Over the past year or two, we’ve talked about blockchain in combination with the Internet of Things numerous times. But to really understand how the blockchain can help improve device security and the IoT experience, you first have to understand what the blockchain is.
With that in mind, here’s a brief overview along with some examples, so you don’t get lost in all the buzzwords.
When most people hear the word “blockchain” these days, they typically associate it with cryptocurrency. Those are the digital coins or tokens you likely hear about on a near-daily basis, such as Bitcoin, Etherium, and yes, even Dogecoin.
In fact, those digital coins and tokens are simply applications that use blockchain for transaction history. When you buy, sell, or trade such digital currencies, a public record is added to a digital ledger that records the transaction.
And at its most basic level, that’s what a blockchain is, a database of stored information. But that database is different from most others because it’s completely distributed. There’s no central database server. Instead, the data is replicated across the internet as a peer-to-peer list, or chain, of transactional blocks.
Why does that distinction matter? Because with a centralized database, there’s a single source of records. Whereas with a blockchain, there are many sources of the same data records. Which means that the chain of transactions is verified by many sources and the data is immutable. You can’t go into the blockchain and reverse or change a transaction, for example. And as a result, there’s a much higher level of data integrity.
The integrity of device specifications, capabilities, and software
Knowing this, you can begin to see how blockchain applications can bring sorely needed benefits to the Internet of Things.
Indeed, back in April, Stacey offered an example of how the Matter protocol plans to use blockchain technology:
“[A]nyone can read a product ID and vendor ID on a device and check if it exists in what he called the CHIP Compliance Ledger. This means manufacturers can update metadata about the device, such as update a URL where the updates will be found, and more. This ledger will let anyone read it and figure out if the device is certified and has implemented necessary security updates.”
Instead of searching for IoT device software updates on the support pages of each of your devices, for example, in this scenario you could view all of the update information on a single page. You’d also know if a device that was made by some unknown brand was truly certified and designed to follow the required security protocols.
Seamless device updates from a trusted source
Now let’s take it a step further. While the above example will provide authentic security information about your IoT device hardware and software, it won’t do any action on its own. That brings me to “smart contracts,” which are another implementation of the blockchain.
A smart contract is essentially an agreement between two entities, such as IoT devices, that takes place when certain pre-conditions are met.
Now, imagine if all of your IoT devices had smart contracts with the device makers so that when a certified available software update became available, a smart contract to update the device software was installed. Not only would you always have the latest firmware on your device installed as soon as it became available, you’d also know that the update was coming from a trusted source. This would be extremely valuable in the case of a security exploit that could be patched with a firmware update.
There would be no need to waste time notifying you to download the update and no action needed to get the update. Most importantly, you’d know that the update wasn’t from some random person posing as your device maker.
No more user access set up with each new device
Finally, blockchain can help with user authentication in your smart home.
Presently, when setting up device access in the home, you typically have to invite family members to become users of each of them. This isn’t a one-time activity. With each new device in the home, you have to send the invites or add the person. And in the former case, if your invited family member has been hacked, a third party could get the invite and be the one that you’re actually providing access to.
Now consider the same situation using blockchain for authentication.
By creating immutable records of the people in your home, you’d have a single record to track authenticated users. And if all of your devices could use that blockchain, they would know who each of those authenticated users were. Which means there would be no need to manually provide access to each person every time you add a new device.
Of course, blockchain applications for the smart home aren’t there yet. Indeed, at this point we’re only seeing the first blockchain implementations for the IoT, such as for chained ledgers of transactions that provide inventory locations in supply chains, for tracking sensor data in the Industrial IoT, and even for the verification of IoT network access points. But personally, I can’t wait for when my home is integrated with blockchain applications.