Blockchain security by design: innovation and security hand in hand

14 July 2017 • 4 min reading time

Blockchain is a wonderful and highly promising technology. But given the seriousness of incidents in recent years, it is no surprise that questions about security are being asked.

Even though everything appears to be in order, there is no ‘security by design’ - security that is thoroughly embedded in every layer of technology. Together with the Singapore University of Technology and Design (SUTD), TNO has decided to grasp the nettle and address the issue. The SUTD has a pioneering role in this field, worldwide, in the area of the Dark Web, Cybercrime and Blockchain Security in Singapore. By working together, we make up a unique combination for carrying out in-depth research into the security of blockchain and for thoroughly testing solutions prior to deployment.

Logical combination

TNO opened its Singapore office in 2013 as a regional hub for South-East Asia. It works closely there with INTERPOL Global Complex for Innovation in order to detect and combat criminal activities on the Dark Web. This is the encrypted part of the internet used by the underworld for crime-as-a-service, and arms and drug trafficking. Many transactions are paid using Bitcoins, the first successful example of blockchain technology. It was only logical that the initiative with the SUTD would result from that. When the first Bitcoin appeared in 2009, we as researchers immediately leapt upon the phenomenon. That’s because it is fascinating technology with unprecedented possibilities. One thing we wanted to find out is how we could best support businesses with knowledge regarding this subject. We quickly discovered that this excellent technology was being misused for criminal purposes, and how. So we have gradually shifted our focus towards security. Working together with the SUTD was obvious.

“When the first Bitcoin appeared in 2009, we as researchers immediately leapt upon the phenomenon”

Blockchain and security by design

Security by design is one of the priority areas of the SUTD. It particularly excels at fundamental and applied research into cyber security and has unique testing facilities for validating new findings at its disposal. Professor Aditya P. Mathur, the head of Information Systems Technology and Design at the Singapore university explains, “We have many years’ experience of experimentation in this field, and we possess in-depth knowledge of the infrastructure and underlying architecture. That knowledge is essential for developing new methods for security. Like TNO, we are of the opinion that we should tackle blockchain technology security in an integrated manner. Many parties are actively engaged with security issues but that always involves part solutions. We are perhaps the first to take security by design for blockchain as a starting point.”

Blockchain vulnerabilities

What dangers does Mathur envisage in particular if security is not as it should be and which sectors are the most vulnerable? Blockchain is only at the very beginning of a development whose progress cannot yet be predicted. Cryptocurrencies like Bitcoin and Ethereum are currently the most commonly used applications, and it was here that problems appeared first. Mathur explains, “In the case of Bitcoins, it concerns both theft of the digital currency and payment for criminal activities. And last year saw a large-scale hack of the Ethereum blockchain, which exposes the vulnerabilities of such chains. We want to use our solutions to prevent this from occurring before the emergence of new blockchain technologies for other applications.”

“Blockchain is only at the very beginning of a development whose progress cannot yet be predicted”

Broad-based approach and an international network

A series of activities are planned for us to be leaders in ‘blockchain security by design’: the development of custom-made reference architecture and security methods, technical guidelines, protocols, tests, certification, and training courses. When it comes to the allocation of roles, SUTD goes in depth; TNO works on a broader basis. We have an international network of companies and government bodies who we are actively involving in this activity. You have to work with international players in order to make a difference. Demand is considerable. The fact that even the National Institute of Standards and Technology (NIST) of the US government is showing interest is an indication that we have embarked on something essential. Everyone is contributing part solutions to incidents, but no one seems to have brought together different pieces of the puzzle.”

“We are focusing on both criminal activity and the wonderful applications that blockchain has in store”

Encouraging innovation and guaranteeing security

The emphasis lies not on what could go wrong, although prevention is very much one objective, but on the unprecedented possibilities for well-protected blockchain technology. "We are focusing on both criminal activity and the wonderful applications that blockchain has in store. We are thinking about how we can encourage innovation while at the same time guaranteeing security. The potential for innovation is enormous, so we are bringing these two activities together.” Mathur explains, “In the near future, blockchain will be as vitally important as electricity, water, and the internet. Incidentally, we at SUTD are highly specialized in the testing of these infrastructures. Everything is very neatly linked to everything else.”

Find out more about Dark Web solutions by TNO.


Want to know more about how TNO works on the development of Blockchain Technology?

Read more