Translation
Original language
15.06.2025
Ensuring Cyber Resilience of Smart City Digital Environment Through Protected Distributed Ledger Technology
Preamble: rationale behind the essay, relevance of the topic (fr om the chal lenge/opportunity standpoint)
The data integrity and availability assurance issues in “smart city” communica tion and information systems are of relevance due to the importance and critical nature of digitalization of industries in Russia and worldwide. Digital infrastruc ture of “smart cities” is a component of the economic infrastructure, and its par tial or complete failure can directly impact the life and health of people, business continuity, reliability of the social sector and urgency of emergencies. The proj ect is also of importance for SafeNet, a security product (security system) market of the National Technological Initiative. The project topic aligns with the current research and development programmes implemented by the world’s IT market leaders and by the “Digital Economy of the Russian Federation” government pro gramme (approved by Decree of the Government of the Russian Federation dated 28/07/2017 No.1632-r), which includes technologies for building distributed ledger systems and ensuring their information security among the key end-to-end dig ital technologies. The anticipated project results fully meet the world criteria of research in terms of ensuring the security and resilience of critical infrastructure facilities, “smart city” facilities and other infrastructure components of the econ omy, which are undergoing digital transformation (“Industrie 4.0” in Germany, “Made in China 2025” in the PRC, “Industry Innovation 3.0” in South Korea, etc.).
The scientific relevance of this problem involves broadening the scientific and methodological basics of information security of distributed ledgers by developing a suite of new models and methods for ensuring data accessibility and integrity on the basis of elliptic curve isogeny-based directed digital signature with delegated validation rights. Applying the project results for upgrading existing municipal communication and information systems will substantially accelerate their tran sition to a digital format and catalyze the technological, methodological and legal development of a digital economy.
Explaining the hypothesis based on analysis, statistical data or forecasts
The project for developing the technological concept of “smart cities” is, fr om the government’s perspective, one of the most significant avenues of economic development (the meeting minutes of the Digital Economy Subcommittee of the Government Committee for the use of information technologies for improving the quality of life and business environment dated 19/01/2018). Cities are undergoing a fundamental transformation. Their further development and ability to seamlessly integrate in the digitalization of the global economy will require architecture based on smart data storage, processing and transmission systems. The “smart city” con cept aims to solve these problems. According to calculations of McKinsey experts, there will be approximately 600 “smart cities” globally by 2025. In five more years these cities will generate almost 2/3 of the world’s GDP.
However, digitalization of the urban infrastructure requires not only trans ferring industrial and business processes in an information environment but also ensuring their mutual integration in order to establish a common IT ecosystem of the city. This necessitates building distributed ledgers that simultaneously rep resent a collection of data from various branches of the “smart city” and tech nologies enabling secure and efficient work with these data. These include the blockchain technology. The blockchain technology has a set of properties that help substantially enhance the operating security of “smart city” mechanisms and ensure its transparency and resilience to various types of adversity. Immuta bility of data already on the chain and the need for transactions to be confirmed by other participants of the process makes the authenticity of the stored informa tion undoubtable and allows for recording specific events in the interest of future incident investigations. Storage of the chains by all the blockchain participants ensures resilience to failures of individual members and improves the overall sys tem reliability. Implementation of the blockchain technology in modern distributed ledgers is associated with a number of restrictions and information security problems:
Additionally, attacks on decentralized systems built using the blockchain tech nology have been known to allow attackers to lim it access to distributed ledgers with pinpoint accuracy, deanonymize users of such systems, block transactions and carry out denial-of-service attacks (e.g., time counter attacks). These short comings do not sufficiently guarantee the integrity and availability of distributed ledgers and, consequently, make them unsuitable as a basis for critical information infrastructure of “smart cities”.
Research carried out under the project should eliminate these shortcomings and solve the fundamental problem of ensuring the integrity and availability of dis tributed ledgers of “smart city” data by using blockchain-like data storage systems and elliptic curve isogeny-based directed digital signature schemes with delegated validation rights.
Emphasis on the socioeconomic effects
From a practical standpoint, the entire set of project results and its individual achievements are to be used in information system protection design and assur ance for critical and general-purpose systems. Specifically, the models and meth ods developed under the project will make it possible to enhance the protection of such systems. Moreover, there are plans to use the distributed ledger model in spe cific practical solutions for the design, optimisation and management of informa tion processing in heterogeneous systems in smart home, smart building and smart city environments. Such protected distributed ledger systems will also be useful for digital manufacturing systems, unmanned transport control systems, digital power generation systems (digital substations and power distribution control systems). Methods for distributed ledger protection against integrity and availability threats to be developed under the project may be extrapolated to numerous similar block chain systems that are used for secure information processing in information sys tems across a range of scales. The set of methods under development can also be borrowed by BRICS+ countries for building an independent payment system using digital currencies and blockchain. New secure settlement mechanisms and digital tools are expected to boost the trade volume among BRICS+ countries by 5–7% growth annually and step up mutual settlements in national currencies, reducing the dependency on the US dollar and, in general, streamlining international eco nomic cooperation.
Alignment of the project with Russia’s Scientific and Technological Devel opment Strategy helps to develop Russian technologies for protecting buoyant large-scale information systems against cyberthreats by implementing protection methods not only at the processing level but also at the meta-level of transaction safety monitoring during data block transfer. Consequently, the solutions under development fall within the range of activities aimed at the development of unique Russian technologies and products to counter cyberthreats to the society, econ omy and government.
Overall conclusions, expected results
The project is anticipated to yield the following results:
1. A set of methods and algorithms for ensuring the integrity and availability of distributed ledgers for “smart city” data based on the blockchain technology
2. A method and algorithm for transaction verification on the basis of consor tium-oriented rules for solving the security problems of “young” blockchains and reward users for performing the work of transaction block verification
3. A network traffic anonymization method for blockchain system nodes making it possible to protect oneself from access restriction to blockchain systems and feeding false information on the condition of blockchain systems
4. A method for obtaining confidential information on the system time of nodes storing a distributed ledger, making it possible to defend from time counter attacks
5. A method for using one-time keys (wallets, addresses) that substantially com plicate the deanonymization of users in blockchain systems
6. A method for distributed ledger data anonymization on the basis of elliptic curve isogeny-based directed digital signature with delegated validation rights that ensures secure collective access of authorized subjects to distributed ledgers
7. A set of methods and algorithms for improving the operability of distributed ledgers in large-scale “smart city” systems
8. A blockchain building method on the basis of directed acyclic graphs making it possible to solve problems of low resilience to network separation and slow addition of new transactions to the blockchain
9. A floating genesis block blockchain building method solving the problems of storing the blockchain at nodes of low-capacity disk storage and long initial ization times for new nodes
10. A software suite of integrity and accessibility assurance tools for “smart city” distributed ledgers implementing the developed methods
11. An experimental segment of “smart city” digital infrastructure implemented in a virtual environment
12. An architecture and prototype of a universal software platform for protected distributed ledgers implementing the developed technology for an experimen tal “smart city” segment.
The scientific relevance of this problem involves broadening the scientific and methodological basics of information security of distributed ledgers by developing a suite of new models and methods for ensuring data accessibility and integrity on the basis of elliptic curve isogeny-based directed digital signature with delegated validation rights. This is an important scientific breakthrough that can be used by a number of sectors wh ere not only confidentiality (as in public administration or industry) but also integrity of data is critical (e.g. in digital services of city infra structure, such as transport, utilities and wide area surveillance systems).
Recent international publication in the project domain (their analysis is pre sented in a separate form under this application) reflect a shift from solving individ ual distributed ledger security problems to universal and comprehensive approaches (the analysis spans the period from 2018 to 2025). However, as indicated by post hoc analysis, problems of ensuring distributed ledger integrity and availability are not adequately investigated, to say nothing of being solved, which emphasizes the relevance of the problems addressed in this project and determines the novelty of the proposed solutions. The suggested approach is advanced from the standpoint of using a comprehensive solution for distributed ledger security problems.
The novelty of the anticipated results of the project lies in broadening the sci entific and methodological basics of information security of distributed ledgers by developing a suite of new models and methods for ensuring data accessibility and integrity on the basis of elliptic curve isogeny-based directed digital signature with delegated validation rights.
The interdisciplinary aspect of the project is due to the nature of distributed ledger systems and information security problems viewed through the lens of distributed ledger security as a protected asset. The distributed ledger technology is viewed and used as a data protection mechanism in distributed ledger systems but our knowledge about distributed ledgers as protected assets (asset requiring pro tection from a particular class of cyberthreats) is still limited. Information security problems lie at an intersection of technical sciences, control theory, legal and social sciences.
The social significance of the problem is due to the development of new, unprecedented methods and tools for the protection of distributed ledger technol ogy, which eliminate security threats in smart city digital environments.
This is a large-scale project that implies obtaining multiple novel world-class scientific and applied results. Results of the project will be officially registered as two pieces of software, its scientific results and data will be published in 6 high-im pact international journals, 4 journals included in the RSCI and presented at inter national conferences.
The study was supported by grant No. 24-11-20005 of the Russian Science Foundation, https://rscf.ru/project/24-11-20005/, and a St Petersburg Science Foundation grant (regional grant agreement No. 24-11-20005).
The data integrity and availability assurance issues in “smart city” communica tion and information systems are of relevance due to the importance and critical nature of digitalization of industries in Russia and worldwide. Digital infrastruc ture of “smart cities” is a component of the economic infrastructure, and its par tial or complete failure can directly impact the life and health of people, business continuity, reliability of the social sector and urgency of emergencies. The proj ect is also of importance for SafeNet, a security product (security system) market of the National Technological Initiative. The project topic aligns with the current research and development programmes implemented by the world’s IT market leaders and by the “Digital Economy of the Russian Federation” government pro gramme (approved by Decree of the Government of the Russian Federation dated 28/07/2017 No.1632-r), which includes technologies for building distributed ledger systems and ensuring their information security among the key end-to-end dig ital technologies. The anticipated project results fully meet the world criteria of research in terms of ensuring the security and resilience of critical infrastructure facilities, “smart city” facilities and other infrastructure components of the econ omy, which are undergoing digital transformation (“Industrie 4.0” in Germany, “Made in China 2025” in the PRC, “Industry Innovation 3.0” in South Korea, etc.).
The scientific relevance of this problem involves broadening the scientific and methodological basics of information security of distributed ledgers by developing a suite of new models and methods for ensuring data accessibility and integrity on the basis of elliptic curve isogeny-based directed digital signature with delegated validation rights. Applying the project results for upgrading existing municipal communication and information systems will substantially accelerate their tran sition to a digital format and catalyze the technological, methodological and legal development of a digital economy.
Explaining the hypothesis based on analysis, statistical data or forecasts
The project for developing the technological concept of “smart cities” is, fr om the government’s perspective, one of the most significant avenues of economic development (the meeting minutes of the Digital Economy Subcommittee of the Government Committee for the use of information technologies for improving the quality of life and business environment dated 19/01/2018). Cities are undergoing a fundamental transformation. Their further development and ability to seamlessly integrate in the digitalization of the global economy will require architecture based on smart data storage, processing and transmission systems. The “smart city” con cept aims to solve these problems. According to calculations of McKinsey experts, there will be approximately 600 “smart cities” globally by 2025. In five more years these cities will generate almost 2/3 of the world’s GDP.
However, digitalization of the urban infrastructure requires not only trans ferring industrial and business processes in an information environment but also ensuring their mutual integration in order to establish a common IT ecosystem of the city. This necessitates building distributed ledgers that simultaneously rep resent a collection of data from various branches of the “smart city” and tech nologies enabling secure and efficient work with these data. These include the blockchain technology. The blockchain technology has a set of properties that help substantially enhance the operating security of “smart city” mechanisms and ensure its transparency and resilience to various types of adversity. Immuta bility of data already on the chain and the need for transactions to be confirmed by other participants of the process makes the authenticity of the stored informa tion undoubtable and allows for recording specific events in the interest of future incident investigations. Storage of the chains by all the blockchain participants ensures resilience to failures of individual members and improves the overall sys tem reliability. Implementation of the blockchain technology in modern distributed ledgers is associated with a number of restrictions and information security problems:
- insecurity of “young” blockchains (a “51% attack”). None of the miners (entities directly writing to the blockchain) can control over one half of the total com puting of the network. “Young” blockchains do not usually have many indepen dent miners, making it easier for an adversary to gain control over a majority of the computing power (by cooperation or purchasing additional computing power) and modify the blockchain;
- low resistance to network separation. If the network separates into several isolated segments (e.g. due to communication link failures), each segment will develop its own version of the blockchain over time. When the network segments are reunited after restoring the communication links, the chain of block will contain a fork; as a result, the blockchain will only retain transactions belonging to the longest branch. All other transactions will be cancelled;
- difficulty storing the blockchain on devices with limited disk space (the block chain size grows linearly with time). At present, the blockchain size of bitcoin, a cryptocurrency (and the largest blockchain), exceeds 120 Gb;
- long startup time for new nodes. New network nodes must download and ver ify the entire blockchain. At present, the blockchain of bitcoin takes several days to download and verify;
- slow confirmation of transactions. Adding a new transaction to the blockchain may take minutes to hours.
- the need to encourage legitimate network participants in order to maintain infrastructure security by attracting new computing power.
Additionally, attacks on decentralized systems built using the blockchain tech nology have been known to allow attackers to lim it access to distributed ledgers with pinpoint accuracy, deanonymize users of such systems, block transactions and carry out denial-of-service attacks (e.g., time counter attacks). These short comings do not sufficiently guarantee the integrity and availability of distributed ledgers and, consequently, make them unsuitable as a basis for critical information infrastructure of “smart cities”.
Research carried out under the project should eliminate these shortcomings and solve the fundamental problem of ensuring the integrity and availability of dis tributed ledgers of “smart city” data by using blockchain-like data storage systems and elliptic curve isogeny-based directed digital signature schemes with delegated validation rights.
Emphasis on the socioeconomic effects
From a practical standpoint, the entire set of project results and its individual achievements are to be used in information system protection design and assur ance for critical and general-purpose systems. Specifically, the models and meth ods developed under the project will make it possible to enhance the protection of such systems. Moreover, there are plans to use the distributed ledger model in spe cific practical solutions for the design, optimisation and management of informa tion processing in heterogeneous systems in smart home, smart building and smart city environments. Such protected distributed ledger systems will also be useful for digital manufacturing systems, unmanned transport control systems, digital power generation systems (digital substations and power distribution control systems). Methods for distributed ledger protection against integrity and availability threats to be developed under the project may be extrapolated to numerous similar block chain systems that are used for secure information processing in information sys tems across a range of scales. The set of methods under development can also be borrowed by BRICS+ countries for building an independent payment system using digital currencies and blockchain. New secure settlement mechanisms and digital tools are expected to boost the trade volume among BRICS+ countries by 5–7% growth annually and step up mutual settlements in national currencies, reducing the dependency on the US dollar and, in general, streamlining international eco nomic cooperation.
Alignment of the project with Russia’s Scientific and Technological Devel opment Strategy helps to develop Russian technologies for protecting buoyant large-scale information systems against cyberthreats by implementing protection methods not only at the processing level but also at the meta-level of transaction safety monitoring during data block transfer. Consequently, the solutions under development fall within the range of activities aimed at the development of unique Russian technologies and products to counter cyberthreats to the society, econ omy and government.
Overall conclusions, expected results
The project is anticipated to yield the following results:
1. A set of methods and algorithms for ensuring the integrity and availability of distributed ledgers for “smart city” data based on the blockchain technology
2. A method and algorithm for transaction verification on the basis of consor tium-oriented rules for solving the security problems of “young” blockchains and reward users for performing the work of transaction block verification
3. A network traffic anonymization method for blockchain system nodes making it possible to protect oneself from access restriction to blockchain systems and feeding false information on the condition of blockchain systems
4. A method for obtaining confidential information on the system time of nodes storing a distributed ledger, making it possible to defend from time counter attacks
5. A method for using one-time keys (wallets, addresses) that substantially com plicate the deanonymization of users in blockchain systems
6. A method for distributed ledger data anonymization on the basis of elliptic curve isogeny-based directed digital signature with delegated validation rights that ensures secure collective access of authorized subjects to distributed ledgers
7. A set of methods and algorithms for improving the operability of distributed ledgers in large-scale “smart city” systems
8. A blockchain building method on the basis of directed acyclic graphs making it possible to solve problems of low resilience to network separation and slow addition of new transactions to the blockchain
9. A floating genesis block blockchain building method solving the problems of storing the blockchain at nodes of low-capacity disk storage and long initial ization times for new nodes
10. A software suite of integrity and accessibility assurance tools for “smart city” distributed ledgers implementing the developed methods
11. An experimental segment of “smart city” digital infrastructure implemented in a virtual environment
12. An architecture and prototype of a universal software platform for protected distributed ledgers implementing the developed technology for an experimen tal “smart city” segment.
The scientific relevance of this problem involves broadening the scientific and methodological basics of information security of distributed ledgers by developing a suite of new models and methods for ensuring data accessibility and integrity on the basis of elliptic curve isogeny-based directed digital signature with delegated validation rights. This is an important scientific breakthrough that can be used by a number of sectors wh ere not only confidentiality (as in public administration or industry) but also integrity of data is critical (e.g. in digital services of city infra structure, such as transport, utilities and wide area surveillance systems).
Recent international publication in the project domain (their analysis is pre sented in a separate form under this application) reflect a shift from solving individ ual distributed ledger security problems to universal and comprehensive approaches (the analysis spans the period from 2018 to 2025). However, as indicated by post hoc analysis, problems of ensuring distributed ledger integrity and availability are not adequately investigated, to say nothing of being solved, which emphasizes the relevance of the problems addressed in this project and determines the novelty of the proposed solutions. The suggested approach is advanced from the standpoint of using a comprehensive solution for distributed ledger security problems.
The novelty of the anticipated results of the project lies in broadening the sci entific and methodological basics of information security of distributed ledgers by developing a suite of new models and methods for ensuring data accessibility and integrity on the basis of elliptic curve isogeny-based directed digital signature with delegated validation rights.
The interdisciplinary aspect of the project is due to the nature of distributed ledger systems and information security problems viewed through the lens of distributed ledger security as a protected asset. The distributed ledger technology is viewed and used as a data protection mechanism in distributed ledger systems but our knowledge about distributed ledgers as protected assets (asset requiring pro tection from a particular class of cyberthreats) is still limited. Information security problems lie at an intersection of technical sciences, control theory, legal and social sciences.
The social significance of the problem is due to the development of new, unprecedented methods and tools for the protection of distributed ledger technol ogy, which eliminate security threats in smart city digital environments.
This is a large-scale project that implies obtaining multiple novel world-class scientific and applied results. Results of the project will be officially registered as two pieces of software, its scientific results and data will be published in 6 high-im pact international journals, 4 journals included in the RSCI and presented at inter national conferences.
The study was supported by grant No. 24-11-20005 of the Russian Science Foundation, https://rscf.ru/project/24-11-20005/, and a St Petersburg Science Foundation grant (regional grant agreement No. 24-11-20005).
Read full text
