Smart city operates myriads of devices, which control each aspect of the City IoT infrastructure. These devices are spread all over the city in thousands of locations. Some of them collect, process, and report data up to the city management system, some act using instructions provided to them from the central location. A leader in Smart-cities technology needed a trusted way to monitor the state of IoT devices. They required a secure method to deploy firmware and configuration updates to devices, Over The Air (OTA)
The challenge
The heavily distributed network of devices across any major city, imposes some challenges to orchestrate the activity:
- Keeping software up to date
- Keeping configuration up to date
- Device Event propagation to CMS
- High Availability
- Trustable history of operations and events
The suggested Solution
- Create a Blockchain device management system, using Hyperledger fabric, to provide immutable content over a secure channel
- Implement an event notifications system to alert devices when new updated become available
- Design an access control and device management system device identities
- Solution supports postpones upgrades, operational log and events checking
IOT – “Things update”
One of the challenging requirements of an IoT platform is the Over-the-Air (OTA) update of the Things, operation which needs resources and might be slow, as it requires the verification of the image integrity as well as the download process. The update operations, need to be automatic and secure. Authentication allows the system to identify the originator and recipient of the request, and verify and trace the sequence of operations, overall providing a better control and a higher level of security for the system.
In a non-blockchain IoT platform, updated operations occur over-the-air (OTA) under centralized control of a CMS (Central Management System): the update operation is sent to a Gateway, which manages the Things updates through a secure channel only.
The original approach can be affected with malicious actions such as:
- Unauthorized device reconfiguration
- Upgrade of IoT device to modified firmware
System events logging
While the operating system produces critical data events, such as device updates, alarms, warnings and etc. This data should not be altered or lost. We need to be sure that is was issued by a specific device or user for administrative purposes.
In the original implementation of IoT platforms, all events are stored inside centralized CMS: the event from device is sent to a Gateway, which should retransmit it to CMS.
Again, the original approach can be affected with malicious actions such as:
- Log record modification or deletion
- Unauthenticated record creation
In this solution, Blockchain is used to store data and perform access control:
- User registry – stores information about users of system.
- Device registry – stores information about IoT device of system (IOTRegistry compatible format).
- Firmware storage – stores information about device firmware, update history, metadata and etc.
- Events storage – stores information about events emitted by devices
The solution – Simplified Message Flow using Blockchain technology
In general, the CMS and devices exchange certain requests and events. These communications happen using MQTT as Message Queue service and Hyperledger Fabric as blockchain service. Communications between CMS and devices outlined below, in this section
Thing-to-CMS
The image above shows a sequence diagram for the message flow from Thing to CMS: the end device (Thing) generate an event/alert and sent it to the GW through the 6LowPAN wireless mesh network. The GW uses the IoT protocol API to create the event the blockchain by executing the corresponding smart contract. Eventually the event is notified to CMS if it has subscribed to those events/alerts.
CMS-to-Thing
The above image shows the message for the message flow in the reverse direction: from CMS to Thing:
CMS calls the Blockchain IoT API to submit FW update or Configuration change requests. The API functions generate messages to the blockchain node, which maps them into the corresponding smart contract and create the blockchain transaction. On the other end point, the GWs get notified about the new requests, it gets the FW and configuration changes and forward trusted requests to the Thing (end device node)
Using the blockchain based solution, increases the security in the data transfers between CMS and GW and provides more reliable and auditable data storage, utilizing blockchain based approaches for components interaction.
Customer can reliably trace each device update and initiator, query device status history and events, because each action is backed by cryptography.
Further extensions of this solution could look into:
- Development of tokenization approaches of IoT devices, utilizing blockchain.
- Deeper integration of blockchain based IoT device management in client`s solutions