Software-Defined Security-by-Contract for Blockchain-Enabled MUD-Aware Industrial IoT Edge Networks

To ensure the proper functioning and performance of Industrial grade IoT devices (IIoT) in Industry 4.0 networks, it is critical to identify the capabilities and malfunctions of their component devices (e.g., sensors, actuators, and controllers) and detect potential misbehavior arising due to cyber-attacks, and misconfiguration. We envision future IoT devices embed behavioral profiles through Security-by-Contract (SxC) that are easy to validate and verify against network security policies; manufacturers to provide Manufacturer Usage Description (MUD) profiles as a manifest for the devices to signal to the network what sort of access and network functionality they require to properly function. We design authentication in the IoT onboarding process, employ blockchains to a verifiable and immutable repository to store this network manifests, that are signed and verifiable with SxC based smart contracts by the device manufacturer, or industry authority. The integrated framework combines Blockchains and SxC security contracts, MUD-based behavioral fingerprinting, and Software-Defined-Networking (SDN) for managing the security of IIoT ecosystems. Finally, the proposed scheme is validated in a simulated IoT environment on various performance parameters.

[1]  Vijay Sivaraman,et al.  Combining MUD Policies with SDN for IoT Intrusion Detection , 2018, IoT S&P@SIGCOMM.

[2]  Fabio Massacci,et al.  Protecting the Internet of Things with Security-by-Contract and Fog Computing , 2019, 2019 IEEE 5th World Forum on Internet of Things (WF-IoT).

[3]  Akshay Pillai,et al.  Securing Firmware in Internet of Things using Blockchain , 2019, 2019 5th International Conference on Advanced Computing & Communication Systems (ICACCS).

[4]  Matthew Roughan,et al.  Clear as MUD: Generating, Validating and Applying IoT Behavioral Profiles , 2018, IoT S&P@SIGCOMM.

[5]  Xiaoyang Zhu,et al.  Building a secure infrastructure for IoT systems in distributed environments. (Une infrastructure sécurisée pour les systèmes IdO dans les environnements distribués) , 2019 .

[6]  Xiping Hu,et al.  Blockchain Based IIoT Data Sharing Framework for SDN-Enabled Pervasive Edge Computing , 2021, IEEE Transactions on Industrial Informatics.

[7]  Wang Zhen,et al.  A Blockchain-Based Trusted Data Management Scheme in Edge Computing , 2020, IEEE Transactions on Industrial Informatics.

[8]  Giuseppe Aceto,et al.  A Survey on Information and Communication Technologies for Industry 4.0: State-of-the-Art, Taxonomies, Perspectives, and Challenges , 2019, IEEE Communications Surveys & Tutorials.

[9]  Kotaro Kataoka,et al.  Trust list: Internet-wide and distributed IoT traffic management using blockchain and SDN , 2018, 2018 IEEE 4th World Forum on Internet of Things (WF-IoT).

[10]  Arun Kumar Sangaiah,et al.  Blockchain-Enabled Distributed Security Framework for Next-Generation IoT: An Edge Cloud and Software-Defined Network-Integrated Approach , 2020, IEEE Internet of Things Journal.

[11]  Vijay Sivaraman,et al.  Systematically Evaluating Security and Privacy for Consumer IoT Devices , 2017, IoT S&P@CCS.

[12]  Hicham Lakhlef,et al.  Internet of things security: A top-down survey , 2018, Comput. Networks.

[13]  Daniel Davis Wood,et al.  ETHEREUM: A SECURE DECENTRALISED GENERALISED TRANSACTION LEDGER , 2014 .

[14]  Elena Sitnikova,et al.  Towards the Development of Realistic Botnet Dataset in the Internet of Things for Network Forensic Analytics: Bot-IoT Dataset , 2018, Future Gener. Comput. Syst..

[15]  Vijay Sivaraman,et al.  Characterizing and classifying IoT traffic in smart cities and campuses , 2017, 2017 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS).

[16]  Antonio Skarmeta,et al.  Security Management Architecture for NFV/SDN-Aware IoT Systems , 2019, IEEE Internet of Things Journal.

[17]  Michael Devetsikiotis,et al.  Blockchains and Smart Contracts for the Internet of Things , 2016, IEEE Access.

[18]  Ali A. Ghorbani,et al.  Toward Generating a New Intrusion Detection Dataset and Intrusion Traffic Characterization , 2018, ICISSP.

[19]  Krishnashree Achuthan,et al.  SDN Framework for Securing IoT Networks , 2017 .

[20]  Xiaohong Jiang,et al.  Smart Contract-Based Access Control for the Internet of Things , 2018, IEEE Internet of Things Journal.

[21]  Ying Zhao,et al.  EdgeChain: An Edge-IoT Framework and Prototype Based on Blockchain and Smart Contracts , 2018, IEEE Internet of Things Journal.