An Introduction to IoT
In 2008, the number of interconnected devices exceeded the number of humans living on the planet. This milestone in connected computing marked the unofficial birth of the Internet of Things (IoT), broadly defined as a network of objects, sensors, and software that exchanges information over the Internet. Since then, IoT has worked its way into nearly every industry and found utility in people’s everyday lives as familiar products like wearable health monitors and smart home security systems.
The data driven digital transformation of manufacturing by IoT is widely considered to be the fourth industrial revolution. IoT has transformed supply chain management, for example, by allowing companies to track the location of goods in transit and storage, monitor the environment around perishable goods for quality control and regulatory compliance, and reroute shipments when weather conditions change. IoT has also transformed the public sector by giving utilities the ability to detect leaks, notify residents of outages, and optimize the distribution of water, gas, and electricity.
Barriers to Widespread Adoption
The number of use cases for IoT in the public and private sector are nearly unlimited, but they all involve the generation and organization of large amounts of data from a distributed but connected network of sensors. However, issues relating to security and scalability have limited the use of IoT at larger scales and in more sensitive applications. IoT devices are particularly susceptible to distributed denial of service (DDoS) attacks, for example, where compromised devices (i.e. a botnet) are used to take control of a system or shut down a service. The security of IoT devices may also be undermined by a lack of password protection, an inability to patch exploitable firmware, or vulnerabilities in authentication protocols. Meanwhile, scalability is limited by bottlenecks in centralized systems that need to connect, authenticate, and authorize thousands or even millions of nodes in a network. Large servers may be able to handle the data flow, but material costs are high and the network is at risk of going down if the servers become unavailable.
The Promise of Blockchain Technology
Such limitations have garnered the attention of blockchain enthusiasts who advocate for the use of distributed ledger technology to add security, immutability, and decentralization to the information collected, stored, and transmitted by IoT devices. Specifically, blockchain provides greater cryptographic security to prevent data from being overwritten or tampered with, greater transparency to allow those with access to track transactions, and lower costs to reduce processing overhead. By 2017, dozens of blockchain companies devoted to applications like food traceability, energy sharing, and smart cities were in operation. IBM later joined the movement with the development of Food Trust, a blockchain-based food traceability network that was later adopted by major retailers including Walmart and Tyson Foods. The adoption of blockchain technology by industry leaders and its use in their IoT networks proved that the combination of the two was not just possible but commercially viable.
The Solutions Provided by Accumulate
Despite the benefits of blockchain technology, its widespread application in IoT devices is still hindered by high costs and transaction fees, limited data storage, and security concerns when data comes from a single source. Transaction fees can become prohibitively expensive when the number of IoT devices is large or the frequency of data generation is high. Long-term storage of all the data generated by an IoT network can still overwhelm a distributed system, which limits its growth. A single bad actor with the permission to access the data can add or delete entries or after data has been collected, which undermines trust in the network.
Accumulate solves these issues by assigning an identity to each sensor, hashing and pruning the data, and allowing companies to manage their keys over time. As explained in the Litepaper, identity is the core basis of the Accumulate blockchain. Each sensor is assigned a digital identity in the form of an Accumulate Digital Identifier (ADI), which prevents spoofing (e.g. the malicious use of duplicate sensors) and allows the user to monitor and audit data from an individual sensor in the network.
Sensor data is hashed in a Merkle Tree, which creates efficient cryptographic proofs of data validity, while the Patricia Trie creates efficient cryptographic proofs of the current state of the system. This data structure allows an entry to be “pruned”, or deleted from the Patricia Trie, while still maintaining proof that the event existed in the hashes of the Merkle Tree. In other words, you can keep the proof but throw away the data. From a practical point of view, there will probably be some roll-up data that an organization or utility cares about, but not for every device in the network. For example, voltage levels across every device in a power grid may be deleted after 6 months except for devices in particular locations. With Accumulate, you can prune the underlying data, extract the roll-up, delete the unnecessary data, but prove that the data the roll-up depends on existed.
Accumulate also provides a system of robust key management. As explained in the Litepaper, a hierarchy of keys allows a company to assign different levels of security to the manager of an ADI depending on the role of a keyholder and the perceived value of the data. The keys to an ADI can be managed just like signers on an account, so new ADIs don’t have to be issued with the departure or promotion of an employee, or when a company shifts responsibilities over time. In addition, data on the blockchain generated by an ADI can only be validated by someone with key access. An audit trail of their activity establishes confidence in the data across the IoT network.
ESG Scores as a Practical Application
One IoT use case for the Accumulate network is the generation of environmental data to provide an environmental, social and governance (ESG) score for a building to quantify its environmental friendliness. Temperature, humidity, and sound level sensors may be installed in the building to continuously monitor the parameters that comprise an ESG score. Business partnerships or investments may depend on the ESG score, which is important to a growing class of sustainable investors who seek to maximize the good their investment does for society and the environment. If an investor is using IoT data as part of their process of valuing the property, they need to make sure that the data was not fabricated by a property manager.
Accumulate provides a way to prove that the data is valid by assigning an ADI to each sensor and maintaining an audit trail. Proving that data came from a particular sensor on a particular floor in the building may also alert the property manager to the problem that is negatively impacting their ESG score. For example, a poorly insulated property on the ground floor that is generating an unexpected amount of heat. Meanwhile, pruning data after an evaluation but maintaining proof that the data existed may prove the innocence of the property manager if they’re later audited.