There is a lack of tools or technologies that can protect the entire cyber supply chain and ensure that all software and firmware verified for their trustworthiness before they are integrated into EDS OT. We will develop permissioned blockchain based data provenance techniques to certify the software and firmware at all stages of an cyber supply chain in EDS so that the end-users can easily verify whether the purchased electronic component’s software or firmware is tampered with or not. We will develop integrity mechanisms for permissioned blockchain platforms so that critical data remains secure even in the presence of data breach attacks.
The approach proposed in this activity focuses on customized consensus engine for cyber supply chain provenance and security mechanisms in permissioned blockchain platforms. We will develop a customized consensus engine which will not require participants in the cyber supply chain to make significant investment on computation and will balance the tradeoff between number of transactions processed, transaction validation time, incentives and security rules set by participators in the cyber supply chain. We will develop a capability for encoding the electronic component’s firmware/software design into transactions while balancing tradeoff between validation accuracy and latency. We will develop strategies to encode the firmware/software design and their computed hash values will be encoded in the blockchain. The hash values and the firmware/software designs will be delivered through the cyber supply chain and participators at every stage can ensure authenticity of the design by verifying the hash values. However, allocation of appropriate incentives for the participants is another emerging challenge where the trade-off between the incentive and cost of participation in consensus needs to be resolved. We will develop game theoretic based incentive mechanism to self-motivate participators in order to participate in the consensus. We will develop a layer for security assurance within the blockchain architecture to protect the business critical data. Data and transactions will be encrypted using threshold cryptography, such that multiple validating nodes must interact in order to decrypt and compute over this data. This will ensure that business critical data is not revealed even in the event that some number of the validating nodes are compromised.
The team has developed an open source software tool (CyScPro).