What is Blockchain and Why is it Useful?

As the term ‘Blockchain’ appeared more and more frequently during my initial research, it seemed to be the logical next topic to explore, especially;

What is Blockchain?

 

To quote ‘s article on computerworld.com..

First and foremost, Blockchain is a public electronic ledger that can be openly shared among disparate users and that creates an unchangeable record of their transactions, each one time-stamped and linked to the previous one. Each digital record or transaction in the thread is called a block (hence the name), and it allows either an open or controlled set of users to participate in the electronic ledger. Each block is linked to a specific participant.

Why would it be useful?

Blockchain can only be updated by consensus between participants in the system, and when new data is entered, it can never be erased. The blockchain contains a true and verifiable record of each and every transaction ever made in the system.

This TED seminar entitled: How the blockchain will radically transform the economy, by Political Scientist, Entrepreneur and Activist, Bettina Warburg, served as a great introduction to the subject and the role it could in our modern lives.

Miss Warburg’s talk, explains why we stand to benefit from using Blockchain technology, however this and many other videos on the subject all focus on the financial / economic effects. This is evident in brief online searching, with the rise in popularity and media coverage of blockchain backed ‘cryptocurrencies’ such as Bitcoin, more viewers as switched onto and convinced of the potential financial gains to be made.

Jessi Baker’s startup company Provenance however seem to be exploring the benefits this technology could make to supply chains and product lifecycle applications.

As a platform, Blockchain can help aid data transparency along a supply chain, a trait which Miss Baker believes could be used to enhance retail experience, certifying a brand’s identify and core beliefs and give more power to consumers.

From my initial reading, I feel this technology and framework could be tailored to enhance the security in the digital manufacturing chain, when combined with the file integrity techniques currently championed by software companies like Identify3D.

Manufacturing organisations currently have plenty of options for securing and distributing their content to chosen vendors, but NDA’s and the threat of legal ramification are still relied on to ensure this data is not misused or shared without permission.

If a system existed, where encrypted digital manufacturing assets were distributed across a network, with access limited to select users and crucially the system would prevent unauthorised file use or modification, this could revolutionise the industry and simply thousands of workflows around the world.

Purpose of Information Security

Purpose of IS

The reason to implement information security procedures can be crudely broken down into six major topics, three for the data itself and another three for the users accessing the data.

  • Confidentiality – Preventing data being accessed or copied without approval.
  • Integrity – If data is manipulated, corrupted or overridden without permission.
  • Availability – Ensuring data cannot be erased or become inaccessible without permission.
  • Authentication – Confirming a user is who they claim to be.
  • Authorization – Confirming the user has permission to access the data.
  • Nonrepudiation – Preventing a user denying the performed their actions later on.

            (https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-12r1.pdf)

Information Security – Basics

Resource: Fundamentals of Information Security Systems: David Kim and Michael Solomom

What is Information Security? 

A collection of activities to protect IT systems and the data it.

 

Definitions:

  • Internet: Over 2 billion users worldwide, connected via the world wide web.
  • Cybersecurity: Role of a government to ensure national security.
  • Data / Information Security: Role of an organisation or individual to protect their data / assets.

 

Risks, Threats and Vulnerabilities:

  • Risk: Likelihood of something bad occurring & affecting a system or asset (Examples: Loosing data, Non-Compliance with laws, Loosing business).
  • Threat: Any action which could damage an asset, both synthetic and natural (Ie malicious exploits, flood damage, etc) Organisations should have a business continuity plan (BCP) and disaster recovery plan (DRP) in place in the event of a threat taking hold.
  • Vulnerabilities: A weakness in a system, allowing a threat to be realised. Often vulnerabilities result in legal action, hence software developers covering themselves with end-user agreements (EULA’s).

 

What is being protected?

  • Privacy Data of Individuals, (i.e. DoB, Address, Banking Details, Social Security, Utilities)
  • Corporate Intellectual Property (Trade secrets, product development, copyright/patents, reputation)
  • Online Transactions
  • Government (Security, Trade, Military Strategy)

 

What forms a ‘Network’?

  • Cabling
  • Physical Networks
  • Operating Systems
  • Specific Applications
  • Users / Staff

Cybersecurity in Digital Manufacturing – Initial Research

My second module explores the impact of cybersecurity in digital manufacturing chains. Finance, IT, Utilities and Defence sectors have all placed high priority and resources into protecting their digital assets for some time now, but it seems that only recently the manufacturing sector are taking appropriate action.

So where to start? Initially my research will explore cybersecurity in general, why it’s important, how it is implemented and the consequences of poor execution.

Next I intend to look into digital security concerns which are specific to the manufacturing sector, from protecting and tracing IP, motivations to ‘attack’ a manufacturing system and how these organisations should better protect themselves.

This will address current methodologies used as well as future innovations and software changes. I aim to speak with industry experts first hand to understand how seriously the industry and taking the threat of cyber-based attacks.

Following from this, I will look more specifically to additive manufacturing processes, the file formats and techniques currently used and to identify any weaknesses or possible ‘attack vectors’ in the AM workflow. All being well, I will carry out some first hand tests to investigate how a simple desktop 3D print system could be exploited.