SecBluRed

Abstract

The SecBluRed project proposes a series of investigations aimed at increasing the cybersecurity of current IIoT systems, in a non-intrusive way (avoiding the need to modify it), or through new improvements that can be applied directly on OT systems (Operational Technology) to be able to face new threats based on new technologies (such as quantum computers). Additional devices are proposed to be incorporated into the communication networks used in current IIoT systems (with main focus on wireless networks), able to monitor and detect in real time incidents of leakage or manipulation of information The latter may endanger the physical safety of employees - safety.

The SecBluRed project proposes a holistic research approach to cybersecurity for the Industrial IoT (IIoT) in three axes of research:

• IIoT Securisation: Building secure IIoT systems: whose objective is to identify new complementary mechanisms to the current ones to increase the cybersecurity of IIoT systems, considering: 5G networks, post-quantum algorithms, self-sovereign identity, blockchain, cybersecurity prediction, digital passport for IoT and secure architectures
• BlueTeam: Industrial Systems Defense Mechanisms: whose objective is to provide additional cyber-defense mechanisms to an IIoT system, considering: hardware/software design of a cyber-intelligent wireless unit for network level protection, as well as the design and prototyping of a non-wireless communication and control unit with cybersecurity capabilities.
• RedTeam: Validate the proposed security and defense mechanisms: whose purpose is to minimize the likelihood of a security breach in IIoT systems through advanced testing techniques, such as: advanced monitoring and intelligent Fuzzing tests.

Details

I participated in the SecBluRed project as a researcher and developer, focusing on the design and implementation of identity management and information traceability mechanisms for IIoT systems using Distributed Ledger Technologies (DLT) and blockchain.

My main contribution was the deployment and configuration of a Hyperledger Fabric network, designed to provide secure, tamper-resistant storage and traceability of data generated by IoT devices. This blockchain infrastructure enables trusted data exchange and auditing across industrial environments through the use of smart contracts.

As part of this work, I designed and implemented:

An interaction API that allows IoT devices to securely publish and query data on the blockchain.

A management API for system administrators, enabling user and permission management, rule updates, revocation of access rights, and smart contract lifecycle management.

In parallel with the development tasks, I conducted a state-of-the-art analysis on the application of blockchain technologies in IIoT and OT cybersecurity. This research evaluated current approaches, feasibility constraints, and potential future improvement paths for integrating DLT-based mechanisms into industrial security architectures.

Through these contributions, SecBluRed advances the use of blockchain-based identity and traceability as a practical and scalable cybersecurity layer for industrial IoT systems.

Technologies

• Programming Languages: Go

• Blockchain & DLT: Hyperledger Fabric, smart contracts

• Security & Identity: Identity management, data traceability, permission control

• APIs & Integration: Secure interaction APIs, administrative management APIs

• DevOps & Deployment: Docker

• Domains: Industrial IoT (IIoT), Operational Technology (OT) cybersecurity