How Blockchain Technology Can Improve Defence In Critical Infrastructures

Blockchain is a widely publicized technology which has the potential to be radically disruptive in private and public organizations alike. Although in the past it was driven mainly by financial technology (fintech) investments, currently it can have a deep and lasting impact in the security sector as well. The basic functionality provided by a blockchain is a cryptographically secure mechanism for obtaining a decentralized, append-only, publicly verifiable and immutable sequence of records, which is chronologically ordered by discrete timestamps. This functionality can drastically alter the critical infrastructure protection landscape in several ways. Two specific fields that will highly benefit from this technology and are further explained below are IoT protection in Critical Infrastructures (CI) and enhancement of collaborative intrusion detection systems. The IoT field is of special interest to Empelor due to the participation of Secocard - the company's main product, in the CIPSEC Unified Architecture.

Pieces of critical infrastructures often rely extensively on IoT devices which exchange and process data in a self-organized and autonomous way without human intervention. Therefore IoT nodes need to be able to recognize and authenticate each other as well as guarantee the integrity of their exchanged data. In addition, it is critical to ensure that the software running in IoT devices has not been tampered with by external (or internal but unauthorized) sources. The state and integrity of the software should be monitored for illicit changes at all times. The IoT part of critical infrastructures requires reliable methods of distributed, mostly password less, authentication of users, services and IoT endpoints but an efficient, centralized authentication and monitoring system is almost impossible to realize in an IoT network, mostly due to inherent constraints (size, complexity, computational capabilities, cost). A blockchain keyless signature infrastructure technology, offering complete time ordering of events in addition to integrity and trust, could be a unique value proposition in its potential to help optimize and secure IoT nodes in critical infrastructures.

Blockchain technology can significantly upgrade another defense mechanism commonly used in critical infrastructures protection - that of intrusion detection and more specifically that of collaborative intrusion detection. Although this is a well-known and well-studied field, two significant problems are associated with it - data sharing and trust management. Data sharing is a key concept in collaborative intrusion detection systems where information has to be exchanged between multiple nodes. It is is a challenging task to ensure that all participating parties trust each other and Public Key Infrastructure (PKI) has been used in the past to provide a level of trust but with mixed results. The second problem arises from the well-known fact that a central authority is normally necessary to assert the trustworthiness of a node, which can be problematic during insider attacks. Apart from the single point of failure problem, a compromised node can generate false alerts that will destabilize the intrusion detection process. Blockchain technology provides ways to mitigate these issues. In the case of the data sharing problem, a blockchain based solution can enhance mutual trust among collaborative parties. For the second issue, a solution has been proposed in the literature, where the alerts generated by each one of the nodes are considered as transactions in a blockchain and a special consensus protocol is followed before validating them in the blockchain.

Based on the above analysis, the CIPSEC roadmap should definitely include blockchain technology in a prominent position. Assuming that the CIPSEC 2.0 platform (the evolution of the current framework) will be blockchain-able, it will be able to offer significantly elevated protection using the latest technological advances. Empelor, who has contributed a programmable smart card reader to the project for authentication, has started to adapt in order to stay ahead of industry change. In particular, the company has acquired significant expertise in the blockchain technology within an energy-related project and is already moving towards reprogramming its platform - Secocard- to participate in the blockchain revolution era - initially as a light Node.