IIoT security: Xage combines blockchain, digital fingerprinting

IoT security specialist Xage claims to have developed a tamper-proof system that protects Industrial Internet of Things (IIoT) assets with a combination of blockchain technology and digital fingerprinting.

As industries from manufacturing to oil and gas scale their networks and increasingly connect platforms, plants, and other entities, the threat of cyber attack looms large. Earlier this year, the US Department of Homeland Security reported that major Western energy suppliers had been targeted by nation-state hackers.

Fingerprinting digital assets

Xage claims to have a solution to that challenge. The startup already uses blockchain as part of its security fabric, distributing authentication and private data across a network of nodes in a way that allows industrial systems and sensors to work together at scale, securely.

On top of that is the process of digital fingerprinting, which attempts to reflect as much information as possible about every device or controller in the network. For example, the digital fingerprint stores a device’s configuration data, its hardware type, information about the software installed on it, the CPU ID, and the storage ID.

Should malware enter the system, the fingerprint identification would notice a change and shut down the device until human technicians are able to ensure its legitimacy.

The key is that Xage’s digital fingerprinting creates identities and authentication for systems that wouldn’t otherwise have them. Changes made to a controller or device are detected in real time, and suspect components are flagged and isolated.

The next phase is to create a cloud-based digital twin of every physical machine in the industrial environment. This is used to check the legitimacy of software changes and updates, and allows security teams to calculate what each device’s new fingerprint will be before an update occurs. In this way, the twin gives staff the power to distinguish between a genuine update and an external threat pretending to be one.

Removing the single point of failure

Central to the security of the fingerprinting mechanism is its deployment across a series of decentralised nodes. Here, blockchain removes the chance of there being a single point of security failure. If say, an oil company’s digital fingerprints were stored in a conventional manner, gaining access to them would be enough to compromise the entire system of connected devices.

Blockchain theoretically makes that impossible, as well as providing a way to authenticate new and current fingerprints. Combined, the fingerprinting, digital replicas, and decentralised distribution provide checks and balances across an industrial operators’ network of connected devices.

“As industrial control systems are increasingly networked, and as shared networks are used across multiple devices, new IoT cyber attack vectors are opening up, said Xage CEO, Duncan Greatwood.

“Not surprisingly, the rate of attack is increasing dramatically, motivated by theft, vandalism, and state-sponsored infrastructure compromise. In the face of this escalating exposure, we need to address the underlying security risks of IoT adoption now, before it’s too late.

“For the first time, blockchain-protected fingerprinting delivers tamper-proofing system-wide across industrial IoT processes, creating a fail-safe security layer that proactively mitigates against vulnerability,” he added.

Internet of Business says

This promising solution brings together two of the key technologies of the day: blockchain and digital twins, allowing organisations to capture the correct state of each device or piece of machinery, and share that information in the form of a distributed ledger. While blockchains themselves have their own security challenges, these typically take the form of coder graffiti.

With the emergence of AI into these fields – in the form of self-organising ledgers and digital twins that can learn – blockchain and digital twins are morphing into new forms and applications. Lighter, less resource-heavy spins on blockchain – such as Tangle / Directed Acyclic Graph data models – are also promising, as they may help tackle the speed challenges of highly distributed systems.

Malek Murison: Malek Murison is a writer, editor and tech journalist based in London. www.malekmurisonmedia.com
Related Post