This project advances cybersecurity of large scale blockchain-enabled Internet of Things (IoT) systems via a novel organization of machine to machine (M2M) economy. Blockchain is a decentralized and distributed ledger. The IoT is a system of interconnected computing devices on which the emergence of 5G technology has an accelerating effect. The M2M economy is a collection of machines acting as economic agents that autonomously interact through sequences of transactions. Blockchain technology enables the registry of these transactions whose logic is articulated and coded in the form of smart contracts. These technologies have transformational potential and hold the promise of unprecedented economic growth, but they come with many vulnerabilities. This research contributes to the progress of science, advancement of prosperity and welfare, and securing the national defense through a new mechanism to enable security and cost efficient interactions on M2M platforms. The novel idea is to design market incentives such that services among machines are bought and sold based not only on their cost but also on the cyber-riskiness of the devices providing those services.
The project envisions decentralized systems that are self-adapting to cyber-risk and facilitate security and cost efficient interactions on platforms based on blockchain and IoT. The challenges are lack of: (a) real-time market design and self-optimization mechanisms; (b) scalable approaches for real-time attack identification across programs and high-level logics; (c) methods to assess M2M specific attack impact. Responding to these challenges, this project interprets the problem of creating a cyber-secure and economically efficient IoT/blockchain-based ecosystem as one of designing large-scale interconnected markets. Each of these markets has a price adjustment mechanism that may discriminate based on real-time cyber-risk. Collectively, these markets give rise to an overall emergent property of cyber-risks and economic efficiency self-adaptive optimization. Vulnerability assessment is the key to generate cyber-risk and price appropriate adjustments. This project comprehensively assesses M2M specific vulnerabilities by articulating attack graphs, hence contributing to characterizing the cyber-risk of decentralized applications for smart contract platforms. By using tools of random graph theory and percolation theory, the project provides a representative mathematical framework for understanding the cyber-risk of a IoT/blockchain-based ecosystem. Finally, as a showcase, the project applies the proposed mechanism to the use case of large-scale personalized treatment delivery.
This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.