Blockchain technology hype has reached hyperbolic levels due to its promises of implementing an unbreakable, impenetrable digital ledger which purports to eliminate fraud and undue influence and manipulation from banking institutions, corporations, and governments.
This article seeks to provide a rational, fact-based , and extensive analysis of Blockchain from its origins, demonstrated successes and failures, technical requirements, real-world security, and leading implementations, keeping in mind possible applications to Industry 4.0 IIoT systems.
What is Blockchain?
Blockchain is the underlying cryptographic software technology upon which the Bitcoin cryptocurrency is based. Its core concept is a series of linked, encrypted data sets called Blocks. Each block can represent one entry in a financial ledger, such as a financial transaction between a consumer and a vendor. The integrity of each block is “inductive”, meaning its integrity is based on the collective integrity of every previous block in this chain of transactions.
Many potential uses for Blockchain technology are foreseen, however digital cryptocurrencies , distributed financial ledgers, Smart Autonomous Contracts, and providing traceability in supply chains, particularly food supply chains, are among the most discussed, and most potentially applicable to Industry 4.0 solutions.
The concepts upon which Blockchain is based find their origins in cryptography for wireless communications, as wireless communications became a strategic tool, particularly in the early-to-mid twentieth century. A series of more recent and closely related precursors to Blockchain can be found in publications from the 1980’s and 1990’s, such as a 1991 article by Stuart Haber and W. Scott Stornetta in the Journal of Cryptography, which proposed using cryptographic algorithms to time-stamp digital media documents to protect the documents from back-dating or forward-dating.
There is no official history or person to which the origins of Blockchain may be attributed. Most sources attribute its direct origin to a most-likely fictional individual with the name Satoshi Nakamoto in 2008.
How does it Work?
Achieving cryptographic protection for each block in a blockchain involves the use of mathematical “hashing” functions. The defining principle of a mathematical hashing function is that given any input, such as unencrypted transaction data, a single, somewhat short value, or “hash value” is produced. The mathematical algorithm used to produce this hash value is designed to be “one-way”, meaning the same unencrypted input always produces the identical hash value, however it is computationally expensive to the point of being impossible to start with the hash value and “work the function backwards” to reproduce the original unencrypted input. In addition, the algorithm must guarantee that no two inputs can possibly produce the identical output.
If someone succeeds at “working the function backwards” to reproduce the original input, or even partially succeeds by finding predictable patterns between sample inputs and outputs, this is known as “cracking the encryption”. Even partial success is a serious issue as computers can be used in a ‘brute force’ approach to evaluate millions of possible ‘keys’ in seconds (particularly with cloud computing services) to completely crack the encryption, potentially gaining complete access to every financial transaction in a particular blockchain ledger.
The most commonly used Blockchain hash function is SHA-256, designed by the United States National Security Agency (NSA). The NSA supplies the common ‘starting parameters’ for this algorithm in the US Federal Information Processing Standards (FIPS) publication 180-4. Conventional wisdom in the industry postulates that the SHA-256 algorithm is secure for now, however will likely be broken within the next 100 years.
So while there is a certain level of comfort that the foundational algorithms on which Blockchain is based are secure for the near future, we will later see in this article that other attack vectors, particularly the “social” vector may pose a more immediate threat.
The list of financial, high-technology and government as well as NGO entities experimenting with and implementing Blockchain services is extensive. A quick Internet search results in well-known names such as British Petroleum, BNP Parabas, J.P. Morgan, Mastercard, the governments of Japan and Singapore, Air France, Bank of England, Lufthansa, Fujitsu, and more, with all reporting successes and encouraging results.
A peek out from beneath those rose-colored Blockchain glasses is always warranted from time to time, particularly if your are considering betting your operations on this technology.
One of several recent examples of Blockchain-based Bitcoin losses include the Slovenian company NiceHash, which lost the equivalent of $77 million US as the result of a hacking attack for which the perpetrators and root exploit still have not been determined. (https://www.reuters.com/article/us-cyber-nicehash/hackers-steal-64-million-from-cryptocurrency-firm-nicehash-idUSKBN1E10AQ)
Other examples of successful Blockchain hacks are readily found in Internet searches. While the number of breaches coupled with the staggering amounts lost in each one definitely are cause for concern, it should be noted that for those incidents where a cause was determined, it was usually a human, social ‘attack vector’ that was exploited, such as a misconfiguration of a computer system by a system administrator that left an exchange temporarily unprotected, software implementation defects in Blockchain-based services that have since been fixed, and exploiting other channels to obtain credentials, such as hacked email accounts.
Nevertheless it is only responsible to state that we simply do not know, and may never know if any of these existing exploits in the past or future were based on cracking the core technology of Blockchain. This is a risk to be weighed in the decision-making process for implementing a Blockchain-based solution.
Now that we have the obligatory “Caveat Emptor” admonitions out of the way, let’s discuss the abilities and potential applications to Industry 4.0 of two leading Blockchain frameworks : Hyperledger and Ethereum.
Hyperledger is a collection of open-source blockchain projects under the Linux Foundation, the largest open source non-profit software organization in the world. Hyperledger was ‘seeded’ with work contributed by IBM, Intel, and others. Active participants and users of Hyperledger include Cisco, Fujitsu, IBM, Intel, NEC, J.P. Morgan, Wells Fargo, SAP and others.
Hyperledger Fabric is the open-source blockchain infrastructure used to create distributed ledgers. The Distributed Ledger concept involves created a ‘web of trust’ between multiple blockchain ledgers to overcome scalability and performance issues that would occur if only a single, global ledger were used for all the transactions in the world.
Another core feature of Hyperledger is the ability to create and execute “Smart Contracts“. A Smart Contract is essentially a general-purpose computer program ‘living’ in a blockchain having the ability to perform ledger credits and debits automatically by monitoring other transactions or simply acting on pre-programmed timing parameters.
For example, a company can create a Smart Contract for a business proposal where a shipment of palletized goods must be picked up from a certain location by a certain date and time, and delivered to another location by a certain date and time. The contract can also have built-in timeouts, such as invalidating itself if no one accepts within 2 hours of publication to the blockchain.
Ethereum is a blockchain-based distributed computing platform featuring Smart Contract capabilities. Ether is the name of Ethereum’s cryptocurrency, used to ‘pay for’ carrying out blockchain ledger transactions. The amount of Ether offered or charged is referred to as “Gas”, invoking the familiar metaphor of putting fuel in your tank to make your automobile move from point A to point B.
Ethereum has an international network of computing ‘nodes’ which are allocated to execute Smart Contracts.
The Enterprise Ethereum Alliance, or EEA, was formed in March 2017 by 116 enterprise member companies, including Microsoft, Intel, J.P. Morgan, Merck, MasterCard and Cisco.
Applications to Industry 4.0 IIoT
Securent sees stunning potential in the application of Smart Contracts enabled by IIoT systems to manufacturing, supply and distribution chains, particularly in Securent’s Cyber-Physical Tracker devices, which already have the capability to interact with Hyperledger and other Smart Contract service providers.
For example, Securent Trackers with their built-in cryptographic calculation and real-time , secure Internet access capabilities, can perform the following actions in the execution of a Smart Contract:
1. Report an accurate date and time as well as location on-demand
2. Report when a particular asset has entered or left a particular , user-defined geographic location, such as leaving an outgoing dock or arriving at an incoming dock.
3. Immediately report if an asset has encountered handling issues such as a bump or drop, or exposure to temperature or humidity conditions outside pre-programmed tolerances.
4. Report if an asset has sat idle at a single location beyond a pre-programmed tolerance, such as 4 hours.
Securent envisions, and is working on a proof-of-concept project where Securent Trackers become the cyber-physical ‘sensors’ that enable the execution and enforcement of Smart Contracts.
Contact Securent today to discuss the possibilities of Industry 4.0 Smart Contracts for your business!