Smart-Cities’ Digital Infrastructure. A Paradigm Shift.

Is blockchain technology the “Columbus’ egg” of smart cities’ digital infrastructure?

The Future Of Our Cities

The notion of Smart City has gained increasing attention over the last decade or so by technologists, urbanologists, businesses and policy makers. The new paradigm of city that this notion entails is believed (included by the author of this article) to be a viable answer to the unprecedented urbanization rate that most nations are and will be experiencing worldwide.

Fundamentally, the whole idea of smart cities is about using smart technology — as well as data-driven, context-aware governance models — to mitigate or even preempt the challenges that will inevitably arise with an estimated 2 billion people moving into urban areas by 2050¹.

The technological element is seen as the enabler of a transition towards urban conglomerates capable of delivering efficient services, sustainable mobility and energy schemes, availability of healthcare resources, social cohesiveness and a new economic model in the face of those challenges.

A Bright Future Or Different Shades Of Gray?

As all things that come with big promises, smart cities also elicit a wide spectrum of reactions among commentators of new technological and social trends, spanning from the most enthusiastic praises to the most sceptical criticisms.

Ironically, one of the strongest criticisms focuses on the potential vulnerability of the very same smart technology solutions that are expected to make cities more resilient and robust towards social, economic and environmental stresses. A perfect example of this dichotomy is provided by the Internet of Things (IoT). On the one hand, this network of interconnected devices and digital assets is considered the main enabler of a more resilient, responsive and efficient city, providing the digital and physical infrastructure necessary for a better governance, a better provision of services and a better urban experience altogether. On the other hand, as cities increase their digital dependency, this capillary interconnectedness exposes them to internal and external cyber threats through an ever increasing potential attack surface.

Although I am prone to optimism and think that the smart city paradigm will change things of the better (I work, in fact, in the smart city industry), one cannot dismiss legitimate concerns, particularly when substantiated by unfortunate events like the Senrio Devil’s Ivy Attack² or the Mirai Botnet Attack³. What to do, then? It seems we are facing an impossible choice, where our city will be doomed either because of an unsustainable urbanization rate or because they will themselves manufacture their own digital downfall.

The concerns of the smart city detractors can be partly addressed by making common sense choices (such as favouring IoT devices that are designed for security over mere convenience) and adhering to best ICT practices (such as disabling Universal Plug and Play protocols on routers or avoiding the use of default passwords). But is there a more fundamental way of addressing the potential security issues of a heavily digitalized city? Is there a novel approach that brings a paradigm shift to “ICT as usual”?

The Blockchain Approach

Some descry this novel and more radical approach in the blockchain technology. To understand why, one should first realize that the current IoT ecosystems rely on a server/client paradigm, where the communication between devices is brokered by centralized cloud servers with enormous processing and storage capacities. Although this model can efficiently support the small-scale IoT networks of today, it is not technically suitable to respond to the growing needs of the huge IoT ecosystems of tomorrow.

Figure 1 — Current architecture of an IoT network. The different devices in an IoT network communicate with each other through a centralized cloud server, which collects and redistributes data from and to the network. The cloud server also provides data consumers with access to (some of) the data collected and / or exchanged by the devices.

Also, and more importantly from a security perspective, cloud servers are a centralized point of failure that can disrupt the entire network. This becomes increasingly relevant as more critical tasks are going to be integrated in the existing IoT ecosystems.

A strong concern about privacy also adds to the uneasiness that many feel in regard to the commonly envisioned digital infrastructure of smart cities. It is not difficult to imagine IoT devises and services being used to gather sensitive data by central authorities who then would be discretionally responsible for its security, storage and use.

Blockchain technology may offer a viable solution to tackle the security and privacy issues associated with the centralized architecture of current IoT networks. The term was first introduced by Satoshi Nakamoto in 2008⁴ and refers to an ingenious system devised to securely record the transactions that occur among the participants of a network in an immutable distributed database. In particular:

• All the nodes of the underlying network (i.e. all the nodes that can transact with each other) have a copy of this database. The database is called a distributed ledger, i.e. a distributed record of transactions.
• This ledger is structured as a chain of blocks — hence the term blockchain — that are cryptographically linked to each other. New transactions are bundled in new blocks and progressively added to the existing chain. Because of the cryptographic link between adjacent blocks in the chain, tampering with this ledger is virtually impossible and would require extremely intensive computation, with the associated energy and monetary costs.
• The rules that regulate how the ledger (i.e. the chain of blocks) is maintained, elongated and shared by all the nodes of the network are specified in what is called the consensus protocol. The consensus protocol proposed by Nakamoto (which underpins Bitcoin) allows for a decentralized, peer-to-peer communication and sharing system, where no master node or central server is independently in charge of approving the transactions and adding them to the ledger.

Security

The characteristics listed above make Blockchain an interesting candidate for the much needed new IoT paradigm. To start with, its decentralized approach would eliminate single points of failure, creating a more resilient ecosystem for IoT devices to run on. Also, the tamper-proof ledger cannot be manipulated by malicious actors because it doesn’t exist in any single location, nor there is a single thread of communication that can be intercepted. In addition to this, the computational, energy and monetary cost of attempting an attack with even the faintest chances of success — which are still to be considered in the realm of the statistically impossible — would be prohibitive⁵.

Figure 2 — The adoption of blockchain technology in IoT and smart cities’ digital infrastructure can lead to higher standards of security and privacy through the use of a distributed, cryptography-based ledger of machine-to-machine interactions.

Privacy

In a blockchain-based IoT platform, users are not required to trust any third-party like they would in a centralized network; all the nodes are always aware of the data that is being exchanged and how it is used, because the ledger recording all the machine-to machine interactions is shared by all the participants.

Also and importantly, although the transparent nature of the ledger allows to track transaction/interactions back in time through the network, the content of those transactions does not have to be openly accessible. Asymmetric cryptography can be used to make sure that only the legitimate recipient of the data transfer has access to the content of the transaction. This very concept has been successfully applied in the Bitcoin network, where only the intended recipient can access the content of a validated transaction — in that case a certain amount of coins. The same can be done for any other kind of transaction, where the data/information exchanged is of a different nature than the explicit monetary value of a cryptocurrency.

In addition to this, laws and regulations on how to exchange and use the data can be programmed in the blockchain itself and automatically enforced through its consensus protocol. This would make it easier to resolve, or even prevent, possible legal and regulatory disputes. The ledger could even be considered legal evidence in such disputes, since it is computationally tamper-proof.

Interoperability

Another aspect that the blockchain approach could successfully address is the lack of interoperability of the current IoT platforms and digital infrastructures. Although this is not necessarily a concern (like security and privacy) for smart city detractors, it is surely a massive bottleneck in the IoT space, hindering innovation in the sector and fragmenting the cities’ digital landscape into monolithic silos. The high competitiveness of the market does not encourage cross platform solutions, and without a new approach to data sharing and interoperability, the full potential of IoT will keep us wait for longer than necessary.

Although interoperability is not an inherent blockchain characteristic (different blockchain solutions can be implemented that are not mutually compatible), the advent of blockchain technology and its application in IoT can represent the catalyzing factor to promote new standards and encourage the industry to abide to an agreed set of specifications for data sharing. A concrete effort in this direction is being made by IoTeX, which proposes a blockchain architecture for heterogeneous computing⁶.

References

1. World Urbanization Prospects.
2. Hack Brief: ‘Devil’s Ivy’ vulnerability could afflict millions of IoT devices.
3. What is the Mirai Botnet?
4. Bitcoin: A Peer-to-Peer Electronic Cash System.
5. Architecting a Digital Fortress. The Bitcoin’s Consensus Protocol.
6. The privacy-centric blockchain platform that is fast, flexible and Internet of Things (IoT) friendly.