Challenges in Designing Blockchain for Cyber-Physical Systems
With a combined population of 2.37 billion and a GDP of more than $US30 trillion, East Asia and the Pacific's economic growth has seen a huge increase in cooperation and competition.
With a combined population of 2.37 billion and a GDP of more than $US30 trillion, East Asia and the Pacific's economic growth has seen a huge increase in cooperation and competition.
With a population of 2.37 billion and a GDP of more than $US30 trillion, East Asia and the Pacific's economic growth has seen a massive increase in cooperation and competition in recent years. To foster more growth in the region, there must be an automation of business processes that guarantees fair and open collaboration across multiple stakeholders. Cyber-physical systems (CPS) can enable automation across cyber and physical domains. In addition, blockchain technology offers auditability, transparency, and decentralization, thus showing promise to enable further developments in the region's economy. Combining these technologies would allow for a broad range of unprecedented possibilities. However, incorporating blockchains for CPS is challenging.
In the last couple of years, we have conducted cutting-edge research across Australian institutions—namely UNSW Sydney, QUT, and CSIRO's Data61—where we explored addressing these challenges in different verticals (domains) and horizontals (challenges), as seen in the accompanying figure. In this article, we discuss some of our work to share our experience in tackling the specific challenges of scalability, trust, and privacy.
Figure. Diagram illustrating the extent of the challenges in incorporating blockchain for CPS applications, which spans across various verticals (blockchain scenarios or domains) and horizontals (the inherent challenges).
The append-only nature of blockchain raises concerns about scalability. With the passage of time, more records will be appended to the blockchain, which would consume a considerable amount of storage. Complex CPS applications, such as supply chain management, involve many participants requiring rapid read-write operations, necessitating a scalable blockchain.
In PrivChain, blockchain plays an instrumental role in verifying proofs, initiating relevant payments, and logging the results on-chain.
In ProductChain,3 we demonstrated how we addressed the scalability issues in blockchain-supported supply-chain management by leveraging parallel chains instead of a single large chain combined with a tiered architecture for access management. The idea of having parallel chains, called shards, is borrowed from parallel processing, where each shard maintains its own synchronized ledger, called a local ledger. ProductChain organizes the shards based on geographic zones, which are derived from the locality of the trade. To obtain a consolidated view, a global validator is responsible for returning on-chain data across multiple shards.
While blockchain enables trust-less interaction, it does not guarantee the trustworthiness of data, which may contain noise or be manipulated by a malicious entity, diminishing its veracity. The immutability of blockchain inherently exacerbates this condition, as inaccurate on-chain data cannot later be corrected. CPS applications thus require holistic trust mechanisms to ensure the end-to-end integrity of the collected data and the associated interactions.
To tackle this issue, we designed a layered trust architecture for generic blockchain-enabled CPS applications.1 We demonstrated how to afford an end-to-end trust mechanism by devising a reputation system for participating nodes. The architecture quantifies the trustworthiness of sensor observations by utilizing a node's confidence in its data and corroborating data from neighboring sensors. Additionally, the architecture establishes trust at the block-generation level through an adaptive block validation mechanism, increasing the overall throughput.
Blockchain stores information on transparent chained blocks replicated across all blockchain participants. While replication improves transparency, there is a trade-off between transparency and data protection. In the case of private blockchains, the information stored on-chain is sometimes associated with the identity of the contributing stakeholders to ensure trust. However, identity association makes it difficult to protect sensitive information. In the case of public blockchains, using pseudonyms introduces a level of anonymity, concealing the real identity from the public. However, blockchain de-anonymization is still possible by linking transactions with public keys used consecutively.
One solution is to generate and share computations and proofs of the data rather than the sensitive data itself. With PrivChain,2 a privacy-preserving blockchain-based supply chain management system, we demonstrated how to achieve that scenario. PrivChain leverages zero knowledge proofs (ZKP) and commitment schemes to resolve the privacy trade-off issue. ZKP allows someone to prove that some secret information is accurate without disclosing any detail about the secret, while commitment schemes allow for verification of a committed secret later in time. Supply-chain participants can thus share the proof of their supply-chain data related to their products instead of the raw data, which may pose privacy risks. In PrivChain, blockchain plays an instrumental role in verifying these proofs, initiating relevant payments, and logging the results on-chain. The verification of the proofs is automated on-chain through smart contracts, self-executing deterministic computer programs that run as per predetermined rules and logic.
Another solution would be to use different pseudonyms for each transaction in a public blockchain. We demonstrated how to achieve a privacy-preserving reputation system for a 6G-CPS,4 where each node utilizes changeable public keys in each transaction. To provide stronger privacy preservation, our reputation system utilizes interconnected public-private blockchains, using which nodes may store sensitive information on the private chain, while publicly viewable information is stored on the public chain for auditability purposes.
With our work addressing the issues mentioned here, the region could increase the benefits from blockchain and CPS in realizing fair competition with secure and transparent cross-border transactions. For instance, food producers from various locations in East Asia and Pacific could use ProductChain3 to facilitate open and secure trade operations, removing unnecessary paperwork that hinders efficient collaborations. Our reputation system1 can also be implemented as an additional layer of security, where reputation scores indicate the trustworthiness of the food producers in the supply chain network.
However, there remain abundant research opportunities for further exploration. Future work may investigate more efficient techniques for addressing these inherent challenges. For instance, to tackle unresolved scalability issues, further research may explore Layer-2 blockchain solutions, that is, efficiency and trustworthiness of computing operations that occur off-chain. It would also be worthwhile to explore blockchain-based data-sharing solutions for multiple application domains within CPS.
1. Dedeoglu, V., Jurdak, R., Putra, G.D., Dorri, A. and Kanhere, S.S. A trust architecture for blockchain in IoT. In Proceedings of the 16th EAI Intern. Conf. Mobile and Ubiquitous Systems: Computing, Networking and Services, (Houston, TX, USA, Nov. 2019). ACM, 190–199; doi: 10.1145/3360774.3360822.4
2. Malik, S., Dedeoglu, V., Kanhere, S.S. and Jurdak, R, PrivChain: Provenance and privacy preservation in blockchain enabled supply chains. In Proceedings of the 2022 IEEE Intern. Conf. Blockchain, Aug. 2022, 157–166; doi: 10.1109/Blockchain55522.2022.00030.
3. Malik, S., Kanhere, S., and Jurdak, R. ProductChain: Scalable blockchain framework to support provenance in supply chains. In Proceedings of the IEEE 17th Intern. Symp. Network Computing and Applications. (Cambridge, MA, USA, Nov. 2018), 1–10; doi: 10.1109/NCA.2018.8548322.
4. Putra, G.D., Dedeoglu, V., Kanhere, S.S., and Jurdak, R. Toward blockchain-based trust and reputation management for trustworthy 6G networks. IEEE Network 36, 4 (Jul/Aug 2022), 112–119; doi: 10.1109/MNET.011.2100746.
Guntur Dharma Putra is a lecturer in the Department of Electrical and Information Engineering at UGM, Indonesia. This work was done while he was a Ph.D. student at UNSW Sydney, Australia.
Sidra Malik is a postdoctoral fellow at CSIRO's Data61, Sydney, Australia
Volkan Dedeoglu is a research scientist in the Distributed Sensing Systems Group at CSIRO's Data61, Sydney, Australia
Raja Jurdak is a professor of distributed systems and chair of Applied Data Sciences, as well as Director of the Trusted Networks Lab at Queensland University of Technology, Brisbane, Australia.
Salil S. Kanhere is a professor in the School of Computer Science and Engineering at UNSW Sydney, Australia.