviewer for several international journals and conferences. He is also an Adjunct Faculty and Doctoral Studies Advisor at the Florida Institute of Technology, USA and Manchester Metropolitan University, United Kingdom. In recognition of his services to the international research community and excellence in professional standing, he has been awarded one of the youngest Fellows of the Institution of Engineering and Technology, U.K.; a fellow of the British Computer Society, U.K.; and a fellow of the Institute of Science and Technology, U.K. He has also been elected to the grade of Senior Member of Institute of Electrical and Electronics Engineers (IEEE), USA.
Wei Ni (M′09–SM′15) received the B.E. and Ph.D. degrees in electronic engineering from Fudan University, Shanghai, China, in 2000 and 2005, respectively. He is currently a Team Leader with CSIRO, Sydney, Australia, and an Adjunct Professor with the University of Technology Sydney. He was a Post-Doctoral Research Fellow with Shanghai Jiaotong University from 2005 to 2008, the Deputy Project Manager of the Bell Labs R&I Center, Alcatel/Alcatel-Lucent from 2005 to 2008, and a Senior Researcher with Devices Research and Development, Nokia from 2008 to 2009. He also holds adjunct positions with the University of New South Wales and Macquarie University. His research interests include stochastic optimization, game theory, graph theory, as well as their applications to network and security. He has been serving as the Vice Chair of IEEE NSW VTS Chapter and Editor of IEEE Transactions on Wireless Communications since 2018, the Secretary of IEEE NSW VTS Chapter from 2015 to 2018, the Track Chair for VTC-Spring 2017, the Track Co-Chair for IEEE VTC-Spring 2016, and the Publication Chair for BodyNet 2015. He also served as the Student Travel Grant Chair for WPMC 2014, a Program Committee Member of CHINACOM 2014, and a TPC Member of IEEE ICC′14, ICCC′15, EICE′14, and WCNC′10.