Blockchain Gets Applied to Cybersecurity

Understanding how Xage, a new industrial cybersecurity technology company, uses blockchain to create a secure fabric across connected devices.

Most everyone loves the idea of the Industrial Internet of Things (IIoT). After all, what’s not to like about the concept? With improved insights into granular production data, the business improvement possibilities are nearly endless.

The IIoT issue everyone worries about most, however, is security. If you connect all or most of your devices to communicate their data for analysis, that positions your facility as a major hacking opportunity, right?

Because of this conundrum, IIoT is seen by many as something of a risk/reward project. To mitigate the downsides of having a multitude of devices connected to the network, Xage has developed an approach to cybersecurity that uses blockchain—and other similar technologies—to create a secure network fabric.

The key to understanding how this works lies in first understanding the basic concept behind blockchain. In essence, blockchain is an online ledger (best known for its use in tracking bitcoin transactions) that can track transactions of any kind—funds, materials or even data. What makes blockchain so secure is that a blockchain ledger does not exist primarily in a central location. It exists on multiple servers simultaneously—and that’s what makes it secure. A change to the ledger in one place will not be carried out to all instances of the ledger without proper verification and authentication.

Like any technology, blockchain can be hacked. But its decentralized structure prevents any intrusive activities from being propagated across the network and affecting the structure or operation of the ledger. Every ledger and device in which it resides would have to be hacked simultaneously with all the proper authentication to have any effect. This process, centered on decentralization, is how blockchain creates security (i.e., not by having the critical data in one ultra-secure place, but by locating it in so many places that effective hacking is virtually impossible).

That’s why blockchain appears to be well suited to IIoT. Since the idea of IIoT is to connect as many relevant devices as possible to share as much data as possible for optimal analysis, using blockchain technology to house the data and propagate it across all devices on the network will secure the data in the same way bitcoin ledger data is secured across the Internet.

In other words, the very thing that worries industrial companies the most—connecting more and more devices to the network—could be the very thing that offers that network the most security. And that’s what’s driving Xage’s approach to industrial cybersecurity and its introduction of what it says is the first and only blockchain-protected security platform for the IIoT.

“What Xage (pronounced like sage with a “z” sound at the beginning) is trying to do is make ‘more’ better,” says Duncan Greatwood, CEO of Xage. “We want to turn the process of joining more devices together into the creation of a kind of mutual protection society so that the more things you connect, the stronger you make the system. This is what led us to blockchain, which has exactly these properties. The more nodes you have on the network, the more secure it becomes because an attacker has to overwhelm all the nodes to be successful.”

Greatwood explains that Xage makes devices on a system part of the blockchain in the same way that blockchain uses Internet servers. “Not every device has to be part of blockchain, but many devices on the system will be,” he says. “Think of the blockchain as providing security coverage at the industrial edge, which means it can be on smart meters in the field, in factories, on oil and gas platforms, on solar or wind farms, etc. Wherever industrial machines are is where Xage is deploying blockchain and from there the data will also spread into the cloud and into a central system too. We’re focusing on making it so that industrial security is not dependent on security provided at the center.”

Though Xage is a new company (officially launched in December of 2017), it has been working with several companies over the past 18 months to verify its technology in applications across industry. For example, Xage is working with ABB Wireless on power and automation projects requiring distributed security. The company has also partnered with Dell to deliver its security services on Dell IoT Gateways and the EdgeX platform for the energy production industry. Additionally, Xage is working with Itron, a utility technology solutions company, to enable intelligent power optimization applications by creating trust and controlling access between smart meters and power distribution infrastructure.

With so many new companies appearing in the industrial cybersecurity space over the past few years, I asked Duncan how—beyond Xage’s use of blockchain—he would explain the difference between Xage and the other ICS cybersecurity companies vying for attention in the market.

“The simplest distinction between us and other [companies in this field] is that we’re about prevention rather than detection,” Greatwood says. “The point of blockhain is that, even if an individual component is hacked, the consensus of the system as a whole will prevent the system as a whole from being hacked. It gets back to the more is better analogy—when a subset of a node is hacked, the consensus will reject the bad actions of the hacked node. For example, if a hacked node was trying to inject a false password and new user, then the blockchain will operate to reject that and self-heal. So it (Xage technology) covers some of the same grounds of self-healing that anomaly detection systems provide. But anomaly is more about detection (of such actions) than prevention.”

Xage’s gateways are the primary nodes deployed to create its blockchain cybersecurity system and fabric. Greatwood notes that its technology can also be deployed on other network devices. “Endpoints like smart meters can also participate unless it's operating at very low power; in that case the fabric will proxy the device to the rest of the system,” he says. “In most cases, the devices have enough power and compute capability to actively participate as blockchain nodes themselves.”

Blockchain also provides robustness for the system via its redundancy. “It is autonomous at the edge, meaning that it’s not reliant on a central control system,” says Greatwood. “As industrial systems get more diverse and widespread, you have to have this autonomous capability. Xage operates by taking policy and information from the center and pushing it into the fabric at the edge.”

While blockchain is central to Xage’s industrial cybersecurity technology, it is not its only security technology component. Another technology deployed within Xage is Shamir’s Secret Sharing, which divides up information into parts, giving each device on the network a piece of that information. To reconstruct the information, some or all the devices are needed to reconstruct it.

“Shamir’s Secret Sharing is analogous to blockchain in that it creates data privacy by scattering the data you want to secure among many nodes of the system and then, like blockchain, it has a treshholding mechanism. In other words, an agreed number of nodes have to agree together to give you the secure data in order to get access to it,” says Greatwood. “Blockchain is a great system of record, but it’s less focused on keeping data secure and private. We use Shamir with the Blockchain fabric to make a system that can keep data private and tamper proof. An added performance advantage [of Shamir’s Secret Sharing] is that we’re less dependent on the direct performance of the blockchain, meaning that many pieces of security can be handled at a higher level without requiring blockchain transactions to happen. As a result, blockchain becomes more like the ledger of record in that we don't have to continuously interact with it to ensure real time communications.”

Greatwood says the different technologies used by Xage “form a stack working together. They tend to be used simultaneously but, in some operations, only the higher levels of the stack are involved. For example, security caches and Shamir may be involved, but not necessarily the blockchain, for every operation. But when a technician is updating their password in the center, our system will push that info down into the fabric at the edge. Then it will involve all layers of the system.”

Companies in this article
More in IIoT