M2M Security Technology of CPS Based on Blockchains
Abstract
:1. Introduction
2. Related Work
3. Blockchain Technology
3.1. The Connotation and Main Features of a Blockchain
- (1)
- Rather than creating a system around a central server, blockchain utilizes P2P networking and a consensus mechanism to create the trust system between nodes, thus forming a decentralized system.
- (2)
- A blockchain uses encryption, especially asymmetrical encryption, to protect transaction data. A consensus mechanism ensures that data cannot be modified or forged, guaranteeing a high level of security.
- (3)
- Based on the chain structure, all data of a transaction are traceable. A blockchain utilizes special methods to motivate all nodes to cooperate in block verification and uses a consensus mechanism to choose specific nodes as new blocks [27].
3.2. The Working Mechanisms of a Blockchain
3.2.1. The Structure of a Blockchain
3.2.2. The Working Principle of a Blockchain
3.3. The Utilization of Blockchain for M2M Communication of CPS
- (1)
- Blockchain technology and M2M both utilize the idea of distributed and decentralized computing. There is no centralized database in a blockchain, with each network node storing its own copy of the blockchain. The physical level of a CPS contains energy/environment, personnel, and various types of physical equipment and other elements. The interconnection between machines and equipment (M2M) is a key technology in a CPS, and it can take the form of machine-to-machine, machine-to-cluster, and even cluster-to-cluster. However, no matter which form the M2M takes, they all exhibit the same nature of decentralization.
- (2)
- A blockchain and M2M both require high levels of security. Other than a system being built on dependency and trust, a blockchain uses encryption and digital signature to secure information. While in an M2M system, the transmission and storage of information also require high confidentiality, integrity and validity, and authenticity. In addition, M2M has the nature of non-repudiation. Despite some level of variation in different systems, for example, military, electrical, medical, and manufacturing systems, the security of information is generally the first priority of such systems.
- (3)
- A blockchain and M2M reach a high level of harmony in the traceability and sharing of information. Providing effective sharing of historical information, blockchain technology uses a hash value, which is connected to the previous block, to track information of transactions throughout the whole blockchain. In M2M systems, especially in the area of manufacturing, tracing historical data is crucial. For instance, by reviewing data, we can identify key factors that might impact product quality. By improving processes, a higher quality will then be achieved. By filtering through the data, we can discover weak spots in production. The rate of machine breakdowns will then be lowered considerably by optimizing the maintenance methods. Additionally, through data sharing, those unnecessary processes can be easily spotted. Then cutting or reducing expenses of these processes on the supply chain will help cut production costs.
4. M2M-Security-Oriented Blockchain Design
4.1. Overall Design
- (1)
- Public network area. Based on the industrial Internet of Things, the public network area builds machine communication platforms. This ensures the normal communication of various types of machines, audits the registration of machines, accesses authentication to achieve connection and communication among machines, unifies the data format and communication rules, maintains the blocks of the public network area, and queries communication records.
- (2)
- Device area. The device area is the channel connecting the public network area and the private area. It receives messages from the public network area, and passes the query requests and query results to and from the private area.
- (3)
- Private area. The private area establishes and records the blocks of communication process among machines, saves data of the communication process, accepts the external query, or obtains externally related data by querying.
4.2. Design of Machine-Equipment Blockchain in the Public Network Area
4.3. Design of Communication Blockchain in the Private Area
- Step 1:
- M1 sends a query packet to the public network area.
- Step 2:
- After receiving the query packet, the public network area resolves the query packet and checks whether it is complete or not, according to the data check information. If not, M1 is required to resend the packet and the system re-enters Step 1; otherwise, the system enters Step 3.
- Step 3:
- According to the ID of M2 in the query packet, the public network area checks whether M2 exists in the machine-equipment blockchain or not. If not, a null value from the public network area is sent to the query sender, and the query fails; otherwise, the system enters Step 4.
- Step 4:
- The public network area delivers the query packet to the private area of M2 through the equipment sector.
- Step 5:
- The private area of M2 analyses the query packet to decide if the digital signature of packet is legal. If not, the service request will be denied, and denial of service information will be sent to M1 through the public network area. The system re-enters Step 1; otherwise, it goes directly to Step 6.
- Step 6:
- The private area of M2 searches for the query packet in the history. It encrypts the results using M1’s public key and then encapsulates it into a packet, which is later sent to the public network area.
- Step 7:
- After receiving the packet, the public network area checks whether or not it is complete according to the inspection information in the packet. If not, M2 is required to resend the packet; otherwise, the system goes to Step 8.
- Step 8:
- The information packet is sent to the private area of M1 through its device area.
- Step 9:
- The private area analyses the digital signature of M2 to identify its legitimacy. If it is illegal, M2 will be required to resend the packet and the system re-enters Step 6. Otherwise, the private area of M1 uses its private key to obtain the data and the whole query completes.
5. A Case Study: Cotton-Production-Oriented Security of M2M under a CPS Architecture
5.1. Problem Description
5.2. Solution and Simulations
5.2.1. Maintenance of Extensibility of M2M
5.2.2. Data Security
5.2.3. Comparisons
5.2.4. Outlook on Future Research
6. Conclusions
Acknowledgments
Author Contributions
Conflicts of Interest
References
- Park, K.J.; Zheng, R.; Liu, X. Cyber-physical systems: Milestones and research challenges. Comput. Commun. 2012, 36, 1–7. [Google Scholar] [CrossRef]
- Palavicini, G., Jr.; Bryan, J.; Sheets, E.; Kline, M.; Miguel, J. Towards firmware analysis of industrial internet of things (IIoT)—Applying symbolic analysis to IIOT firmware vetting. In Proceedings of the 2nd International Conference on Internet of Things, Big Data and Security, Porto, Portugal, 24–26 April 2017; pp. 470–477. [Google Scholar]
- Kim, B.H.; Ahn, H.J.; Kim, J.O.; Yoo, M. Application of M2M technology to manufacturing systems. In Proceedings of the International Conference on Information and Communication Technology Convergence, Jeju, Korea, 17–19 November 2010; pp. 519–520. [Google Scholar]
- Burmester, M.; Magkos, E.; Chrissikopoulos, V. Modeling security in cyber–physical systems. Int. J. Crit. Infrastruct. Prot. 2012, 5, 118–126. [Google Scholar] [CrossRef]
- Ashibani, Y.; Mahmoud, Q.H. Cyber physical systems security: Analysis, challenges and solutions. Comput. Secur. 2017, 68, 81–97. [Google Scholar] [CrossRef]
- Wang, E.K.; Ye, Y.M.; Xu, X.F.; Yiu, S.M.; Hui, C.K.; Chow, K.P. Security issues and challenges for cyber physical system. In Proceedings of the IEEE/ACM International Conference on Green Computing and Communications & Cyber, Physical and Social Computing, Hangzhou, China, 18–20 December 2010; pp. 733–738. [Google Scholar]
- Djenouri, D.; Khelladi, L.; Badache, A.N. A survey of security issues in mobile ad hoc and sensor networks. IEEE Commun. Surv. Tutor. 2005, 7, 2–28. [Google Scholar] [CrossRef]
- Anand, M.; Cronin, E.; Sherr, M.; Blaze, M.; Ives, Z.; Lee, I. Security challenges in next generation cyber physical systems. In Proceedings of the Beyond SCADA: Network Embedded Control for Cyber Physical Systems, Washington, DC, USA, 16–17 March 2006. [Google Scholar]
- Lee, E.A. Cyber physical systems: Design challenges. In Proceedings of the 11th IEEE Symposium on Object Oriented Real-Time Distributed Computing, Washington, DC, USA, 5–7 May 2008; pp. 363–369. [Google Scholar]
- Cardenas, A.A.; Amin, S.; Sastry, S. Secure control: Towards survivable cyber-physical systems. In Proceedings of the 28th International Conference on Distributed Computing Systems Workshops, Beijing, China, 17–20 June 2008; pp. 495–500. [Google Scholar]
- Orojloo, H.; Azgomi, M.A. A game-theoretic approach to model and quantify the security of cyber-physical systems. Comput. Ind. 2017, 88, 44–57. [Google Scholar] [CrossRef]
- Xu, Q.; Ren, P.Y.; Song, H.B.; Du, Q.H. Security-aware waveforms for enhancing wireless communications privacy in cyber-physical systems via multipath receptions. IEEE Int. Things J. 2017. [Google Scholar] [CrossRef]
- Medaglia, C.; Serbanati, A. An overview of privacy and security issues in the internet of things. In Proceedings of the 20th Tyrrhenian International Work-Shop on Digital Communications, Sardinia, Italy, 18–20 September 2009; pp. 389–395. [Google Scholar]
- Weber, R. Internet of things-new security and privacy challenges. Comput. Law Secur. Rev. 2010, 6, 23–30. [Google Scholar] [CrossRef]
- Saedy, M.; Mojtahed, V. Ad hoc M2M communications and security based on 4G cellular system. Wirel. Telecommun. Symp. 2011, 1–5. [Google Scholar] [CrossRef]
- Tuna, G.; Kogias, D.G.; Gungor, V.C.; Gezer, C.; Taşkın, E.; Ayday, E. A survey on information security threats and solutions for machine to machine (M2M) communications. J. Parallel Distrib. Comput. 2017, 109, 142–154. [Google Scholar] [CrossRef]
- Chen, S.; Ma, M.D. A dynamic-encryption authentication scheme for M2M security in cyber-physical systems. In Proceedings of the Global Communications Conference, Atlanta, GA, USA, 9–13 December 2013; pp. 2897–2901. [Google Scholar]
- Inhyok, C.; Shah, Y.; Schmidt, A.U.; Leicher, A.; Meyerstein, M.V. Trust in M2M communication. IEEE Veh. Technol. Mag. 2009, 4, 69–75. [Google Scholar]
- He, Y.Y.; Chen, L.Q.; Wang, L.L. An improved direct anonymous attestation scheme for M2M network. Proced Eng. 2011, 15, 1481–1486. [Google Scholar] [CrossRef]
- Zhang, K.S.; Chen, M.Z. Research of environment monitoring platform of mine area based on M2M. Ind. Mine Autom. 2013, 39, 63–67. [Google Scholar]
- Chen, D.; Chang, G.R. A survey on security issues of M2M communications in cyber-physical systems. KSII Trans. Internet Inf. Syst. 2012, 6, 24–45. [Google Scholar] [CrossRef]
- Shojafar, M.; Cordeschi, N.; Baccarelli, E. Energy-efficient adaptive resource management for real-time vehicular cloud services. IEEE Trans. Cloud Comput. 2016. [Google Scholar] [CrossRef]
- Javanmardi, S.; Shojafar, M.; Shariatmadari, S.; Ahrabi, S.S. Fr Trust: A fuzzy reputation based model for trust management in semantic P2P grids. Int. J. Grid Util. Comput. 2015, 6, 57–66. [Google Scholar] [CrossRef]
- Du, Q.H.; Li, W.Y.; Song, H.B. Security enhancement via dynamic fountain code for wireless multicast. In Proceedings of the International Conference on Wireless Algorithms, Systems, and Applications, Guilin, China, 27 May 2017; pp. 509–521. [Google Scholar]
- Nakamoto, S. Bitcoin: A Peer-to-Peer Electronic Cash System. Available online: https://bitcoin.org/bitcoin.pdf (accessed on 12 August 2017).
- Swan, M. Blockchain: Blueprint for a New Economy; O’Reilly Media: Sebastopol, CA, USA, 2015. [Google Scholar]
- Yuan, Y.; Wang, F.Y. Blockchain: The state of the art and future trends. ACTA Autom. Sin. 2016, 42, 481–494. [Google Scholar]
- Appel, A.W. Verification of a cryptographic primitive: Sha-256. ACM Trans. Program. Lang. Syst. 2015, 37, 7. [Google Scholar] [CrossRef]
- Fan, S.Q.; Wang, W.B.; Cheng, Q.F. Attacking openssl implementation of ECDSA with a few signatures. In Proceedings of the ACM Conference on Computer and Communications Security, Vienna, Austria, 24–28 October 2016; pp. 1505–1515. [Google Scholar]
- Li, X.Q.; Jiang, P.; Chen, T.; Luo, X.P.; Wen, Q.Y. A survey on the security of blockchain systems. Futur. Gener. Comput. Syst. 2017, in press, accepted manuscript. [Google Scholar] [CrossRef]
- Azaria, A.; Ekblaw, A.; Vieira, T.; Lippman, A. Medrec: Using blockchain for medical data access and permission management. In Proceedings of the 2nd International Conference on Open and Big Data, Vienna, Austria, 25–30 August 2016. [Google Scholar]
- Yue, X.; Wang, H.J.; Jin, D.W.; Li, M.Q.; Jiang, W. Healthcare data gateways: Found healthcare intelligence on blockchain with novel privacy risk control. J. Med. Syst. 2016, 40, 218. [Google Scholar] [CrossRef] [PubMed]
- Huckle, S.; Bhattacharya, R.; White, M.; Beloff, N. Internet of things, blockchain and shared economy applications. Proced Comput. Sci. 2016, 98, 461–466. [Google Scholar] [CrossRef]
- Hurich, P. The virtual is real: An argument for characterizing bitcoins as private property. Bank. Financ. Law Rev. 2016, 31, 573. [Google Scholar]
- Dorri, A.; Kanhere, S.S.; Jurdak, R.; Gauravaram, P. Blockchain for IOT security and privacy: The case study of a smart home. In Proceedings of the 2nd IEEE Percom Workshop on Security Privacy and Trust in the Internet of Things, Hawaii, HI, USA, 13–17 March 2017. [Google Scholar]
- Zhang, Y.; Wen, J. The IOT electric business model: Using blockchain technology for the internet of things. Peer-to-Peer Netw. Appl. 2016, 10, 1–12. [Google Scholar] [CrossRef]
- Xu, X.; Pautasso, C.; Zhu, L.; Gramoli, V.; Ponomarev, A.; Tran, A.B.; Chen, S. The blockchain as a software connector. In Proceedings of the 13th Working IEEE/IFIP Conference on Software Architecture, Venice, Italy, 5–8 April 2016. [Google Scholar]
© 2017 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/).
Share and Cite
Yin, S.; Bao, J.; Zhang, Y.; Huang, X. M2M Security Technology of CPS Based on Blockchains. Symmetry 2017, 9, 193. https://doi.org/10.3390/sym9090193
Yin S, Bao J, Zhang Y, Huang X. M2M Security Technology of CPS Based on Blockchains. Symmetry. 2017; 9(9):193. https://doi.org/10.3390/sym9090193
Chicago/Turabian StyleYin, Shiyong, Jinsong Bao, Yiming Zhang, and Xiaodi Huang. 2017. "M2M Security Technology of CPS Based on Blockchains" Symmetry 9, no. 9: 193. https://doi.org/10.3390/sym9090193