Securing industrial devices attached to the cloud
Ericsson's Blockchain Data Integrity service can also ensure the security of devices attached to the industrial cloud. The various configuration elements of each device are verified as being in a proper state at a given time. When a device’s software, settings, or configuration must be updated, it is critical—and sometimes a regulatory requirement—to be able to verify the integrity of the configuration before a machine is placed into service.
IoT blockchain data integrity
In the Internet of Things (IoT), the data from the sensors is signed and verified similar to what was done in the prior use case example. In this case, we also sign and verify the configuration of the IoT devices themselves. An industrial IoT application might use the service to verify the integrity of its software supply chain, from when it receives data from a supplier to the commissioning of the systems. By verifying and monitoring firmware, configuration files, software packages, and network configurations throughout the integration process, a complex installation can be secured, with subsequent verification proving that none of the key deployed software or settings have been tampered with. This supports regulatory audit requirements and helps with resolving warranty claims.
The following use case illustrates how Blockchain Data Integrity is used to maintain data integrity for a user's digital resource.
John has created a piece a firmware to be used by a device that his company sells. John needs to make his firmware file publicly available, while at the same time assuring the company's customers that this is the version he wrote and that the file has not been tampered with.
After John has finished development of his firmware file and it is ready for distribution, he saves the file locally and then transfers it to the cloud via a specially designed application, which asks Blockchain Data Integrity to sign the file as it is uploaded. The application generates a special non-reversible cryptographic hash value based on the contents of John's firmware file. The application submits the hash value of the data to be signed through the blockchain data integrity service into the KSI blockchain infrastructure. A keyless signature is returned, which provides cryptographic proof of the time when the signature was created and of the integrity of the signed data. This signature is returned to the application so it can be linked to and stored with John's firmware file.
A user, Kate, wants to verify that John's firmware file has not been tampered with before she downloads the file and installs it on her device. Kate requests verification of John's firmware file via a specially designed application which asks Blockchain Data Integrity to verify that John's firmware file matches the signature generated when John used the application to sign and upload his file. The application retrieves the signature linked to John's firmware file, and asks Blockchain Data Integrity to verify the validity of the signature. The signature is validated by the service to ensure internal integrity, and then the signature is verified against a trust anchor. Once the signature is validated, the special non-reversible cryptographic hash value based on the contents of John's firmware file and the timestamp of the signature are extracted and returned to the application. The application then performs the same process of generating the original cryptographic hash value on the current contents of John's firmware file. The hash value returned from the blockchain data integrity service and the hash value generated from the current contents of John's file are compared. If the two values are equal, then the application notifies Kate that John's firmware has not been tampered with, and it is safe to download and install it onto her device.
If a malicious attacker has changed the data within John's firmware file residing in the cloud, the special cryptographic hash value returned from the verification request to Blockchain Data Integrity will not match the value generated by the application using the current version of John's file. The application would notify Kate that John's firmware file is not safe to download and install. John can be notified of the validation failure, and he can take appropriate measures to return his file contents to their original state.