{"id":14985,"date":"2022-08-23T08:00:00","date_gmt":"2022-08-23T15:00:00","guid":{"rendered":"https:\/\/csa-iot.org\/?p=14985"},"modified":"2024-08-28T10:52:10","modified_gmt":"2024-08-28T17:52:10","slug":"building-a-safe-and-secure-iot","status":"publish","type":"post","link":"https:\/\/csa-iot.org\/newsroom\/building-a-safe-and-secure-iot\/","title":{"rendered":"Building a Safe and Secure IoT","gt_translate_keys":[{"key":"rendered","format":"text"}]},"content":{"rendered":"\n<figure class=\"wp-block-image size-medium_large\"><img loading=\"lazy\" decoding=\"async\" width=\"768\" height=\"432\" src=\"https:\/\/csa-iot.org\/wp-content\/uploads\/2022\/08\/DCL-Blog-Graphic-768x432.jpg\" alt=\"\" class=\"wp-image-14986\" srcset=\"https:\/\/csa-iot.org\/wp-content\/uploads\/2022\/08\/DCL-Blog-Graphic-768x432.jpg 768w, https:\/\/csa-iot.org\/wp-content\/uploads\/2022\/08\/DCL-Blog-Graphic-300x169.jpg 300w, https:\/\/csa-iot.org\/wp-content\/uploads\/2022\/08\/DCL-Blog-Graphic-1024x576.jpg 1024w, https:\/\/csa-iot.org\/wp-content\/uploads\/2022\/08\/DCL-Blog-Graphic-1536x864.jpg 1536w, https:\/\/csa-iot.org\/wp-content\/uploads\/2022\/08\/DCL-Blog-Graphic-2048x1152.jpg 2048w, https:\/\/csa-iot.org\/wp-content\/uploads\/2022\/08\/DCL-Blog-Graphic-150x84.jpg 150w, https:\/\/csa-iot.org\/wp-content\/uploads\/2022\/08\/DCL-Blog-Graphic-1200x675.jpg 1200w, https:\/\/csa-iot.org\/wp-content\/uploads\/2022\/08\/DCL-Blog-Graphic-2000x1125.jpg 2000w\" sizes=\"auto, (max-width: 768px) 100vw, 768px\" \/><\/figure>\n\n\n\n<p>Would you buy a new car without the latest safety features like air bags, ABS brakes, and seat belts? Unless you\u2019re a crash test dummy, the answer is certainly no. Would you buy a used car without understanding where it came from and its accident history? Probably not! How about the smart and connected devices scattered about your home? Would you buy an IoT product without knowing if it was safe and secure, or without having confidence in its provenance? Today, that answer might be \u2018I\u2019m not sure\u2019 but soon, the answer will be \u2018of course not\u2019.<\/p>\n\n\n\n<p>This type of information can be securely stored and validated using a blockchain ledger. Like the technology employed to secure cryptocurrencies, the next generation of IoT standards incorporating blockchain components will provide data integrity and immutability through a decentralized ledger for devices.<\/p>\n\n\n\n<p>The Alliance is incorporating this Distributed Compliance Ledger (DCL) into specifications as part of the device development and commissioning process. The DCL is a cryptographically secure, distributed network that allows IoT device manufacturers, official test houses and the Alliance Test and Certification team to publish public information about a given device. This will start with specific information that will attest to the provenance and performance of the device, all be done \u201cbehind the scenes\u201d when a device connects to a Matter network.&nbsp;<\/p>\n\n\n\n<p>The Alliance and its members are using the DCL to \u201cup the game\u201d for the industry with a cryptographically secure, distributed ledger with no single company or entity in charge of the ledger. Properties of this permissioned blockchain framework include:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Multi-node network run by Alliance member companies<\/li>\n\n\n\n<li>Individually signed transactions using pre-approved keys<\/li>\n\n\n\n<li>Distribution of data across different geographical locations<\/li>\n\n\n\n<li>Consensus protocol to ensure majority approval<\/li>\n\n\n\n<li>Public reads with available cryptographic proofs attached<\/li>\n\n\n\n<li>Non-repudiation, transparency, and auditability<\/li>\n<\/ul>\n\n\n\n<p>Using blockchain and the DCL solves a host of issues that will ultimately benefit consumers, developers and manufacturers of devices and their associated firmware. This can include ensuring the latest firmware is installed or even weeding out counterfeit devices and firmware, as the platform provides \u2018trusted roots\u2019 also known as Product Attestation Authority to validate the provenance of a product and a mechanism to disperse revocation information to take a suspect device out of the network.<\/p>\n\n\n\n<p>The complete benefits of using blockchain and the Alliance DCL are fully aligned with the goals of providing secure, independently verifiable information around IoT devices and meeting the main objectives of having a centralized, secure, tamper-proof, imputable framework for IoT. For more detail on this holistic approach, the Alliance is working on a white paper which will delve further into the DCL.<\/p>\n\n\n\n<p>Looking into the future, DCL will enable additional sets of use cases. By participating in a blockchain distributed ledger, IoT devices can trust transactions that are cryptographically signed with their private keys. IoT devices can then make decentralized decisions for granting access by relying on secure keying material stored locally on the device. An example would be the requesting device being part of a transaction that targets a device created and signed with its own private key. The IoT devices can have signed firmware that denies all requests until it has been associated with a blockchain ledger. Once that happens, it will inherit security properties associated with a class of devices that are maintained in the ledger by the manufacturer. The Alliance\u2019s DCL is the first step in a potential global adoption of decentralized compliance ledger technology for IoT as a whole.<\/p>\n\n\n\n<p>In short, the marriage of IoT and Blockchain puts customers in charge of their own security by providing a trusted source of information about device provenance, certification status, and important setup and operation parameters. Today when we purchase a new car, we quickly scan the sticker to make sure it includes the safety equipment to keep us safe or the CARFAX\u00ae to check vehicle history. In comparison, certified IoT devices, backed by device attestation using blockchain, will feature the unique Matter logo, which will tell consumers that a nod to the amount of work that has gone into the standard to ensure it is as safe and secure as it can be.<\/p>\n","protected":false,"gt_translate_keys":[{"key":"rendered","format":"html"}]},"excerpt":{"rendered":"<p>Would you buy a new car without the latest safety features like air bags, ABS brakes, and seat belts? Unless you\u2019re a crash test dummy, the answer is certainly no.&hellip;<\/p>\n","protected":false,"gt_translate_keys":[{"key":"rendered","format":"html"}]},"author":6,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"content-type":"","_relevanssi_hide_post":"","_relevanssi_hide_content":"","_relevanssi_pin_for_all":"","_relevanssi_pin_keywords":"","_relevanssi_unpin_keywords":"","_relevanssi_related_keywords":"","_relevanssi_related_include_ids":"","_relevanssi_related_exclude_ids":"","_relevanssi_related_no_append":"","_relevanssi_related_not_related":"","_relevanssi_related_posts":"6677,6587,10945,6563,6733,25473","_relevanssi_noindex_reason":"","footnotes":""},"categories":[1343],"tags":[907,868],"post_author":[],"post_language":[1019],"post_folder":[],"class_list":["post-14985","post","type-post","status-publish","format-standard","hentry","category-articles","tag-connectivity-standards-alliance","tag-smart-home","post_language-english"],"gt_translate_keys":[{"key":"link","format":"url"}],"_links":{"self":[{"href":"https:\/\/csa-iot.org\/wp-json\/wp\/v2\/posts\/14985","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/csa-iot.org\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/csa-iot.org\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/csa-iot.org\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/csa-iot.org\/wp-json\/wp\/v2\/comments?post=14985"}],"version-history":[{"count":0,"href":"https:\/\/csa-iot.org\/wp-json\/wp\/v2\/posts\/14985\/revisions"}],"wp:attachment":[{"href":"https:\/\/csa-iot.org\/wp-json\/wp\/v2\/media?parent=14985"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/csa-iot.org\/wp-json\/wp\/v2\/categories?post=14985"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/csa-iot.org\/wp-json\/wp\/v2\/tags?post=14985"},{"taxonomy":"post_author","embeddable":true,"href":"https:\/\/csa-iot.org\/wp-json\/wp\/v2\/post_author?post=14985"},{"taxonomy":"post_language","embeddable":true,"href":"https:\/\/csa-iot.org\/wp-json\/wp\/v2\/post_language?post=14985"},{"taxonomy":"post_folder","embeddable":true,"href":"https:\/\/csa-iot.org\/wp-json\/wp\/v2\/post_folder?post=14985"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}