Date of publication xxxx 00, 0000, date of current version xxxx 00, 0000.

Digital Object Identifier xx.xxxx/ACCESS.2018.DOI

A Review on Blockchain Technologies

for an Advanced and Cyber-Resilient
Automotive Industry
PAULA FRAGA-LAMAS1, (Member, IEEE),
AND TIAGO M. FERNÁNDEZ-CARAMÉS1, (Senior Member, IEEE)
1
Department of Computer Engineering, Faculty of Computer Science, Campus de Elviña s/n, Universidade da Coruña, 15071, A Coruña, Spain.
(e-mail: [email protected]; [email protected])
Corresponding authors: Paula Fraga-Lamas and Tiago M. Fernández-Caramés (e-mail: [email protected]; [email protected]).
This work was supported in part by the Xunta de Galicia under Grant ED431C 2016-045, and Grant ED431G/01, in part by the Agencia
Estatal de Investigación of Spain under Grant TEC2016-75067-C4-1-R, and in part by ERDF funds of EU under Grant AEI/FEDER, UE.
Paula Fraga-Lamas would also like to thank the support of BBVA and the BritishSpanish Society Grant.

ABSTRACT In the last century the automotive industry has arguably transformed society, being one
of the most complex, sophisticated and technologically advanced industries, with innovations ranging
from hybrid, electric and self-driving smart cars to the development of IoT-connected cars. Due to
its complexity, it requires the involvement of many Industry 4.0 technologies, like robotics, advanced
manufacturing systems, cyber-physical systems or augmented reality. One of the latest technologies that
can benefit the automotive industry is blockchain, which can enhance its data security, privacy, anonymity,
traceability, accountability, integrity, robustness, transparency, trustworthiness and authentication, as well
as provide long-term sustainability and a higher operational efficiency to the whole industry. This review
analyzes the great potential of applying blockchain technologies to the automotive industry emphasizing its
cybersecurity features. Thus, the applicability of blockchain is evaluated after examining the state-of-the-art
and devising the main stakeholders’ current challenges. Furthermore, the article describes the most relevant
use cases, since the broad adoption of blockchain unlocks a wide area of short- and medium-term promising
automotive applications that can create new business models and even disrupt the car-sharing economy as
we know it. Finally, after a Strengths, Weaknesses, Opportunities, and Threats (SWOT) analysis, some
recommendations are enumerated with the aim of guiding researchers and companies in future cyber-
resilient automotive industry developments.

INDEX TERMS Blockchain; Distributed Ledger Technology (DLT); Industry 4.0; IIoT; cyber-physical
system; cryptography; cybersecurity; tamper-proof data; privacy; traceability.

I. INTRODUCTION and corporate car owners, service users, logistic businesses’

clients or end customers) involved in the vehicle lifecycle. In-
T he automotive industry is one of the most technologi-
cally advanced industries with innovations ranging from
hybrid, electric and self-driving smart cars to the Industrial
dustry 4.0 harnesses the advances from multiple fields, which
allow for the massive deployment of sensors, the application
Internet of Things (IIoT) integration in the form of IoT- of big data techniques, the improvements in connectivity
connected cars. Under the Industry 4.0. paradigm [1], which and computational power, the emergence of new machine
represents the next stage in the digitalization of the sector, learning approaches, the development of new computing
the automotive industry is facing operational inefficiencies paradigms (e.g., cloud, fog, mist and edge computing), novel
and security issues that lead to cyber-attacks, unnecessary human-machine interfaces [2]–[4], IIoT enhancements [5]
casualties, incidents, losses, costs and inflated prices for or the use of robotics and 3-D/4-D printing. The increasing
parts and services. Such issues are currently passed on to the capabilities offered by complex heterogeneous connected
different and heterogeneous stakeholders (i.e., individual and autonomous networked systems enable a wide range of

VOLUME 9, 2016 1
 P. Fraga-Lamas, T. M. Fernández-Caramés: A Review on Blockchain Technologies for an Advanced and Cyber-Resilient Automotive Industry

features and services, but they come with the threat of mali- For instance, in [25] the authors reviewed the main security
cious attacks or additional risks that make cybersecurity even issues that blockchain can tackle. Other works focused on
more challenging. In scenarios where the controlled systems specific security aspects. An example is presented in [26],
are vehicles or vehicle-related systems, public safety is at where a cloud-based access control model is proposed. Other
stake, therefore strong cybersecurity becomes an essential authors [27] focused on user identity management for cloud-
requirement. based blockchain applications. Regarding the utilization of
According to a Frost & Sullivan forecast regarding near- blockchain for specific applications, in [28] it is used to
future investments [6], automotive IIoT spend is bound to guarantee security and scalability in smart grid commu-
increase from $ 12.3 bn in 2015 to $ 36.7 bn in 2025 at nications. Similarly, a Cyber-Physical System (CPS) [29]
a Compound Annual Growth Rate (CAGR) of 11.5 %. In that makes use of a payment system based on reputation is
addition, the digital retailing in automotive IoT spending will presented in [30]. An interesting work is presented in [31],
increase at a CAGR of 29.1% from 2015 to 2025 and data where a framework for fighting cyber-attacks when multiple
driven business models will grow to a CAGR of 35% from organizations participate in information sharing is proposed.
$ 524.4 mn in 2015 to $10.5 bn in 2025. Automotive ICT In the article, some game-based cyber-attacks are formally
spending is expected to increase from $ 37.9 bn in 2015 to analyzed and validated through simulations. Finally, in [32],
$ 168.7 bn in 2025 with a CAGR of 16.1% due to new digiti- the authors review the use of blockchain and Content-Centric
zation initiatives that will include pilot software projects that Networking (CCN) to ensure the security requirements for
will involve automotive Original Equipment Manufacturers trusted 5G vehicular networks.
(OEMs) and Tier 1s. Furthermore, OEMs digital transforma- In contrast to the references previously cited, this work
tion strategy roadmap is to currently develop digital services presents a holistic approach to blockchain for the automo-
and move to a Car as a Service (CaaS) business model in the tive industry that includes both the basics for designing
2020s to then develop a Mobility as a Service (MaaS) model blockchain-based cyber-resilient applications and a detailed
to eventually position the vehicle as an element of the future analysis on how to deploy and optimize blockchain tech-
connected living solutions by 2030s. nologies for the automotive industry. In addition, this paper
In this context, blockchain technologies represent nowa- is aimed at providing a global vision on how blockchain
days a move in the evolution of the Internet, enabling the can transform the automotive sector radically and thus tackle
migration from the ‘Internet of Information’ to the ‘Internet part of its current challenges. The specifics of the blockchain
of Value’ and the creation of a true peer-to-peer sharing implementation and other technical details of each use case
economy [7], [8]. According to a World Economic Forum are out of the scope of this article.
survey report, 10 % of the worldwide Gross Domestic Prod- The rest of this paper is organized as follows. Section
uct (GDP) will be stored on a blockchain by 2027 [9]. II reviews the most relevant security aspects involved in
Considering also the prospects of the automotive ecosystem, a blockchain-based development. Section III overviews the
blockchain technology can offer a seamless decentralized main issues and inefficiencies of the automotive industry and
platform where information about insurance, proof of own- details a methodology for determining whether blockchain
ership, patents, repairs, maintenance and tangible/intangible can help to tackle such issues. Section IV identifies scenarios
assets can be securely recorded, tracked and managed. The where the automotive industry could leverage blockchain
ensured integrity of ledgers is one of the main aspects when capabilities to enhance security, to reduce costs and to in-
dealing with transactions between the participants of the crease operation efficiency. Section V analyzes optimization
automotive industry. Their accuracy and immutability is es- strategies for designing blockchain-based automotive appli-
sential for enforcing real-life contractual relations, avoiding cations and studies their main challenges. Finally, Section VI
poor practices and efficiently managing the supply chain. is devoted to conclusions.
Furthermore, the ability to access verified data in real-time
opens up a realm of opportunities and business models such II. BLOCKCHAIN BASICS FOR CYBERSECURITY
as the automation of processes through Internet of Things A blockchain is a distributed ledger based on a chain of
(IoT) [10]–[14] and smart contracts, advances in predictive linked blocks that enables sharing information among peers
maintenance and forensics, smart charging services for elec- and that provides a solution for the double-spending problem
tric vehicles, peer-to-peer lending, leasing and financing, or [33]–[35].
the introduction of novel models of collaborative mobility or Blockchain can provide multiple security benefits, which
MaaS. are detailed in the next subsections and are summarized in
Although a detailed description on the inner workings of Figure 1, including the ones required by a cyber-resilient
blockchain technology is out of the scope of this paper, application: decentralization, cryptographic security, trans-
the interested reader can find detailed information in re- parency and immutability.
cent general reviews [15]–[23]. Specifically, a comprehensive
overview on blockchain that emphasizes its application to A. TAMPER-PROOF DATA
IoT is provided in [24]. There is not much research work Any industry with different stakeholders needs a unique
focused on the use of blockchain to enable cybersecurity. consistent data structure to read, update and take decisions

2 VOLUME 9, 2016
P. Fraga-Lamas, T. M. Fernández-Caramés: A Review on Blockchain Technologies for an Advanced and Cyber-Resilient Automotive Industry

SMART CONTRACT ENFORCEMENT AND AUTONOMY

NO SINGLE
IDENTITY ACCESS
POINT OF PRIVACY
DATA SECURITY
FAILURE

Resistance to Use of advanced Decentralized

Confidenciality
attacks cryptography identity schemes access control

Sustainable SCM Redundancy Integrity

Availability

FIGURE 1: Blockchain key capabilities for cybersecurity.

[36]. Once a transaction is created in the blockchain, a new a node is detected, the system is able to block its updates.
timestamp is recorded so that further modifications after such
a timestamp will not be allowed. Traditional timestamping C. PRIVACY
mechanisms rely on a trusted server that signs and times-
Blockchain uses public-key cryptography for providing se-
tamps the transactions with its own private key. Nevertheless,
curity and privacy. Nowadays, there are two main public-key
there is a risk: a malicious server might sign past transactions.
cipher suites for Transport Layer Security (TLS) [46], [47]:
Timestamping may be distributed, but then it can be prone
Rivest–Shamir–Adleman (RSA) based cipher suites [48] that
to Sybil attacks [37], which blockchains like Bitcoin [38]
also make use of RSA as the key exchange algorithm [49],
prevent by linking blocks and using a Proof-of-Work (PoW)
[50]; and Elliptic Curve Diffie-Hellman Exchange (ECDHE),
consensus mechanism. Another authors propose a decentral-
which is based on Elliptic Curve Cryptography (ECC) and
ized timestamping service utilizing a similar concept of the
performs exchanges through Ephemeral Diffie-Hellman [51].
long-term signature scheme standardized by ETSI [39] or
Previous papers have already demonstrated that, in general,
a method to construct a secure and trusted timestamping
ECC is faster [52]–[55] and more energy efficient [56]–
authority [40].
[62] than RSA. Nonetheless, in 2015 the National Security
Agency (NSA) discouraged the use of Suite B, a set of
B. NO SINGLE POINT OF FAILURE cryptographic algorithms that made use of RSA and ECC.
Blockchain performs data recording and storing using syn- Apparently, the reason for such a statement was the fast
chronous communication among the nodes through open- evolution of quantum computing. In addition, National In-
source sharing protocols. Open-source code has the advan- stitute of Standards and Technology (NIST) announced its
tage of being less prone to be altered by malicious parties, plan to move forward to post-quantum schemes [63]. Recent
since it is monitored continuously by multiple contributors. developments in that way are described in [64]–[66] and in
However, like any other form of software, it can contain bugs [67], where a cryptocurrency scheme based on Post-Quantum
and vulnerabilities. Blockchain (PQB) is defined.
Unlike traditional centralized databases, which store data It is also important to note that every user of a blockchain
in centralized clouds or server farms, a full blockchain node is identified by a public key or its hash. Although, to protect
(a node of the blockchain that validates transactions) has a privacy, public keys are independent from the identity of a
complete copy of the whole blockchain. This mechanism user, it is possible to determine certain identities by analyzing
may derive into redundancy to some extent in specific sce- the performed transactions [68], [69], although such an anal-
narios, but the network becomes fault-tolerant and more ysis can be made more difficult by using multichains [70]
reliable. In contrast, in cloud-centered architectures the cloud or mixing protocols [71]–[73]. In addition, zero-knowledge
may become a single point of failure [41], since it can be proofs can be used for authentication, which enable proving
unavailable due to multiple reasons (e.g., Denial of Service that someone owns certain information without revealing it
(DoS) attacks, maintenance tasks, software problems), and, [74]–[77].
therefore, the entire system may stop working. Moreover, With respect to hash functions, they are essential for a
only one single rogue node is required to alter the network blockchain, since they are needed for signing transactions.
performance through DoS attacks [42], eavesdropping or Therefore, hash functions should be fast and secure in terms
modifying the collected data [43]–[45]. To avoid the previ- of collision avoidance [78], [79]. Examples of such hash
ously mentioned problems, a blockchain distributes its com- functions are SHA-256d, SHA-256 and Scrypt, which are
puting power among multiple nodes and, when a threat from already being used by multiple cryptocurrencies [80]–[85].

VOLUME 9, 2016 3
 P. Fraga-Lamas, T. M. Fernández-Caramés: A Review on Blockchain Technologies for an Advanced and Cyber-Resilient Automotive Industry

Finally, it is also worth noting that privacy has been re- data transactions should be protected. This is a problem
cently considered as essential in different recent initiatives in centralized storage systems, which are really common
[86]–[88], which have suggested the use of techniques like in finance or industry, since such an infrastructure can
ring signatures [89] or homomorphic encryption [90]–[93]. suffer attacks or internal leaks [101], [102]. To prevent
such issues, blockchain decentralizes storage. Thus, if
D. IDENTITY MANAGEMENT a node becomes compromised, the rest of the system
It is defined by the ISO/IEC [94] as the processes and policies should operate normally.
involved in managing the life cycle and value, type and To preserve the confidentiality of a user, his/her pri-
optional metadata of attributes in identities for a particular vate key has to be protected, because such a key is what
domain. Therefore, the identity provider controls the autho- is needed together with the user’s public key in order to
rization of the different entities. Several approaches can be impersonate him/her. Key management systems like the
considered: one proposed in [103] can help to avoid key tampering.
ï Centralized schemes: the owner is a single entity that Moreover, blockchain technology can also prevent
controls the system. It must be noted that their scope and IP spoofing and forgery attacks [41]. Furthermore,
utilization usually transcends this central organization blockchain can help certificate authorities and support
(e.g., governments issue national identity cards valid for initiatives like Google’s Certificate Transparency [104]
numerous entities). in order to prevent fake certificates [105].
ï Federated schemes: the information, initially estab- ï Integrity. It prevents data modifications from unautho-
lished in one security domain, can be utilized to access rized users. Moreover, it allows for recovering informa-
another domain (e.g., single sign-on schemes). tion modified by authorized users in case certain damage
ï User-centric schemes: the identity is owned and con- occurs.
trolled by the single end-user (e.g., network anonymiza- Blockchains are conceived for storing data so that, once
tion). stored, it is very difficult to modify them. However, in
For instance, decentralized identity schemes have emerged very exceptional cases information can be altered by
recently. Current strengths and challenges of applying DLT using hard forks, which originate a divergence from the
to identity management together with the evaluation of three previous version of the blockchain.
proposals (i.e., uPort, ShoCard, and Sovrin) are analyzed in In the case of collecting information from third-parties
[95]. An example of implementation is illustrated in [96], (e.g., in financial or industrial processes), data in-
where a permissioned blockchain with distributed identity tegrity is essential, especially when such parties are not
management is used to increase security protection by rotat- trusted beforehand. To solve this problem, some au-
ing asymmetric keys. thors proposed a cloud-based framework for IoT devices
An experimental cybersecurity cloud testbed with that preserves information integrity with the help of a
blockchain-based user identity management is described in blockchain [106].
[27]. The article includes experimental results of a penetra- ï Availability. It is the possibility of accessing the sys-
tion test in an Hyperledger application. Other authors [97] tem data when needed. A blockchain guarantees the
presented a cloud identity management solution to ease the availability by distributing data among peers. However,
creation of secure Infrastructure as a Service (IaaS) cloud in some scenarios, availability can be compromised
federations. Other works focused on specific authentication through attacks. The most feared is the 51-percent at-
schemes such as the proposed Horcrux protocol [98] that tack (also called majority attack), where a single miner
allows the end-users of self-sovereign identity to have the (i.e., a transaction validator) can control the whole
control of accessing their identities through a biometric au- blockchain and perform transactions at wish. In this
thentication, or a cryptographic membership authentication case, although data are available, the availability for
scheme to support blockchain-based identity management performing transactions can be blocked by the attacker.
[99]. Obviously, data integrity is also affected by this attack.

E. ACCESS MANAGEMENT G. SMART CONTRACT ENFORCEMENT AND

It represents the policies, processes and tools to identify, AUTONOMY
control and manage the authorized access to a system or Effectively, a smart contract takes the terms of a traditional
application. For example, a system to control access and contract, encoding it up in the form of a business process
permissions through a blockchain is proposed in [100]. and sharing it around the business network. Smart contracts
are verified and signed when they are distributed across
F. INFORMATION SECURITY the business network. A smart contract is actually a piece
Three main properties of the exchanged information should of decentralized code that is stored on the blockchain and
be preserved in order to consider it secure: that runs autonomously when certain conditions are fulfilled.
ï Confidentiality. Unauthorized accesses should not be Therefore, there is no concept of reneging on a smart con-
allowed to critical information. Therefore, the privacy of tract.

4 VOLUME 9, 2016
P. Fraga-Lamas, T. M. Fernández-Caramés: A Review on Blockchain Technologies for an Advanced and Cyber-Resilient Automotive Industry

A smart contract can be regarded as an executable program In practice, oracles are responsible for the correct exe-
that follows certain legal terms to manage physical or digital cution of a smart contract, since the insertion of incorrect
elements. Although smart contracts avoid issues related to information may derive into an action that may not be
human ambiguity, they do not depend on a state for their reverted easily (e.g., certain money transfers). Due to this
enforcement. Therefore, they are a mechanism to preserve problem, several companies presented oracles that verify
performance on the deals of the parties involved. the collected data [109]. Recently, some blockchain-based
In terms of legality, two different types of smart contracts applications have become more complex and involve the use
can be distinguished: strong and weak. In contrast to weak of the concepts of smart contract, oracles and Decentralized
smart contracts, strong smart contracts usually involve high Autonomous Organization (DAO). A DAO is a distributed
revocation and modification costs. In addition, in the case application implemented to make it possible for multiple
of strong smart contracts, traditional law enforcers will be parties, humans or machines, to interact with each other
helpless after they are executed, since they cannot be stopped [110]. The interaction between the members is arbitrated by
once initiated (either by involved parties or by a judge). a blockchain application that is controlled exclusively by a
A smart contract can also be updated, so they need meth- set of immutable and incorruptible rules embedded in its
ods to add modifications that may be required legally. For source code. A DAO can provide services or resources to
instance, an online public database or Application Program- third-parties, or even hire people to perform specific tasks.
ming Interface (API) may be used to access the latest legal Hence, individuals can transact with a DAO in order to access
terms of the contract. Another method would consist in ask- its service or get paid for their contributions. DAOs are fully
ing the involved parties to update the source code by them- autonomous, as they do not rely on any central server and,
selves, what avoids depending on third-parties to perform therefore, they cannot be shut down randomly by any single
such a task. To prevent one of the parties to modify a contract party (unless their code was specifically designed for it).
unilaterally, its terms may be defined as unmodifiable. Ethereum provides a programming language for dis-
tributed applications, but it is far from sufficient for complex
Although smart contracts are stored on the blockchain,
DAOs [111]. Further research will be needed to explore new
they received data from external services called oracles that
collect information from different sources. For instance, an approaches to building DAOs with the appropriate standard-
oracle can monitor the status of an item in order to determine ization and interoperability [112].
In addition, it is still necessary to develop legal regulations
if it has arrived and write such a status on the blockchain.
Then, the change on the status of the item could be detected to enforce smart contracts and resolve disputes properly.
by the smart contract, which can trigger the payment related Only a few researchers have studied the problem of binding
to the purchase of the item. real-world contracts with smart contracts [113], as well as
the issues that happen when the outcome diverges from
There are different types of oracles depending on the the one demanded by the law [114]. Furthermore, the main
collected data and on how they interact with their sources: security vulnerabilities of Ethereum smart contracts have
ï Software oracles handle online information. Examples already been analyzed in the literature [115], but there are
of such an information could be the temperature of a still numerous issues to be further studied.
stored product or the prices of purchased parts. The
data originate mainly from web sources, like company III. EVALUATION OF THE NEED OF BLOCKCHAIN IN
websites. The software oracle extracts the needed infor- THE AUTOMOTIVE INDUSTRY
mation and pushes it into the smart contract. This section provides a comprehensive identification and
ï Hardware oracles are designed to obtain data directly classification of the current stakeholders of the automotive
from the physical world. For example, Radio Frequency industry. Next, we introduce specific challenges of each
Identification (RFID) sensors in the supply chain indus- stakeholder that can be faced by the use of blockchain. These
try. The biggest challenge for these hardware oracles is challenges are then grouped into key management areas of
to report readings without sacrificing data security. interest. Finally, we present a flow diagram that can be used
ï Inbound oracles insert information from the external as a general guidance for deciding when it is appropriate to
world into the blockchain (e.g., an automatic buy if make use of blockchain and deciding its specific type.
some asset hits a certain price). In the automotive industry, wealth is created through trans-
ï Outbound oracles enable smart contracts to transmit actions and contracts in business networks that generate a
data to the external world (e.g., a smart lock in the phys- flow of goods and services. The underlying markets could
ical world which receives a payment on its blockchain include open markets such as a car auction, or a private
address and unlocks automatically). market such as a supply chain financing. In every case,
ï Consensus based oracles imply the combination of dif- assets are transferred across the business network between
ferent oracles to determine the outcome of an event. the different stakeholders. There are mainly two different
Prediction markets like Augur [107] and Gnosis [108] types of assets: tangible assets (e.g., a car) and intangible
rely heavily on a rating system for oracles to confirm assets. Intangible assets can be subdivided into financial
future outcomes and to avoid market manipulation. assets (e.g., instruments such as bonds); intellectual (e.g., a

VOLUME 9, 2016 5
 P. Fraga-Lamas, T. M. Fernández-Caramés: A Review on Blockchain Technologies for an Advanced and Cyber-Resilient Automotive Industry

piece of intellectual property like a patent) or digital assets.

As it can be seen in Table 1, blockchain use cases can be
structured into several categories across its two fundamental
functions in the automotive industry: record keeping (static
registry, identity and smart contracts) and transactions (dy-
namic registry or payments infrastructure).
After reviewing the current state of the automotive indus-
try, it was decided to target stakeholders who are impacted
by or can influence the outcome of a blockchain deployment.
This includes customers, shareholders, internal and external
stakeholders. Figure 2 represents the main analyzed stake-
holders.
Moreover, after examining carefully their current role, the
automotive business network and the strategic agenda of a
number of platforms, projects and research programs [116]–
[126], a list was compiled on the specific challenges of each
stakeholder related to trust, transaction costs or other areas
where blockchain can be applicable to face inefficiencies.
The most important detected challenges are summarized in
Table 2. FIGURE 2: Main stakeholders in the automotive industry.
Furthermore, after analyzing the collected data, it can be
concluded that most of the stakeholders face similar chal-
lenges and a joint strategy will be needed to maximize the
own copy of the reference data and update it according
impact of blockchain applications. As it can be seen in Table
3, challenge concerns can be grouped into three specific to some procedure, maybe by e-mail or paper, when
information changes. There is a need for a distributed
management areas: data, operations and finance:
record system that has to be used and shared across
1) Data management. A shared set of reference data be- the business network. In this way, all the participants
tween all the stakeholders is needed. Today, all the dif- in the business network can have their own copy of the
ferent stakeholders of the business network keep their distributed ledger. Examples of these data could be a
job card, an employment record or the tracking codes
Category Explanation Use cases of a spare part.
Proof of ownership By putting all the information in a distributed ledger,
Distributed database for
Static registry storing reference data
Traceability it can actually be controlled who can change the data
Patents
and who can actually get access to the data once they
have been changed, thus making the whole process
Distributed database with much more reliable.
ï Identity fraud
identity related
Identity ï Identity records Considering that the automotive industry spreads
information
across different industries, countries and different reg-
Trigger automated and ulatory boundaries, a shared set of data can be a very
Insurance-claim
self-executing actions
Smart contracts when predefined
payout efficient way of managing reference data. The benefits
Cash-equity trading
conditions are met imply reducing errors, improving real-time access to
critical data and supporting natural workflows around
Distributed database that
is updated with asset
ï Supply chain creation, modification and deletion of the data ele-
Dynamic registry ï Fractional investing ments.
transactions
Likewise, auditing (e.g., regulatory compliance) is
Cross-border a complex process, considering the fact that data and
Dynamic distributed payments
Payment database that is updated Peer-to-peer transactions are spread throughout many locations and
with payment transactions payments are owned by many stakeholders. The fact that trans-
Insurance claims
actions are endorsed or validated by selected members
Use cases composed by of the business network has the effect of increasing the
ï Initial Coin Offering
several of the previous
(ICO)
net trust within the business network. Furthermore, the
Several groups Standalone cases fact that each member of the business network knows
ï Blockchain as a Ser-
categories not fitting in any of the
vice (BaaS) that they are sharing a common business process with
previous categories
the rest of the network also boosts trust.
TABLE 1: Main blockchain categories based on its main When introducing a blockchain, privacy services
function. control who can see what across the business network

6 VOLUME 9, 2016
P. Fraga-Lamas, T. M. Fernández-Caramés: A Review on Blockchain Technologies for an Advanced and Cyber-Resilient Automotive Industry

Stakeholder Specific challenges

1) Lack of transparency regarding the car’s history

2) Unpredictable car maintenance and repair costs
3) Lack of trust in the outcome of maintenance and repair jobs
Car owners and lenders / buyers and sellers of pre-owned cars 4) Absence of informed buying options
[127]–[129] 5) Absence of car insurance options
6) Lack of trust in autonomous vehicles and IoT-connected vehicles
7) High-level transactional experience to consumers whilst reducing the costs incurred by
them

1) Lack of transparency regarding the car’s history

2) Unpredictable car maintenance and repair costs
Fleet management companies / Car leasing or sharing 3) Lack of trust in the outcome of maintenance and repair jobs
(car-sharing, ride-sharing or ride-hailing) companies [120], 4) Lack of interoperability with business partners
[130] 5) High operational costs, low margin
6) High costs in the car-sharing, ride-sharing and ride-hailing economy
7) Lack of trust in autonomous vehicles and IoT-connected vehicles

1) More affordable car rides

2) Better maintained cars
Car-sharing, ride-sharing or ride-hailing passengers [131], 3) Lack of trust in autonomous vehicles and IoT-connected vehicles
[132] 4) Lack of a common mobility provider platform
5) Lack of instant payment

1) Expensive rates for car leasing and rental

2) Lower car-sharing, ride-sharing or ride-hailing partnership fees
Car entrepreneurs [122], [130] 3) Difficulties to set up business, unfair competition
4) Lack of trust in autonomous vehicles and IoT-connected vehicles
5) Lack of information sharing

1) Updated car ownership records

2) Updated repair and maintenance records
Car dealers and retailers [122], [133], [134] 3) Updated purchase records
4) Lack of trust in autonomous vehicles and IoT-connected vehicles
5) Lack of information sharing

1) Huge warranty claim costs

2) Enforcement of recommended maintenance and repair prices on the dealers
3) Customer complaints due to car dealers’ violation of recommended maintenance prices set
by car manufacturers
OEM / Car manufacturers and suppliers [118], [122], 4) Lack of control of the car maintenance performed by authorized dealers
[134]–[137] 5) Weak customer loyalty
6) Cyber-attacks, system failure risks and enhanced security in autonomous vehicles and IoT-
connected vehicles
7) Control of the logistics
8) Lack of information sharing

1) Inflexible and non-customized policy pricing

2) 5-10% of all claims worldwide are fraudulent [143]
Insurance companies [138]–[140] 3) Costly and inefficient claim management
4) Inaccurate customer policy pricing
5) Lack of oversight over the quality and pricing for a collision repair

1) Underutilized capacity
2) Customer retention
Independent repair shops [129], [134] 3) Low margins
4) Lack of brand confidence

1) Inefficient stock management

2) Market for counterfeit spare parts
After-market (producers, distributors and retailers of spare 3) Lack of transparency in warranty monitoring and enforcement
parts, garages) [134] 4) Low margins
5) Lack of brand confidence

VOLUME 9, 2016 7
 P. Fraga-Lamas, T. M. Fernández-Caramés: A Review on Blockchain Technologies for an Advanced and Cyber-Resilient Automotive Industry

Stakeholder Specific challenges

1) Updated state registries (e.g., vehicle maintenance records, ownership rights, vehicle taxes,
history of traffic fines)
2) Lack of trust in autonomous vehicles and IoT-connected vehicles
3) Compliance with the current legislation, particularly in terms of driver liability [117] or
data protection
4) Enhanced interconnectivity with provision of open-source traffic and infrastructure data
Governments and public organizations [120], [124] through a data cloud and willingness to shift to digital radio and universal network coverage.
5) Greater use of anonymisation and pseudonymisation in data collection and processing and
provision of comprehensive information to vehicle owners and drivers about what data is
collected and by whom.
6) Notifications of road conditions and traffic congestion in real-time
7) Trusted data for accident investigation and mitigating actions

1) Updated car ownership records and insurance, maintenance and lien records on cars
Financial institutions [116] 2) Non availability of single reference point on all transactions

1) Guarantee stable and secured Vehicle to Vehicle (V2V) and Vehicle to Infrastructure (V2I)
Telecommunication and tech companies, content and service communication to ensure efficient and safe vehicle coordination and cooperation
providers [120], [141] 2) Lack of trusted connectivity among vehicles and between vehicles and infrastructure [117]

1) Control of greenhouse gas emissions

Scrappage/recycle and environmental groups [123] 2) Full traceability of components
3) Long-term sustainability

TABLE 2: Current specific challenges of the automotive industry that can be confronted using blockchain technologies.

(appropriate confidentiality between subsets of partic- without the intervention of third parties. For instance,
ipants) and are also used to maintain this property of all the manufacturing data of where each part/asset of
immutability across the blockchain, so the blockchain a subsystem has been in its journey from the manufac-
becomes tamper-proof. In a permissioned blockchain, turer all the way through its integration into a car can
it can be controlled who can see what parts (i.e., parts be recorded. Note that this network can evolve with the
that are relevant to the stakeholders and their way of shared set of referenced data to a more integrated and
doing business) of the ledger. This creates a verifiable interlinked network of the different stakeholders.
audit trail of everything owned/traded across the busi- Supply chain information can also include
ness network from the time it was created and put onto smart manufacturing processes (e.g., the individual
the blockchain. Such transactions cannot be altered, computer-aided machine programming module that
inserted or erased thanks to consensus, provenance and was used to create the part or other considerations), if
immutability, and the business logic actually embedded they are relevant. Therefore, it ensures the traceability
into the blockchain in the form of a smart contract. of an asset throughout its lifecycle. The advantages of
2) Operations management is probably the most common this traceability are clear. Trust increases because it is
cross-industry inefficiency considering the low imple- possible to know who has owned each asset or where it
mentation degree of the instruments of supply chain has been, and hence, the whole supply chain becomes
risk management [144]. SSCM [145] includes the com- much more efficient.
plete traceability of the key assets, (i.e., a record when It must be noted that if something goes wrong with a
a car part is assembled or disassembled or is in the batch of cars or spare parts (i.e., a maintenance task or
shipping process). Traditionally, traceability in the sup- an insurance claim) diagnosing the incident or finding
ply chain has been managed by using technologies like which subsystems or parts were actually involved can
RFID [146]–[149], but blockchain technology, goes be easily solved, thus avoiding to perform a whole
one step forward, enabling a new era of end-to-end cross-fleet analysis or recall in the case of failure.
transparency in the global supply chain system where As a result, including blockchain into a transaction pro-
stakeholders are able to share information rapidly and cessing system will derive in the following operational
with confidence across a strong trusted network. Fur- benefits:
thermore, the use of smart contracts provides a lower ï Transactions can be transformed to something that
cost of transaction with a trusted contract monitored can take a number of days to almost real time.

8 VOLUME 9, 2016
P. Fraga-Lamas, T. M. Fernández-Caramés: A Review on Blockchain Technologies for an Advanced and Cyber-Resilient Automotive Industry

Management
area Stakeholders’ challenges Solutions Benefits
Competitors and collaborators in a
business network
Each business partner keeps their own
database and forwards requests to a 1) Consolidated, immutable and consis-
Shared set of referenced data
central authority for data collection tent dataset with reduced probability
Each business partner maintains its
and distribution of errors
own system (e.g., specific codifica-
3) The owner of each information subset 2) Near real-time access to data
tion) within the blockchain network
can be one or several organizations 3) Interlinked network where code up-
Data There is a single view of the complete
4) Access to all the transactions over a dates and transactions between stake-
dataset in the business network
specific reporting period is needed holders are naturally supported
Privacy ensures only authorized user
5) Sensitive information must be contin- 4) Private sensitive data is shared on de-
access
uously sent to the insurance compa- mand
nies
6) Some stakeholders (e.g., end-user)
lack control over the exchanged data

1) Sustainable Supply Chain Manage-

ment (SSCM)
1) No single authority is the guarantor of
1) The provenance of each asset is hard 2) Complete provenance and traceabil-
provenance therefore, trust increases
to track ity details of each critical asset
2) More efficient ledger utilization
Operations 2) Traceability information: manufac- 3) Data are accessible by each stake-
3) Individual and specific rather than
turer, production date or batch data holder (e.g., manufacturers, suppli-
cross-fleet information
ers, car owners, insurance companies,
government regulators)

Increased speed of execution

Reduced cost
Reduced uncertainty and risks (e.g.,
Common ledger for letters of credit fluctuations in currency exchange
Financial data is dispersed through-
Counterparties have the same vali- rates)
out many systems with different char-
dated record of transaction Added-value applications (e.g., incre-
acteristics and geographical locations
Transaction records collected from mental claim payments)
Finance Letter of credits of a wider range of
diverse financial sources An auditor is able to trace the
clients
4) A financial audit trail created with accounting information from the
Time and cost constraints
tamper-proof data blockchain to the source document
(e.g., an invoice, a receipt, a form, a
voucher) and view the complete pro-
cess of a given transaction

TABLE 3: Confronting today stakeholders’ challenges.

ï Overheads and cost intermediaries that do not pro- on a car lease without a middleman.
vide added-value can actually be taken out, mak- Financial and logistics operations can be coupled with
ing more efficient the whole business network. The IoT devices. For example, when a pallet of goods actu-
distributed ledger and privacy services are used to ally crosses through an RFID reader into a warehouse.
manage the elements of the blockchain, therefore The seller could draw down a certain percentage of
reducing the risk within the business network of the letter of credit because through this RFID event,
tampering, fraud, or cyber-attacks. Furthermore, it can be ensured automatically that the goods actually
a net improvement of trust within the business made it part of the way to the end customer as well
network can be achieved because everyone uses as the condition of the goods (e.g., if the assets were
the same way to keep their ledgers updated and delivered in the agreed conditions of humidity, tilt or
their business processes flowing. other parameters). These automated processes reduce
3) Financial management. In the automotive industry, the time of execution to almost real time. Therefore,
these services involve letters of credit, financing, leas- they vastly reduce costs and risk for both the seller, the
ing, and cross-border import and export systems. Let- buyer and the correspondent banks who are involved in
ters of credit are fundamental to the way that buying the process. This process could be applied to a number
and selling occurs across borders. Numerous different of other financing, and cross-border import and export
individual documents are exchanged and signed by the systems.
banks and the different counterparties that represent the Beyond the hype of Distributed Ledger Technology (DLT)
buyer and the seller in the business network. technologies, it must be noted that in a trustful scenario or
Furthermore, automotive financing includes some when stakeholders can trade directly, traditional databases or
verification steps (e.g., review of documents, scoring ledgers based on Directed Acyclic Graphs (DAG) [150] may
the risk or loan approval) that smart contracts can ease, be a better solution for daily operations. Certain industrial
therefore enabling to automatically negotiate payment processes are inherently better suited for blockchain solu-

VOLUME 9, 2016 9
 P. Fraga-Lamas, T. M. Fernández-Caramés: A Review on Blockchain Technologies for an Advanced and Cyber-Resilient Automotive Industry

FIGURE 4: Automotive blockchain-based services.

real time. Manufacturers can partner with a blockchain

service provider to create a unique ledger among the
network of OEMs to address logistics monitoring and
control (e.g., issues related with spare parts quality and
authenticity). The ledger can gather information about
cars’ history from different sources and even charge
users to access the data [152]. The platform could be
extended to receive payment for the rendered services
(e.g., repairing a vehicle, or purchasing/selling vehicle
data from/to a third party).
ï Smart manufacturing
The inclusion of blockchain in software-based manu-
facturing can increase productivity and quality control,
reducing the costs for tracking in inspections (e.g.,
it simplifies version management), warranty, inventory
management [153], [154], ownership issues, mainte-
nance or recycling tasks.
A blockchain can also be used in a digital twin
[120], [155], which represents digitally a physical asset
in order to monitor its current state and to recreate
its past and future [156]. In the automotive industry,
assets (e.g., vehicles, tools, parts) may send data and
FIGURE 3: Flow diagram to determine the need of notify events to its digital twin during their lifecycle.
blockchain technologies in a specific application. Thus, blockchain can be used to store securely all the
mentioned information.
An example of implementation was presented in July
tions. For example, financial services and governments core 2017 by Groupe Renault [157], which released a pro-
functions are clearly aligned with blockchain capabilities totype created with Microsoft and VISEO to connect
[151]. Specifically, Figure 3 shows a simplified flow diagram each car maintenance book to the vehicle’s digital twin.
that can be used as a general guidance for deciding when it These data are tamper-proof, fully traceable and visible
is appropriate to make use of blockchain technologies and to to authorized parties such as the vehicle owner.
determine the type needed in a particular application. Further ï Anti-counterfeiting
details on the specifics of the different types of blockchain Blockchain and IoT can provide an effective way to
can be found in [24]. avoid fraud. On the one hand, counterparties can update
the status of the items from the source to the point of
IV. ADVANCED BLOCKCHAIN-BASED COMPELLING sale, or even in some cases the whole lifecycle. On the
APPLICATIONS other hand, sensors can be added to assets (e.g., to each
This section reviews the most relevant blockchain applica- part pallet shipped from the Original Equipment Sup-
tions for automotive environments (Figure 4). plier (OES)) to track their real-time location and status
ï Extended global vehicle ledger (e.g., that the shipment complies with the Estimated
A ledger that securely stores, updates, traces and shares Time of Arrival (ETA)). It must be noted that this strat-
data (e.g., car’s maintenance, ownership history) in

10 VOLUME 9, 2016
P. Fraga-Lamas, T. M. Fernández-Caramés: A Review on Blockchain Technologies for an Advanced and Cyber-Resilient Automotive Industry

egy will imply an extensive level of cooperation among Emerging technologies have created a new ’As-a-
automotive stakeholders and software developers. Service’ business model in which initiatives such as
Regarding odometer fraud, a solution that uses an in- Car Next Door [159] are growing fast. A blockchain-
car connector can be proposed to send vehicle mileage based platform would enable the interconnection of IoT-
data to its digital logbook on a regular basis. If tamper- connected vehicles, autonomous vehicles, car-sharing,
ing is suspected, the displayed mileage can be compared ride-sharing or ride-hailing providers and end-users to
with the recorded via an app. Furthermore, a car owner create a solution that records and executes agreements
can log its mileage on a blockchain and receive a cer- and monetary transactions to allow vehicle owners to
tificate of accuracy that could be used for guaranteeing monetize trips. Data (e.g., cost per mile, keys to unlock
selling conditions. For example, Bosch and TÜV Rhein- the car, insurance details, payment/billing details, infor-
land (a German certification authority) are collaborating mation about vehicle owners, drivers and passengers)
to prevent the widespread practice of odometer fraud would be exchanged in a secure, reliable and seamless
through a digital logbook solution [158]. manner. The connections between the involved parties
ï Digital retailing and customer personalized experi- would be secured in order to protect their privacy (e.g.,
ence there would be no link between the actual user’s identity
Loyalty and reward programs can serve as customer and his/her route) and any unauthorized accesses to the
incentives. In this use case a blockchain and smart vehicle (i.e., only authorized users would be able to
contract-based solution can record customer purchases locate, to unlock and to use a specific car). Furthermore,
and issue loyalty points that can be used as a currency the platform could process all the payments upon com-
within the stakeholder loyalty network. The points are pletion of the trip and update the user’s record with a
visualized and updated (e.g., redeemed as a discount) history of the trip performed.
instantly for the whole network. It is worth mentioning as an example an initiative of
ï Claim processing and usage-based insurance the Toyota Research Institute [160], which is exploring
Claims, particularly with complex insurance instru- together with the MIT Media Lab the development of a
ments, involve multiple parties. Nowadays, in the event new mobility blockchain-based ecosystem fostering the
of an accident, the liability is largely attributed to the use of open-source software tools.
driver, but autonomous vehicles need the consideration ï Peer-to-peer lending, leasing and financing
of other entities in the automotive ecosystem such as Peer-to-peer models offer a business model that con-
auto manufacturers, software providers, service tech- nects the involved entities and performs Know Your
nicians or vehicle owners. For instance, the insurance Customer (KYC) checks prior to leasing a vehicle,
cost for a driver may be reduced by granting insurance stores the leasing contract and automates the payment.
companies access to driving data to demonstrate safe Blockchain platforms will leverage secure communica-
driving habits. In addition, certain collected information tions and eliminate data risks. The extracted data can be
like braking patterns and speed may be used to avoid used for analytics and for monitoring consumer behav-
frauds. ior (KYC) in car leasing or rental. A couple of initiatives
The system would work as follows. First, the insur- have studied the mentioned scenarios. For instance, in
ance company would create a public and a private key 2015 Visa and Docusign implemented a blockchain for
for every car, as well as a personal account stored in a a car leasing pilot service [161]. Similarly, Daimler AG
cloud. The personal account is required by the company and Landesbank Baden-Württemberg (LBBW) [162]
to know the actual identity of the policyholder. The made use of blockchain to perform financial transac-
public key would be stored into a secure database. The tions in a pilot project for monitoring capital market
public and private keys would be used by the vehicle transactions and financial processes.
for every subsequent transaction with the insurance ï Connected services
company. Thus, the vehicle stores in the cloud infor- Vehicle owners can purchase infotainment or added-
mation on driving patterns that would be used by the value services (e.g., parking, tolls) in a seamless manner
insurance company to provide services. Certain critical based on pre-defined contracts that are stored and exe-
information (e.g., vehicle location) could be stored in cuted on the blockchain. For example, Carewallet [163]
a blockchain in the in-vehicle storage. In case of an is a platform that allows for a full end-to-end integration
accident, the vehicle might fill a claim automatically by of mobility services, vehicles and infrastructure.
sending the information to the insurance company. Another application would be the introduction of
The vehicle owner may discontinue its contract with the blockchain for conventional wireless remote software
insurance company or sell its vehicle. In such cases, the updates. Nowadays, this is a centralized and non-
insurance company would remove the account from the scalable process with a partial participation of the sup-
cloud storage, so the vehicle would not receive further ply chain (i.e., it does not include all the way from
services. a service provider to a service center). Furthermore,
ï MaaS there are potential privacy issues, since a direct link

VOLUME 9, 2016 11
 P. Fraga-Lamas, T. M. Fernández-Caramés: A Review on Blockchain Technologies for an Advanced and Cyber-Resilient Automotive Industry

between the vehicle and the OEM can compromise the at a charging station owned by a third party or when
driver’s privacy (e.g., its behavior or location) and only the car owner discharges the electricity from the electric
an OEM can verify communications or the history of vehicle to the grid to support the stabilization of the
update downloads. The use of a blockchain would imply energy network. The location and behavior of the user
an end-to-end distributed data exchange that involves (e.g., using a specific charger on a specific day) could
service providers, OEMs, vehicles, service centers or be tracked, but such a location information can remain
assembly lines, and it will guarantee the user’s privacy private.
and the updated history, as well as the public verification In the literature, there are some examples of imple-
of the authenticity of the software. mentations. For instance, a decentralized security model
ï Automotive IoT and IoT-connected vehicles based on the lightning network and smart contracts
Vehicles are becoming interconnected Cyber-Physical is proposed in [169]. It involves registration, schedul-
systems (CPSs) [164]. These CPSs have special-purpose ing, authentication and charging phases. The proposed
sensors, control units (Electronic Control Unit (ECU) security model can be easily integrated with current
and On-Board Unit (OBU)) and wireless adapters to scheduling mechanisms to enhance the security of trad-
monitor their operations and communicate with their ing between electric vehicles and charging piles. An-
surroundings (e.g., Road Side Unit (RSU)) [165]). The other interesting example is described in [170], where
penetration of the IoT paradigm in vehicles enables the a privacy-preserving selection of charging stations is
collection of a huge amount of data. For instance, most presented.
vehicles manufactured in the last decade have On-Board ï Autonomous or self-driving vehicles
diagnostics (OBD) ports, which are used for retrieving Since most of the car crashes are the result of human
vehicle diagnostics. Another major development is the errors, a computer would be an ideal driver, as it can use
deployment of an Event Data Recorder (EDR) to store complicated algorithms to determine appropriate driv-
incident data based on triggering events (e.g., drastic ing measures. Autonomous vehicles are equipped with
speed reduction). Sensors and devices connected over advanced IoT capabilities, navigation devices and com-
a defined mobile network will enable the collection of puter vision technology to drive autonomously with lim-
data like driving events (e.g., mileage, speed), safety ited or no human intervention. Leveraging blockchain as
events (e.g., spare part replacement warning), mainte- an underlying communication mechanism will guaran-
nance events (e.g., annual service) and will be able to tee trust and dependability on these systems. Further-
send these data to a ledger shared among the stakehold- more, since cybersecurity is currently a main concern
ers (including the owner). for autonomous and IoT-connected vehicles, the main
IoT applications help to monitor and control devices threats and attacks to automated vehicles have been
remotely and create new insights from real-time data. identified in [171]. For instance, another authors are
IoT, together with blockchain, can help to track, process focused on introducing peer-to-peer usage models. For
and exchange transactions among connected devices. example, Hasan et al. [172] propose a blockchain-based
An example of intelligent communication between vehi- platform that can provide autonomous vehicles with
cles is proposed in [166]. Other authors [167] presented share ride services.
a lightweight scalable blockchain solution to face the ï Forensics
challenges of traditional security and privacy methods Forensics is becoming an important feature in a vehicle
in IoT-connected cars: centralization, lack of privacy or design and operational lifecycle. Interested stakeholders
safety threats. include insurance companies and law enforcement who
ï Electric Vehicle and smart charging services are interested in crime solving (e.g., vehicle location
Electric vehicle industry is growing in parallel with the information can be useful in a burglary or homicide)
demand for charging infrastructure. The connection of or crash incident investigations. In recent years, foren-
electric vehicles to the owner’s smart home [168] and/or sics has been further used by insurance providers and
smart devices could lead to advanced services. For by companies giving vehicles to their employees for
instance, the charging procedure might be customized business-related activities.
according to the user personal habits (e.g., through the IoT-connected and autonomous vehicles gather a huge
personal calendar). Such data could be used to guar- amount of information that can be significant for manu-
antee that the vehicle is fully charged when needed. facturers, service providers, drivers or insurance compa-
Furthermore, it also enables to choose the cheapest or nies in case of an incident or accident. This capability to
more convenient charging cycle (e.g., avoiding peak collect data within and around the vehicles can make a
load times). significant impact on the forensics field. The topics has
A blockchain-based solution can be proposed for to be further studied, but an example of permissioned
distributed accounting, for managing contracts or for blockchain forensic framework can be found in [139].
automating billing and payments. Two scenarios could
be considered: when the car owner charges the vehicle

12 VOLUME 9, 2016
P. Fraga-Lamas, T. M. Fernández-Caramés: A Review on Blockchain Technologies for an Advanced and Cyber-Resilient Automotive Industry

V. BLOCKCHAIN IMPLEMENTATION AND DEPLOYMENT presumable that this scenario will be indeed appealing for
STRATEGY criminal activity or malicious attacks.
A. SWOT ANALYSIS In addition, nowadays, usability is another challenge (e.g.,
After analyzing blockchain technologies in Section II, this no intermediaries can be contacted in case of users’ creden-
subsection evaluates its applicability based on a Strengths, tials loss) and the customer is usually not familiarized with
Weaknesses, Opportunities, and Threats (SWOT) analysis the technology.
that summarizes the main key issues that have to be consid- An additional weakness is the cryptocurrencies volatility,
ered when deploying blockchain technologies for the auto- which can represent a limitation to the short-term adoption of
motive industry. blockchain-based payments.
Regarding the available development tools, they are still
in an early stage and the adoption of common standards
1) STRENGTHS
is still ongoing. Besides, it must be noted that develop-
As it can be observed in Table 4, blockchain brings numer- ing blockchain-based applications require high-level specific
ous advantages. Its main strengths are operational efficiency technical skills and human resources are scarce and costly.
and resiliency: by removing middlemen, transactions can be Finally, it is worth remarking that, in some cases,
simplified and their cost can be lowered (e.g., banking fees). blockchain may not be the most suitable technology for a
Another strength is that smart contracts can be coded to business use case or process (as previously discussed in Sec-
perform autonomous transactions (e.g., decisions on business tion III) and it is key to succeed the adaptation of corporate
processes) based on data acquired by IoT devices or sent governance models to decentralized exchanges of value.
by different stakeholders. It must be noted that today, the
data from the different stakeholders are stored in central- 3) OPPORTUNITIES
ized databases, or even in paper, which implies costly and In relation to opportunities for the automotive industry,
unreliable business processes. Moreover, these data are error blockchain allows for gaining industrial competitiveness, for
prone and subject to hacking, unintentional errors or frauds entering into new markets or for developing new types of
as they go along the complex network of stakeholders. In business models thanks to the use of DAOs and low trans-
contrast, the underlying technology behind blockchain (e.g., actions fees. Blockchain also represents an opportunity to
advanced cryptography) prevents the recorded data from reduce the information asymmetry that today exists among
being modified. Thus, records are irreversible and tamper- the different stakeholders.
proof. Non-repudiation and immutability guarantee that there Moreover, in the automotive ecosystem, blockchain can
is a unique and historical version of the data that is agreed definitely help to prevent fraud and to reduce the possibility
and shared among all the stakeholders (e.g., a shared set of of a systemic risk (e.g., the risk of collapse of an entire market
referenced data). caused by intermediaries and/or idiosyncratic events).
Data transparency is guaranteed by providing global ac- Specifically, due to the network effect, when a high num-
cess to the blockchain. Since different stakeholders are able ber of stakeholders are involved, blockchain-based supply
to upload information to the blockchain, it can become the chains can be more efficient, since data can be shared
storage of an enormous amount of trusted information that nearly instantaneously among different heterogeneous actors.
might be used for big data analytics. Nonetheless, the impact of such big data-enabled applica-
Moreover, the fact that a blockchain can be replicated on tions depends on the amount and quality of the collected
every full node provides redundancy and guarantees that the information.
stored data will resist unexpected events and cyberattacks. The use of open-source code is also essential in order to
For instance, full traceability, asset provenance and qual- increase security and transparency. It is important to note
ity control on how parts or cars are stored, inspected and that, although this kind of code is still susceptible to bugs
transported, can enhance accountability and give proof of and exploits, it is less prone to malicious modifications from
ownership for all the involved parties. Therefore, relevant third parties, since it can be monitored constantly by any
stakeholders can verify or inspect such an information at any stakeholder.
time or at a specific moment, thus creating dynamic and fluid For instance, in shipping processes the transportation and
value exchanges. logistics sector rely on a global chain of actors including
shipping lines, freight forwarders, port and terminal opera-
2) WEAKNESSES tors, and customs authorities. All of them constantly need
The major blockchain weaknesses are related to the im- to exchange information about the origin of goods, tariff
mature status of the technology (e.g., lack of scalability, codes, status, classification data, import/export certificates,
high energy consumption, low performance, interoperability manifests and loading lists. Nowadays, some paperwork nec-
risks or privacy issues). In the case of IoT-connected cars or essary to process cross-border shipping is done manually and
infrastructure, smart contracts will be automatically executed operational information is transmitted over the phone, e-mail
and in some cases they will depend on the injection of or fax. Such processes are prone to errors, tampering and
source information from external oracles. Therefore, it is delayed communication. If inserted into a blockchain, the

VOLUME 9, 2016 13
 P. Fraga-Lamas, T. M. Fernández-Caramés: A Review on Blockchain Technologies for an Advanced and Cyber-Resilient Automotive Industry

Positive Negative

Strengths Weaknesses

1) Immature, early stage of development

2) Scalability issues
1) Operational efficiency
2) Cyber resiliency 3) High energy consumption
3) No need for intermediaries that do not provide added-value 4) Low performance
4) Fast and simple transfers with low fees 5) Lack of interoperability
5) Automated transactions by means of smart contracts, IoT enabler 6) Privacy issues (in some scenarios)
6) Reduction in human errors 7) Criminal activity, malicious attacks
7) Accountability, verified, timestamped, and immutable auditable data 8) Dependent on input information from external oracles
8) No data loss neither modified nor falsified data 9) Poor user experience, customer unfamiliarity
Internal

9) Security and modern cryptography 10) In case of users’ credentials loss (e.g., a wallet), no intermediary can be
contacted
10) Non-repudiation
11) In specific use cases, subject to cryptocurrency volatility
11) Transparency
12) Limitation of smart contract code programming model
12) Global accessibility
13) Wallet and key management
13) Trusted big data analytics platform
14) High-skilled human resources (scarce and costly)
14) Decentralization
15) Complexity (blockchain concepts are difficult to be mastered)
15) Traceability, asset provenance
16) Lack of trust in new technology suppliers
16) Dynamic and fluid value exchange
17) Core business use cases or processes may not be suitable for the use of
17) Accountability, proof of ownership and rights blockchain
18) Poor corporate governance

Opportunities Threats

1) Industrial competitiveness (e.g., reduced transaction costs, enhanced cy-

bersecurity, full IoT automation)
2) Market diversification (e.g., supporting car sharing)
3) New business-model enabler
1) Perception of insecurity or unreliability
4) Rebalancing information symmetry between stakeholders
2) Technological vulnerabilities
5) Fraud reduction
3) Divergent blockchains, ledger competition
6) Reduced systemic risk
External

4) Low adoption from important stakeholders

7) Network effect
5) Unfavorable government policies, legal jurisdiction barriers
8) A huge amount of heterogeneous data pushed into the blockchain by
different actors for data analysis (big data applications) 6) Institutional adoption barriers
9) Open-source code 7) Medium or long-term investment
10) Ease in cross-border trade 8) Not adequate for external customers, readiness for adoption
11) Reduction of verification procedures
12) Digital twin enabler
13) Circular economy enabler

TABLE 4: SWOT analysis for blockchain in the automotive industry.

trading with external stakeholders can be eased by offering directly to a blockchain.

integrity, transparency, security and paperless flows of data Finally, blockchain can also bring new opportunities to
that can greatly decrease the time and costs associated with the circular economy by ensuring traceability, by providing
current intermediaries, as well as reduce the verification pro- incentives to recycle and by enabling trust-based reputation
cesses in order to ensure the overall conformity and delivery. systems.

Blockchain can also enhance the capabilities of a digital

twin, which enables digital representations of physical assets 4) THREATS
to reflect reality through simulations based on information With respect to threats, they are related to several factors.
collected from IoT devices. Examples of such improved First, technology can be still distrusted by the market, since
features can be traceability of electric and electronic devices it can consider it as insecure or unreliable, mainly due to
along their lifecycle, the guarantee of the provenance and software problems or cryptocurrency volatility.
authenticity of components, the registration of events from Code vulnerabilities in blockchain or smart contracts are
initial product design and approval processes through manu- a threat to a sustainable adoption and can damage brand
facturing, the verification of the delivery process to customers reputation. An infamous example is the DAO attack of 2016,
and the corresponding after sale events, the inventory man- which exploited a combination of previously reported secu-
agement using blockchain to validate signatures and orders, rity vulnerabilities with a cost of around $ 50 million worth
or even the submission of offers from different suppliers of Ether and a devaluation of the DAO by a third [115].

14 VOLUME 9, 2016
P. Fraga-Lamas, T. M. Fernández-Caramés: A Review on Blockchain Technologies for an Advanced and Cyber-Resilient Automotive Industry

As it was previously mentioned, in some cases information information protection (i.e., access control, authentica-
can be altered by using hard forks. Although this kind of tion and authorization). For instance, Federated Iden-
forks can happen for technical reasons to fix vulnerabilities, tity Management (FIM) [173] is required to guarantee
they can also result from regulatory interventions (e.g., dif- the authentication across multiple enterprises. At an
ferent jurisdictions that take varied approaches to blockchain international scale, such a FIM currently covers only
management) or even as a result of a divergence on the ledger a low Level of Assurance (LoA). The required LoA
itself in order to provide different features. (from LoA 1 to LoA 4), as defined by the ISO/IEC
Another threat if the fact that some stakeholders may think 29115:2013 standard, is mainly based on the associated
that the proposed system is too complicated, so the adoption risks (probability of an event multiplied by its potential
rate on a worldwide basis could be low. impact) derived from an authentication error and/or the
It must be noted that unfavorable government policies, misuse of credentials.
legal regulations and institutional adoption barriers slow ï Blockchain infrastructure: a comprehensive trust frame-
down and threaten the mainstream adoption of blockchain. work that can fulfill all the requirements for the use of
Potential barriers may arise to the use of smart contracts. blockchain must be created.
A new subset of law, denominated as Lex Cryptographia ï Blockchain architecture: the design of the architecture
[142], that includes rules governed through self-executing should consider the company’s decentralization require-
smart contracts and DAOs, will have to re-evaluate the in- ments. In general, a private blockchain may be sufficient
teraction between four regulatory forces: the threat of law for the back-end. Private blockchains have been often
enforcement, the manipulation of markets (financial incen- undermined since the usage of a technology originally
tives and disincentives), social pressure and the centralized conceived to foster decentralization in a fully central-
intermediaries (i.e., internet service providers). For instance, ized way may be seen as a contradiction. Nevertheless,
the jurisdiction of smart contracts is still under debate [114]. this type of blockchain is able to reduce the risk of data
With respect to Return On Investment (ROI) aspects, it tampering and it can enable task automation.
must be indicated that applications based on blockchain In the scenarios where multiple organizations need to
technologies are considered as medium or long-term invest- access data, such as most of the applications of the au-
ments and as not adequate for being integrated into every tomotive industry, a consortium or federated blockchain
existing process. In fact, most current solutions are still in the may be preferable. They restrict user access to the
prototype stage, but it is likely that more mature applications network and the actions performed by the participants.
will reach a broad market in the next years. This kind of blockchain can be maintained by nodes
Moreover, if blockchain technology becomes a practice, that belong to organizations of the consortium, and it
it can have an impact on a company relationship with their could be used as a shared ledger. For instance, a public
customers. However, some customers may refuse to adopt it, blockchain can be used when managing automatic pay-
as they might still consider personal interaction important. ments with existing cryptocurrencies, or when there is
In addition, despite investing in human capital in order to a need for provide trust between organizations using an
improve customer service, market share may be lost, since unmodifiable ledger.
companies may start to compete in terms of pricing. ï Standardization [174]–[179] and testing: after a deep
understanding of the actors, supply chains, products,
B. FURTHER RECOMMENDATIONS markets, services, and Key Performance Indicators
Despite the promising foreseen future of DLT, and specifi- (KPIs) involved in an automotive specific use case,
cally of blockchain technologies, the SWOT analysis of the all the operational and technical requirements have to
previous Section revealed several challenges that may hinder be analyzed and agreed. As a first stage, when the
their short-term development and deployment: blockchain is created, it should be tested in the field with
ï Technical complexity: the scientific community is re- the agreed criteria to verify if it works as needed. As a
searching on scalability, privacy, security and post- second stage, different indicators should be evaluated in
quantum cryptography in order to face the main de- terms of privacy, security, energy efficiency, throughput,
sign limitations in transaction capacity, in validation latency, privacy, cost efficiency, blockchain capacity or
protocols or in the design and implementation of smart usability, among others. For instance, considering the
contracts and DAOs. Moreover, it is necessary to intro- hyped state of blockchain, developers may fake their
duce novel methods to foster decentralized approaches blockchain performance to attract investors (e.g., Initial
in business processes. Coin Offerings (ICO)), driven by the expected profits.
ï Interoperability issues: the critical participants of the ï Regulatory and legal aspects: the lack of a clear regu-
business network should be involved to guarantee the latory environment (e.g., decentralized ownership, con-
adoption of blockchain and its integration with third- tingencies in smart contracts, international jurisdiction,
party and legacy systems. To achieve full interoper- cross-border trade) and democratic-by-design models of
ability is necessary to adopt collaborative implemen- governance are concerns that hinder the potential impact
tations and use international standards for trust and of blockchain. Companies in countries with supportive

VOLUME 9, 2016 15
 P. Fraga-Lamas, T. M. Fernández-Caramés: A Review on Blockchain Technologies for an Advanced and Cyber-Resilient Automotive Industry

regulations will have a competitive advantage to develop global consortium Mobility Open Blockchain Initiative
innovative business models, that they will be willing (MOBI) [180] was announced to examine the potential
to exploit legally. Furthermore, blockchain can enable of blockchain and distributed ledger technologies to
value distribution models interoperable across organi- create a novel digital mobility ecosystem more efficient,
zations, improving the economic sustainability of both greener, affordable, safer, and more widely accessible.
contributors and organizations. The consortium hopes to bring together automakers,
ï Organization, governance and culture: organizations’ suppliers, startups, technology firms, blockchain com-
willingness and corporate governance will play an im- panies, NGOs, academia and government agencies.
portant role in the adoption of blockchain since coopeti- ï Network effect: the degree of industry adoption will
tion (cooperative competition) and a collaborative mind- determine the benefits of blockchain technology in the
set is required in order to engage all the stakeholders and automotive industry, as the volume of exchanged in-
adopt new ways for creating value. formation will increase. When the adoption reaches a
For instance, in the collective imaginary, Bitcoin is critical mass, it could evolve into an industry practice.
frequently associated with fraud and pyramid or Ponzi However, at the beginning it may be difficult to obtain
schemes and it has been often misused to refer to stakeholder commitment considering the different levels
blockchain. Therefore, there are still cultural barriers of digital readiness and the difficulty of integrating
and misinformation that must be confronted. legacy processes with novel systems and practices. For
ï Suitable training and advisors: mastering the blockchain instance, an initial requirement is the recognition of the
concepts requires a highly technical background that is gains of a blockchain-based collaboration.
necessary to fully realize the potential of the technology. ï No one-size-fits-all solution: the adoption of blockchain
Advisory boards should be comprised of influential unveils a broad area of short- and medium-term poten-
leaders and experts in the areas of blockchain, crypto- tial scenarios that could disrupt the automotive industry,
technologies, IoT, cyber security, insurance, financial as we know it today. Nevertheless, there is no one-
technologies, venture capital and business development. size-fits-all technological solution for the automotive
For instance, the usability of blockchain-related appli- industry.
cations is still not adequate for the average user. There- From the business standpoint, it can be assumed
fore, further efforts should be carried out to avoid the that small ventures (e.g., start-ups) will be more dis-
excessive underlying complexity. ruptive and take more risk than established companies.
ï Business strategies (investments, acquisitions and part- In the short-term, the greatest impact will come from
nerships): there are huge prospects of investment and the technology-driven transformation of global supply
new players entering the market, over 1,700 digital star- chains, although ultimately many other aspects will be
tups are aiming to disrupt the automotive industry. Tech- affected. Blockchain’s strategic value in the automo-
nology companies and specialized startups will support tive industry would be focused mainly in operational
OEMs and Tier 1s on their digital transformation in efficiencies and cost reduction. The costs in existing
two main platforms: Business to Business (B2B) and processes can be optimized by removing unnecessary
Business to Customer (B2C). intermediaries or diminishing the administrative work-
Automotive companies will have to experiment with load of record keeping and transaction reconciliation
different blockchain projects in order to discover where (e.g., speeding up claim processing). The blockchain-
the ROI/value resides or can be created (e.g., whether if based processes can capture lost revenues and create
there will be additional sources of revenues or profits, additional revenues (e.g., new business models) for ser-
disruptive added-value services, cost savings, stronger vice providers. In some scenarios, smart contracts could
brand image, cyber resilience, fraud reduction, improve- trigger actions (e.g., reimbursements) based on the data
ments in customers’ user experience). Nevertheless, in collected (e.g., from physical sensors) or ease identity
some scenarios the payoff may require that companies verification. In the context of fraud prevention, the
wait until blockchain solutions be more robust, scalable, blockchain could act as a global shared ledger record,
interoperable or demand less custom development (i.e., including for example, a person’s previous history (e.g.,
long-term investment). previous claims, traffic violations).
Another challenge is the development of standards
considering that several blockchain-based systems may VI. CONCLUSIONS
have to coexist within the automotive industry; likely, The transition to a data and value-driven world is fos-
there will be many private permissioned blockchains, tered by the pace of the technological disruptions of an
due to the business competitiveness, and multiple public Internet-enabled global world, the challenges of future mo-
blockchains. Therefore, organizations will be compelled bility, and an increasing business competition. In this ever
to guarantee the interoperability between blockchains. more complex ecosystem, the use of blockchain can pro-
To tackle these challenges, consortiums are now be- vide to the automotive industry a platform able to distribute
ginning to emerge; for example, on May 2018, the trusted and cyber-resilient information that defy current non-

16 VOLUME 9, 2016
P. Fraga-Lamas, T. M. Fernández-Caramés: A Review on Blockchain Technologies for an Advanced and Cyber-Resilient Automotive Industry

collaborative organizational structures. It must be noted that [15] Zheng, Z., Xie, S., Dai, H., Chen, X., Wang, H. “An Overview of
despite the hype reported by numerous organizations, it is Blockchain Technology: Architecture, Consensus, and Future Trends”, in
Proceedings of the IEEE International Congress on Big Data (BigData
necessary to perform an objective evaluation about how Congress), Honolulu, United States, 25-30 June 2017, pp. 557-564.
and whether to invest or not in blockchain from a business [16] Puthal, D., Malik, N., Mohanty, S. P., Kougianos, E., Das, G. “Everything
management and cybersecurity standpoint. You Wanted to Know About the Blockchain: Its Promise, Components,
Processes, and Problems”, IEEE Consumer Electronics Magazine, vol. 7,
This article covered a broad suite of issues that arise from
no. 4, pp. 6-14, July 2018.
the advent of a disruptive technology like blockchain. In [17] Karafiloski, E., Mishev, A., “Blockchain solutions for big data challenges:
addition, we present a holistic approach to a blockchain- A literature review”, in Proceedings of the IEEE International Conference
based advanced automotive industry with a review of the on Smart Technologies, Ohrid, Macedonia, 6-8 July 2017.
[18] Ahram, T., Sargolzaei, A., Sargolzaei, S., Daniels, J., Amaba, B.,
main scenarios and the optimization strategies for designing
“Blockchain technology innovations”, in Proceedings of the IEEE Tech-
and deploying these applications. Furthermore, some recom- nology & Engineering Management Conference (TEMSCON), Santa
mendations were mentioned to guide future researchers and Clara, United States, 8-10 June 2017.
managers on some of the open issues that will have to be [19] Conoscenti, M., Vetrò, A., De Martin, J. C., “Blockchain for the Internet of
Things: A systematic literature review”, in Proceedings of the IEEE/ACS
confronted before deploying the next generation of secure 13th International Conference of Computer Systems and Applications
blockchain applications. (AICCSA), Agadir, Morocco, 29 Nov. - 2 Dec. 2016.
[20] Yli-Huumo, J., Ko, D., Choi, S., Park, S., Smolander, K. “Where Is Current
Research on Blockchain Technology? - A Systematic Review”, in PLOS
REFERENCES ONE vol.11, no. 10, pp.1-27, 2016.
[1] Industrie 4.0 project official web page. Available online: https://www. [21] Swan, M. “Blockchain: blueprint for a new economy”. First Edition,
bmbf.de/de/zukunftsprojekt-industrie-4-0-848.html (Accessed on 3 Au- O’Reilly Media, Jan. 2015.
gust 2018) [22] Christidis, K., Devetsikiotis, M., “Blockchains and Smart Contracts for the
[2] Blanco-Novoa, Ó., Fernández-Caramés, T. M., Fraga-Lamas, P., Vilar- Internet of Things”, in IEEE Access, vol. 4, pp. 2292-2303, May 2016.
Montesinos, M. A. “A Practical Evaluation of Commercial Industrial [23] Jesus, E. F., Chicarino, V. R. L., de Albuquerque, C. V. N., and Rocha,
Augmented Reality Systems in an Industry 4.0 Shipyard”, IEEE Access, A. A. de A. “A Survey of How to Use Blockchain to Secure Internet of
vol. 6, pp. 8201–8218, 2018. Things and the Stalker Attack”, Security and Communication Networks,
[3] Fraga-Lamas, P., Fernández-Caramés, T. M., Blanco-Novoa, Ó., Vilar- Apr. 2018.
Montesinos, M. A. ”A Review on Industrial Augmented Reality Systems [24] Fernández-Caramés, T. M., Fraga-Lamas, P. “A Review on the Use of
for the Industry 4.0 Shipyard”, IEEE Access, vol. 6, pp. 13358-13375, Blockchain for the Internet of Things”, in IEEE Access, vol. 6, pp. 32979–
2018. 33001, 2018.
[4] Fernández-Caramés, T. M., Fraga-Lamas, P., Suárez-Albela, M., Vilar- [25] Dai, F., Shi, Y., Meng, N., Wei, L., Ye, Z. “From Bitcoin to cybersecurity:
Montesinos, M. “A Fog Computing and Cloudlet Based Augmented Re- A comparative study of blockchain application and security issues”, in Pro-
ality System for the Industry 4.0 Shipyard”, in Sensors 2018, 18, 1798. ceedings of the 4th International Conference on Systems and Informatics
[5] Fraga-Lamas, P., Fernández-Caramés, T. M., Castedo, L. “Towards the In- (ICSAI), Hangzhou, China, 2017, pp. 975-979.
ternet of Smart Trains: A Review on Industrial IoT-Connected Railways”, [26] Sukhodolskiy I., Zapechnikov, S. “A blockchain-based access control sys-
Sensors, vol. 17, no. 6, no. 1457, pp. 1–44, Jun. 2017 tem for cloud storage”, in Proceedings of the IEEE Conference of Russian
[6] Frost & Sullivan, Digital Transformation of the Automotive Young Researchers in Electrical and Electronic Engineering (EIConRus),
Industry Digitalization Spending to Grow Rapidly to $82.01 Moscow, Russia, 2018, pp. 1575-1578.
Billion in 2020. Available online: https://store.frost.com/ digital- [27] DeCusatis, C., Zimmermann, M., Sager, A. “Identity-based network se-
transformation-of-the-automotive-industry.html (Accessed on 3 curity for commercial blockchain services”, in Proceedings of the IEEE
August 2018) 8th Annual Computing and Communication Workshop and Conference
[7] Tapscott, D., Tapscott, A., “Cummings J. Blockchain Revolution: How the (CCWC), Las Vegas, NV, USA, 2018, pp. 474-477.
Technology Behind Bitcoin is Changing Money, Business, and the World”. [28] Mylrea, M., Gourisetti, S. N. G. “Blockchain for smart grid resilience: Ex-
Random House, LLC. 2016. changing distributed energy at speed, scale and security”, in Proceedings
[8] Fernández-Caramés, T.M., Fraga-Lamas, P. “Design of a Fog Computing, of the Resilience Week (RWS), Wilmington, DE, USA, 2017, pp. 18-23.
Blockchain and IoT-Based Continuous Glucose Monitoring System for [29] Fraga-Lamas, P. “Enabling Technologies and Cyber-Physical Systems
Crowdsourcing mHealth”, in Proceedings of the 5th International Elec- for Mission-Critical Scenarios”, Ph.D. dissertation, Dept. Electrónica y
tronic Conference on Sensors and Applications, 15-30 Nov. 2018. Sistemas, Univ. A Coruña, A Coruña, Spain, 2017.
[9] World Economic Forum. Deep shift Technology Tipping Points and [30] Zhao, Y., Li, Y., Mu, Q., Yang, B., Yu, Y. “Secure Pub-Sub: Blockchain-
Societal Impact. Survey Report, September 2015. Available online: Based Fair Payment With Reputation for Reliable Cyber Physical Sys-
http://www3.weforum.org/docs/WEF_GAC15_Technological_Tipping_ tems”, in IEEE Access, vol. 6, pp. 12295-12303, 2018.
Points_report_2015.pdf (accessed on July 2018). [31] Rawat, D. B., Njilla, L., Kwiat, K., Kamhoua, C. “iShare: Blockchain-
[10] Hernández-Rojas, D. L., Fernández-Caramés, T. M., Fraga-Lamas, P., Based Privacy-Aware Multi-Agent Information Sharing Games for Cyber-
Escudero, C. J. “Design and practical evaluation of a family of lightweight security”, in Proceedings of the International Conference on Computing,
protocols for heterogeneous sensing through BLE beacons in IoT teleme- Networking and Communications (ICNC), Maui, HI, USA, 2018, pp. 425-
try applications”, Sensors, vol. 18, no. 1, p. 57, Dec. 2017. 431.
[11] Froiz-Míguez, I., Fernández-Caramés, T. M., Fraga-Lamas, P., Castedo, [32] Ortega, V., Bouchmal, F., Monserrat, J. F. “Trusted 5G Vehicular Net-
L. “Design, Implementation and Practical Evaluation of an IoT Home works: Blockchains and Content-Centric Networking”, in IEEE Vehicular
Automation System for Fog Computing Applications Based on MQTT and Technology Magazine, vol. 13, no. 2, pp. 121-127, June 2018.
ZigBee-WiFi Sensor Nodes”, in Sensors, vol. 18, 2018. [33] Zyskind, G., Nathan, O. “Decentralizing privacy: Using blockchain to pro-
[12] D. L. Hernández-Rojas, T. M. Fernández-Caramés, P. Fraga-Lamas, Es- tect personal data”, in Proceedings of the IEEE Secur. Privacy Workshops
cudero, C. J. “A Plug-and-Play Human-Centered Virtual TEDS Architec- (SPW), San Jose, CA, USA, May 2015, pp. 180–184.
ture for the Web of Things”, Sensors, vol. 18, p. 2052, 2018. [34] Giungato, P., Rana, R., Tarabella, A., Tricase, C. “Current trends in sus-
[13] Blanco-Novoa, O., Fernández-Caramés, T. M., Fraga-Lamas, P., Castedo, tainability of bitcoins and related blockchain technology”, Sustainability,
L. “A Cost-Effective IoT System for Monitoring Indoor Radon Gas Con- vol. 9, no. 12, p. 2214, 2017.
centration”, in Sensors, vol. 18, 2018. [35] Decker, C., Wattenhofer, R. “Information propagation in the bitcoin net-
[14] Fernández-Caramés, T. M., Fraga-Lamas, P. “Towards The Internet of work”, in Proceedings of the IEEE 13th Int. Conf. Peer-Peer Comput.
Smart Clothing: A Review on IoT Wearables and Garments for Creating (P2P), Trento, Italy, Sep. 2013, pp. 1–10.
Intelligent Connected E-Textiles”, in Electronics, vol. 7, 2018. [36] Kasemsap, K. “Mastering Intelligent Decision Support Systems in En-
terprise Information Management”, in Management Association (Ed.),

VOLUME 9, 2016 17
 P. Fraga-Lamas, T. M. Fernández-Caramés: A Review on Blockchain Technologies for an Advanced and Cyber-Resilient Automotive Industry

Intelligent Systems: Concepts, Methodologies, Tools, and Applications [57] Shim, K.A. “A survey of public-key cryptographic primitives in wireless
(pp. 2013-2034). Hershey, PA: IGI Global. sensor networks”, in IEEE Communications Surveys & Tutorials, 2016,
[37] Park, S., Aslam, B., Turgut, D., Zou, C. C. “Defense against Sybil attack in vol. 18, no 1, p. 577-601.
the initial deployment stage of vehicular ad hoc network based on roadside [58] Noroozi, E., Kadivar, J., Shafiee, S. H. “Energy analysis for wireless
unit support”, in Security and Communication Networks, vol. 6, no 4, pp. sensor networks”, in Proceedings of the 2nd International Conference on
523-538, 2013. Mechanical and Electronics Engineering, Kyoto, Japan, 1-3 Aug. 2010.
[38] Nakamoto, S. “Bitcoin: A Peer-to-Peer Electronic Cash System”. Avail- [59] Suárez-Albela, M., Fernández-Caramés, T. M., Fraga-Lamas, P.; Castedo,
able online: https://bitcoin.org/bitcoin.pdf (Accessed on 3 August 2018) L. “A Practical Evaluation of a High-Security Energy-Efficient Gateway
[39] Sato, M., Matsuo, S. “Long-Term Public Blockchain: Resilience against for IoT Fog Computing Applications”, in Sensors, vol. 17, p. 1978, 2017.
Compromise of Underlying Cryptography”, in Proceedings of the IEEE [60] de Oliveira, P. R., Feltrim, V. D., Fondazzi Martimiano, L. A., Marcal
European Symposium on Security and Privacy Workshops, Vancouver, Zanoni, G. B. “Energy Consumption Analysis of the Cryptographic Key
Canada, 31 July-3 Ago. 2017. Generation Process of RSA and ECC Algorithms in Embedded Systems”,
[40] Takura, A., Ono, S., Naito, S. “A secure and trusted time stamping IEEE Latin America Transactions, vol. 6, no. 6, pp. 1141-1148, Sep. 2014.
authority”, in Proceedings of the Internet Workshop, Osaka, Japan, 18-20 [61] Suárez-Albela, M., Fraga-Lamas, P., Castedo, L., Fernández-Caramés,
Feb. 1999. T. M. “Clock Frequency Impact on the Performance of High-Security
Cryptographic Cipher Suites for Energy-Efficient Resource-Constrained
[41] Kshetri, N. “Can Blockchain Strengthen the Internet of Things?”, in IT
IoT Devices”, in Sensors, vol. 19, Jan. 2019.
Professional, vol. 19, no. 4, pp. 68-72, 2017.
[62] Goyal, T. K., Sahula, V. “Lightweight security algorithm for low power
[42] Anirudh, M., Thileeban, S. A., Nallathambi, D. J. “Use of honeypots IoT devices”, in Proceedings of the 2016 International Conference on
for mitigating DoS attacks targeted on IoT networks”, in Proceedings of Advances in Computing, Communications and Informatics, Jaipur, India,
the International Conference on Computer, Communication and Signal 21-24 Sep. 2016.
Processing (ICCCSP), Chennai, Indica, 10-11 Jan. 2017. [63] NIST, Report on Post-Quantum Cryptography, NISTIR 8105 DRAFT;
[43] Xu, Q., Ren, P., Song, H., Du, Q. “Security Enhancement for IoT Commu- https://nvlpubs.nist.gov/nistpubs/ir/2016/NIST.IR.8105.pdf, April 2016.
nications Exposed to Eavesdroppers With Uncertain Locations”, in IEEE [64] Cheng, C., Lu, R., Petzoldt, A., Takagi, T. “Securing the Internet of Things
Access, vol. 4, pp. 2840-2853, June 2016. in a quantum world”, in IEEE Commun. Mag., vol. 55, no. 2, pp. 116–120,
[44] Li, X., Wang, H., Yu, Y., Qian, C. “An IoT Data Communication Frame- Feb. 2017.
work for Authenticity and Integrity”, in Proceedings of the IEEE/ACM [65] Koblitz, N., Menezes, A. “A Riddle Wrapped in an Enigma”, in IEEE
Second International Conference on Internet-of-Things Design and Imple- Security & Privacy, vol 14, no. 6, pp. 34-42, Dec. 2016.
mentation (IoTDI), Pittsburgh, United States, 18-21 Apr. 2017. [66] Koblitz, N., Menezes, A. “A Riddle Wrapped in an Enigma”, in IEEE
[45] Yu, T., Wang, X., Shami, A. “Recursive Principal Component Analysis- Security & Privacy, early access, 2018.
Based Data Outlier Detection and Sensor Data Aggregation in IoT Sys- [67] Gao, Y., Chen, X., Chen, Y., Sun, Y., Niu, X. Yang, Y. “A Secure
tems”, in IEEE Internet of Things Journal, vol. 4, no. 6, pp. 2207-2216, Cryptocurrency Scheme Based on Post-Quantum Blockchain”, in IEEE
Dec. 2017. Access, vol. 6, pp. 27205-27213, 2018.
[46] NIST official web page. Available online: https://www.nist.gov (Accessed [68] Meiklejohn, S., Pomarole, M., Jordan, G., Levchenko, K., McCoy, D.,
on November 2018) Voelker, G. M., Savage, S. “A fistful of bitcoins: Characterizing payments
[47] Rescorla, E. The Transport Layer Security (TLS) protocol version 1.3. among men with no names”, Communications of the ACM, vol. 59, no. 4,
2018. Available online: http://www.rfc-editor.org/info/rfc8446 (Accessed pp. 86-93, April 2016.
on December 2018) [69] Möser, M., Böhme, R., Breuker, D. “An inquiry into money laundering
[48] Rivest, R. L., Shamir, A., Adleman, L. “A method for obtaining digital tools in the Bitcoin ecosystem”, in Proceedings of the APWG eCrime
signatures and public-key cryptosystems”, in Commun. ACM, vol. 21, no. Researchers Summit, San Francisco, United States, 17-18 Sep. 2013.
2, pp. 120-126, Feb. 1978. [70] Multichain white paper. Available online: https://www.multichain.com/
[49] Kleinjung, T., Aoki, K., Franke, J., Lenstra, A. K., Thomé, E., Bos, J. download/MultiChain-White-Paper.pdf (Accessed on 3 August 2018)
W., Gaudry, P., Kruppa, A., Montgomery, P. L., Osvik, D. A., te Riele, [71] Bonneau, J., Narayanan, A., Miller, A., Clark, J., Kroll, J. A., Felten, E.
H. J. J., Timofeev, A., Zimmermann, P. “Factorization of a 768-Bit RSA W., Christin, N., Safavi-Naini, R. “Mixcoin: Anonymity for Bitcoin with
Modulus”, in Proceedings of the 30th annual conference on Advances in Accountable Mixes”, in Proceedings of the 18th International Conference
cryptology, Santa Barbara, United States, 15-19 Aug. 2010. on Financial Cryptography and Data Security, Christ Church, Barbados,
3-7 March, 2014, pp. 486-504.
[50] Pellegrini, A., Bertacco, V., Austin, T. “Fault-based attack of RSA au-
[72] Valenta, L., Rowan, B. “Blindcoin: Blinded, Accountable Mixes for Bit-
thentication”, in Proceedings of the Design, Automation & Test in Europe
coin”, International Workshops on BITCOIN, WAHC, and Wearable, San
Conference & Exhibition, Dresden, Germany, 8-12 Mar. 2010.
Juan, Puerto Rico, 30 Jan., 2015, pp. 112-126.
[51] Bos, J.W., Halderman, J.A., Heninger, N., Moore, J., Naehrig, M., Wus-
[73] Conti, M., Kumar, E. S., Lal, C., Ruj, S. “A Survey on Security and Privacy
trow E. “Elliptic Curve Cryptography in Practice”. In: Christin N., Safavi-
Issues of Bitcoin”, in IEEE Communications Surveys & Tutorials, vol. 20,
Naini R. (eds) Financial Cryptography and Data Security. FC 2014. Lec-
no. 4, May 2018.
ture Notes in Computer Science, vol 8437. Springer, Berlin, Heidelberg.
[74] Zerocoin official web page. Available online: http://zerocoin.org (Ac-
[52] Lara-Nino, C. A., Diaz-Perez, A., Morales-Sandoval, M. “Elliptic Curve cessed on 3 August 2018).
Lightweight Cryptography: A Survey”, in IEEE Access, vol. 6, pp. 72514- [75] Zerocash official web page. Available online: http://zerocash-project.org
72550, 2018. (Accessed on 3 August 2018).
[53] Habib, M., Mehmood, T., Ullah, F., Ibrahim, M. “Performance of WiMAX [76] Zcash official web page. Available online: https://z.cash (Accessed on 3
Security Algorithm (The Comparative Study of RSA Encryption Algo- August 2018).
rithm with ECC Encryption Algorithm)”, in Proceedings of the 2009 [77] Schukat, M., Flood, P. “Zero-knowledge proofs in M2M communication”,
International Conference on Computer Technology and Development, in Proceedings of the 25th IET Irish Signals & Systems Conference and
Kota Kinabalu, Malaysia, 13-15 Nov. 2009. China-Ireland International Conference on Information and Communica-
[54] Savari, M., Montazerolzohour, M., Thiam, Y. E. “Comparison of ECC and tions Technologies, Limerick, Ireland, 26-27 June 2014.
RSA algorithm in multipurpose smart card application”, in Proceedings of [78] Andreeva, E., Mennink, B., Preneel, B. “Open problems in hash func-
the International Conference on Cyber Security, Cyber Warfare and Digital tion security”, Designs, Codes and Cryptography, vol.77, no. 2–3, pp.
Forensic, Kuala Lumpur, Malaysia, 26-28 June 2012. 611–631,December 2015.
[55] Bafandehkar, M., Yasin, S. M., Mahmod, R., Hanapi, Z. M. “Comparison [79] Wang, M., Duan, M., Zhu, J. “Research on the Security Criteria of Hash
of ECC and RSA Algorithm in Resource Constrained Devices”, in Pro- Functions in the Blockchain”, in Proceedings of the 2nd ACM Workshop
ceedings of the International Conference on IT Convergence and Security, on Blockchains, Cryptocurrencies, and Contracts (BCC’18), Incheon,
Macau, China, 16-18 Dec. 2013. Republic of Korea, June 2018.
[56] Suárez-Albela, M., Fraga-Lamas, P., Fernández-Caramés, T. M. “A Prac- [80] Litecoin official web page. Available online: https://litecoin.com (Ac-
tical Evaluation on RSA and ECC-Based Cipher Suites for IoT High- cessed on November 2018)
Security Energy-Efficient Fog and Mist Computing Devices”, in Sensors, [81] Namecoin official web page. Available online: https://namecoin.org/ (Ac-
Nov. 2018, 18, 3868. cessed on November 2018)

18 VOLUME 9, 2016
P. Fraga-Lamas, T. M. Fernández-Caramés: A Review on Blockchain Technologies for an Advanced and Cyber-Resilient Automotive Industry

[82] Emercoin official web page. Available online: https://emercoin.com/es International Conference on Web Services, Honolulu, United States, 25-
(Accessed on November2018) 30 June 2017.
[83] Litecoin official web page. Available online: https://litecoin.com (Ac- [107] Augur official web page. Available online: https://www.augur.net/ (ac-
cessed on November 2018) cessed on July 2018).
[84] Gridcoin official web page. Available online: https://gridcoin.us/ (Ac- [108] Gnosis official web page. Available online: https://gnosis.pm/ (accessed
cessed on November 2018) on July 2018).
[85] Dogecoin official web page. Available online: https://dogecoin.com/ (Ac- [109] Oraclize official web page. Available online: http://www.oraclize.it/ (ac-
cessed on November 2018) cessed on July 2018).
[86] Henry, R., Herzberg, A., Kate, A. “Blockchain Access Privacy: Challenges [110] Buterin, V. “Ethereum white paper: A next-generation smart contract and
and Directions” in IEEE Security & Privacy, vol. 16, no. 4, pp. 38-45, decentralized application platform”, 2014.
July/August 2018. [111] DuPont, Q. Experiments in Algorithmic Governance: A history and
[87] Bytecoin’s official web page. Available online: https://bytecoin.org (Ac- ethnography of ‘The DAO,’ a failed Decentralized Autonomous Organi-
cessed on 3 August 2018). zation.(ed. Malcolm Campbell-Verduyn) Bitcoin and Beyond: Cryptocur-
[88] Monero’s official web page. Available online: https://getmonero.org (Ac- rencies, Blockchains and Global Governance (preprint). Forthcoming.
cessed on 3 August 2018). [112] ERC Project. P2P Models. Available online: https://p2pmodels.eu/ (Ac-
[89] CryptoNote’s official web page. Available online: https://cryptonote.org cessed on November 2018).
(Accessed on 3 August 2018). [113] Fabiano, N. “The Internet of Things ecosystem: The blockchain and
[90] Moore, C., O’Neill, M., O’Sullivan, E., Doröz, Y., Sunar, B. “Practical privacy issues. The challenge for a global privacy standard”, in Proceed-
homomorphic encryption: A survey”, in Proceedings of the IEEE In- ings of the International Conference on Internet of Things for the Global
ternational Symposium on Circuits and Systems (ISCAS), Melbourne, Community (IoTGC), Funchal, Portugal, 10-13 July 2017, pp. 1-7.
Australia, 1-5 June 2014. [114] Raskin, M. The Law and Legality of Smart Contracts (September
[91] Hayouni, H., Hamdi, M. “Secure data aggregation with homomorphic 22, 2016). Georgetown Law Technology Review 304 (2017). Available
primitives in wireless sensor networks: A critical survey and open research at SSRN: https://ssrn.com/abstract=2959166 or
issues”, in Proceedings of the IEEE 13th International Conference on http://dx.doi.org/10.2139/ssrn.2842258 (Accessed on November 2018).
Networking, Sensing, and Control (ICNSC), Mexico City, Mexico, 28-30 [115] Atzei, N.; Bartoletti, M.; Cimoli, T. A survey of attacks on Ethereum
Apr. 2016. smart contracts (SoK). In Proceedings of the International Conference on
[92] França, B. F. “Homomorphic Mini-blockchain Scheme”, April 2015. Principles of Security and Trust, Uppsala, Sweden, 24–25 April 2017; pp.
Available online: http://cryptonite.info/files/HMBC.pdf (Accessed on 3 164–186.
August 2018) [116] Commercial White Paper, BTS-BPM. Blockchain and the Benefits it
[93] Lukianov, D. “Compact Confidential Transactions for Bitcoin”, December brings to F&A teams across Industries. Available online: http://bps.
2015. Available online: http://voxelsoft.com/dev/cct.pdf (Accessed on 3 techmahindra.com/pdf/White-Paper-Block-chain-and-its-usage-in-FA.
August 2018). PDF (accessed on December 2018).
[94] ISO/IEC 24760-1:2011 Information technology – Security techniques – [117] European Parliament’s Committee on Transport and Tourism,
A framework for identity management – Part 1: Terminology and con- Directorate-General for Internal Policies, Policy Department B: Structural
cepts, ISO/IEC, 2011. Available online: https://www.iso.org/obp/ui/#iso: and Cohesion Policies, Transport and Tourism, Research for TRAN
std:iso-iec:24760:-3:ed-1:v1:en (Accessed on 7 November 2018). Committee, “Self-piloted cars: The future of road transport?”, Mar. 2016.
[95] Dunphy, P., Petitcolas, F. A. P., “A First Look at Identity Management [118] McKinsey & Company, Competing for the connected customer – per-
Schemes on the Blockchain”, in IEEE Security & Privacy, vol. 16, no. 4, spectives on the opportunities created by car connectivity and automation,
pp. 20-29, July/August 2018. Advanced Industries, Sep. 2015.
[96] Kravitz, D. W., Cooper, J. “Securing user identity and transactions symbi- [119] European Parliament resolution of 3 October 2018 on distributed ledger
otically: IoT meets blockchain”, in Proceedings of the Global Internet of technologies and blockchains: building trust with disintermediation
Things Summit (GIoTS), Geneva, Switzerland, 6-9 June 2017. (2017/2772(RSP)). Available online: http://www.europarl.europa.eu/
[97] Bendiab, K., Kolokotronis, N., Shiaeles, S., Boucherkha, S. “WiP: A sides/getDoc.do?type=TA&reference=P8-TA-2018-0373&language=EN
Novel Blockchain-Based Trust Model for Cloud Identity Management”, in (accessed on December 2018).
Proceedings of DASC/PiCom/DataCom/CyberSciTech, Athens, Greece, [120] Nascimento, S., Pólvora, A. , Sousa, L. J. Blockchain4EU: Blockchain
2018, pp. 724-729. for Industrial Transformations. EUR 29215 EN, Publications Office of the
[98] Othman, A., Callahan, J. “The Horcrux Protocol: A Method for De- European Union, Luxembourg, 2018.
centralized Biometric-based Self-sovereign Identity”, in Proceedings of [121] European Road Transport Research Advisory Council (ERTRAC),
the International Joint Conference on Neural Networks (IJCNN), Rio de Strategic Research Agenda, Input to 9th EU Framework Programme,
Janeiro, Brazil, 2018. 2018. Available online: https://www.ertrac.org/uploads/documentsearch/
[99] Lin, C., He, D., Huang, X., Khurram Khan, M., Choo, K. R. “A New Tran- id52/ERTRAC-Strategic-Research-Agenda-SRA-2018.pdf (accessed on
sitively Closed Undirected Graph Authentication Scheme for Blockchain- December 2018)
Based Identity Management Systems”, in IEEE Access, vol. 6, pp. 28203- [122] Stenholm, D., Stylidis, K., Bergsjö, D., Söderberg, R. “Towards robust
28212, 2018. inter-organizational synergy: Perceived quality knowledge transfer in the
[100] Hashemi, S. H., Faghri, F., Rausch, P., Campbell, R. H. “World of automotive industry”, In Proceedings of the 21st International Conference
Empowered IoT Users”, in Proceedings of the IEEE First International on Engineering Design, Vol 6: Design Information and Knowledge, Van-
Conference on Internet-of-Things Design and Implementation (IoTDI), couver, Canada, pp. 011-020, 2017.
Berlin, Germany, 4-8 Apr. 2016, pp. 13-24. [123] Kayikci, Y. “Sustainability impact of digitization in logistic”, in Procedia
[101] Jabir, R. M., Khanji, S. I. R., Ahmad, L. A., Alfandi, O., Said, H. Manufacturing, 21, 782-789, 2018.
“Analysis of cloud computing attacks and countermeasures”, in Proceed- [124] World Economic Forum White Paper. Digital Transformation of Indus-
ings of the 18th International Conference on Advanced Communication tries: Automotive Industry, January 2016.
Technology (ICACT), Pyeongchang, South Korea, 31 Jan.-3 Feb. 2016. [125] GlobalAutomakers official webpage. Available online: https://www.
[102] Atya, A. O. F., Qian, Z., Krishnamurthy, S. V., Porta, T. L., McDaniel, P., globalautomakers.org (accessed on December 2018)
Marvel, L. “Malicious co-residency on the cloud: Attacks and defense”, [126] Ernst & Young “Automotive retail 2030 — Evolution of dealerships and
in Proceedings of the IEEE Conference on Computer Communications, potential new roles in retail”. White paper, 2018.
Atlanta, United States, 1-4 May 2017. [127] Murry, C.; Schneider, H. S. “The economics of retail markets for new and
[103] CONIKS official web page. Available online: https://coniks.cs.princeton. used car“’. Handbook on the Economics of Retailing and Distribution,
edu (Accessed on November 2018). 343, 2016
[104] Google’s Certificate Transparency official web page. Available online: [128] Robust Sense project official web page. Available online: https://
https://www.certificate-transparency.org (Accessed on November 2018). robustsense.eu/project.html (accessed on December 2018)
[105] Chen, T. M., Abu-Nimeh, S. “Lessons from Stuxnet” in Computer, vol. [129] Brousmiche, K. L., Heno, T., Poulain, C., Dalmieres, A., Hamida, E. B.,
44, no. 4, pp. 91-93, Apr. 2011. “Digitizing, Securing and Sharing Vehicles Life-cycle Over a Consortium
[106] Liu, B., Yu, X. L., Chen, S., Xu, X., Zhu, L. “Blockchain Based Data Blockchain: Lessons Learned”, in Proceedings of the IEEE International
Integrity Service Framework for IoT Data”, in Proceedings of the IEEE Conference on New Technologies, Mobility and Security, 2018.

VOLUME 9, 2016 19
 P. Fraga-Lamas, T. M. Fernández-Caramés: A Review on Blockchain Technologies for an Advanced and Cyber-Resilient Automotive Industry

[130] Luan, X., Cheng, L., Zhou, Y., Tang, F. “Strategies of Car-Sharing [152] Carvertical official web page. Available online: https://www.carvertical.
Promotion in Real Market”, in Proceedings of the IEEE International com/ (accessed on July 2018).
Conference on Intelligent Transportation Engineering, Singapore, pp. 159- [153] Fernández-Caramés, T.M.; Blanco-Novoa, O.; Suárez-Albela, M.; Fraga-
163, 2018. Lamas, P. “An UAV and Blockchain-based System for Industry 4.0 Inven-
[131] OakenInnovation official webpage. Available online: https://www. tory and Traceability Applications”, in Proceedings of the 5th Int. Electron.
oakeninnovations.com/ (accessed on December 2018). Conf. Sens. Appl. 15-30 November 2018; MDPI AG, 2018.
[132] Cube Partners, P2P car-sharing official webpage. Available online: https: [154] Fernández-Caramés, T. M., Fraga-Lamas, P. “A Review on Human-
//cubeint.io/ (accessed on December 2018) Centered IoT-Connected Smart Labels for the Industry 4.0”, IEEE Access,
[133] Han-jiang, Z., Fang, G. “The study of a dual-channel automotive supply vol. 6, pp. 25939-25957, 2018.
chain based on Internet of Things”, in Proceedings of the International [155] Heber, D., Groll, M. “Towards a digital twin: How the blockchain can
Conference on Management Science and Engineering, Harbin, China, foster E/E-traceability in consideration of model-based systems engineer-
2013. ing”, in Proceedings of the 21st International Conference on Engineering
[134] Sharma, P. K., Kumar, N., Park, J. H. “Blockchain-based Distributed Design Vol 3: Product, Services and Systems Design, Vancouver, Canada,
Framework for Automotive Industry in a Smart City”, in IEEE Transac- 21-25, pp. 321-330, 2017.
tions on Industrial Informatics, 2018. [156] Qi, Q., Tao, F. “Digital Twin and Big Data Towards Smart Manufacturing
[135] Volvo DriveMe official webpage. Available online: https: and Industry 4.0: 360 Degree Comparison”, in IEEE Access, no. 99, Jan.
//www.volvocars.com/intl/buy/explore/intellisafe/autonomous-driving/ 2018.
how-it-works (accessed on December 2018). [157] Groupe Renault teams with Microsoft and VISEO to create the first-ever
[136] Tesla Autopilot official webpage. Available online: https://www.tesla. digital car maintenance book prototype. Available online: https://bit.ly/
com/en_EU/autopilot (accessed on December 2018). 2LXNUre(Accessed on 3 August 2018).
[137] Boysen, N., Emde, S., Hoeck, M., Kauderer, M. “Part logistics in the [158] Blockchain: Bosch and TÜV Rheinland present a solution for odometer
automotive industry: Decision problems, literature review and research fraud. Available online: https://bit.ly/2LMojCp (Accessed on 3 August
agenda”, in European Journal of Operational Research, Vol. 242, no. 1, 2018).
2015, pp. 107-120. [159] Car Next Door official web page. Available online: https://www.
[138] Lamberti, F., Gatteschi, V., Demartini, C., Pelissier, M., Gomez, A., carnextdoor.com.au/ (Accessed on 3 August 2018).
Santamaria, V. “Blockchains Can Work for Car Insurance: Using Smart [160] Toyota official web page. Available online: http://corporatenews.
Contracts and Sensors to Provide On-Demand Coverage”, in IEEE Con- pressroom.toyota.com/releases/toyota+research+institute+explores+
sumer Electronics Magazine, vol. 7, no. 4, pp. 72-81, July 2018. blockchain+technology.htm (Accessed on 3 August 2018)
[139] Cebe, M., Erdin, E., Akkaya, K., Aksu, H., Uluagac, S. “Block4Forensic: [161] Docusign official web page. Available online: https://www.docusign.
com/products/blockchain (Accessed on 3 August 2018).
An Integrated Lightweight Blockchain Framework for Forensics Applica-
[162] Daimler and LBBW successfully utilize blockchain tech- nology
tions of Connected Vehicles”, in IEEE Communications Magazine, vol.
56, no. 10, pp. 50-57, Oct. 2018. for launch of corporate Schuldschein. Available
online: http://media.daimler.com/marsMediaSite/en/instance/ko/
[140] Gatteschi, V., Lamberti, F., Demartini, C., Pranteda, C., Santamaría, V.
Daimler-and-LBBW-successfully-utilize-blockchain-technology-for-
“Blockchain and Smart Contracts for Insurance: Is the Technology Mature
(Accessed on 3 August 2018).
Enough?”, in Future Internet, vol. 10, no. 2, Feb. 2018.
[163] Car-ewallet official web page. Available online: https://car-ewallet.zf.
[141] Lu, N., Cheng, N., Zhang, N., Shen, X., Mark, J. W. “Connected Vehicles:
com/site/carewallet/en/car_ewallet.html (Accessed on 3 August 2018)
Solutions and Challenges”, in IEEE Internet of Things Journal, vol. 1, no.
[164] Fernández-Caramés, T.M.; Fraga-Lamas, P.; Suárez-Albela, M.; Díaz-
4, pp. 289-299, Aug. 2014.
Bouza, M.A. “A Fog Computing Based Cyber-Physical System for the
[142] Wright, A., De Filippi, P. “Decentralized Blockchain Technology and the Automation of Pipe-Related Tasks in the Industry 4.0 Shipyard”, in
Rise of Lex Cryptographia”. Available online: https://ssrn.com/abstract= Sensors 2018, 18, 1961.
2580664 (accessed on July 2018)
[165] IEEE, “IEEE Std 1609.12-2016 (Revision of IEEE Std 1609.12- 2012)
[143] Global Automotive Warranty Survey Report. Available online: - IEEE Standard for Wireless Access in Vehicular Environments
https://www.bearingpoint.com/files/AutoWarrantyReport_final_web.pdf (WAVE)”, Available onlin‘: https://standards.ieee.org/findstds/standard/
(Accessed on November 2018). 1609.12-2016.html (Accessed on 3 August 2018).
[144] Thun, J., Hoenig, D. “An empirical analysis of supply chain risk man- [166] Singh, M., Kim, S. “Introduce reward-based intelligent vehicles com-
agement in the German automotive industry”, in International Journal of munication using blockchain”, in Proceedings of the International SoC
Production Economics, Volume 131, Issue 1, 2011, Pages 242-249. Design Conference (ISOCC), Seoul, South Korea, 2017, pp. 15-16.
[145] Mathivathanan, D., Kannan, D., Noorul Haq, A. “Sustainable supply [167] Dorri, A., Steger, M., Kanhere, S. S., Jurdak, R. “BlockChain: A Dis-
chain management practices in Indian automotive industry: A multi- tributed Solution to Automotive Security and Privacy” in IEEE Communi-
stakeholder view”, in Resources, Conservation and Recycling, vol. 128, cations Magazine, vol. 55, no. 12, pp. 119-125, Dec. 2017.
2018; pp. 284-305. [168] Suárez-Albela, M., Fraga-Lamas, P. Fernández-Caramés, T. M., Dapena,
[146] Fraga-Lamas, P., Fernández-Caramés, T.M., Noceda-Davila, D., Vilar- A., González-López, M. “Home automation system based on intelligent
Montesinos, M. “RSS Stabilization Techniques for a Real-Time Passive transducer enablers”, Sensors, vol. 16, no. 10, no. 1595, pp. 1–26, Sep.
UHF RFID Pipe Monitoring System for Smart Shipyards”, in Proceedings 2016.
of the 2017 IEEE International Conference on RFID (IEEE RFID 2017), [169] Huang, X., Xu, C., Wang, P., Liu, H. “LNSC: A Security Model for
Phoenix, AZ, USA, 9–11 May 2017; pp. 161–166. Electric Vehicle and Charging Pile Management Based on Blockchain
[147] Fernández-Caramés, T .M., Fraga-Lamas, P., Suárez-Albela, M., Castedo, Ecosystem”, in IEEE Access, vol. 6, pp. 13565-13574, 2018.
L. “A Methodology for Evaluating Security in Commercial RFID [170] Knirsch, F., Unterweger, A., Engel, D. “Privacy-preserving blockchain-
Systems”, Radio Frequency Identification. In Radio Frequency Identifica- based electric vehicle charging with dynamic tariff decisions”, Comput.
tion, 1st ed.; Crepaldi, P.C., Pimenta, T.C., Eds.; INTECH: Rijeka, Croatia, Sci. Res. Develop., vol. 33, nos. 1–2, pp. 71–79, 2017.
2016. [171] Petit, J., Shladover, S. E. “Potential Cyberattacks on Automated Vehi-
[148] Fraga-Lamas, P., Fernández-Caramés, T. M. “Reverse Engineering the cles”, in IEEE Transactions on Intelligent Transportation Systems, vol. 16,
Communications Protocol of an RFID Public Transportation Car“’, in no. 2, pp. 546-556, April 2015.
Proceedings of the IEEE International Conference on RFID, Phoenix, AZ, [172] Mehedi Hasan, M. G. M., Datta, A., Ashiqur Rahman, M., Shahriar, H.
USA, 9–11 May 2017, pp. 30–35. “Chained of Things: A Secure and Dependable Design of Autonomous
[149] Fernández-Caramés, T. M., Fraga-Lamas, P., Suárez-Albela, M., Castedo, Vehicle Services”, in Proceedings of the 42nd IEEE Annual Computer
L. “Reverse Engineering and Security Evaluation of Commercial Tags for Software and Applications Conference (COMPSAC), Tokyo, Japan, 2018,
RFID-Based IoT Applications”, in Sensors, 2017, 17, 28. pp. 498-503.
[150] IOTA’s official web page. Available online: https://www.iota.org (Ac- [173] Birrell, E., Schneider, F. B. “Federated Identity Management Systems: A
cessed on 3 August 2018) Privacy-Based Characterization”, in IEEE Security & Privacy, vol. 11, no.
[151] Collomb, A., Sok, K. “Blockchain/Distributed Ledger Technology (DLT): 5, pp. 36-48, Sept.-Oct. 2013.
What Impact on the Financial Sector?”, in DigiWorld Economic Journal, [174] International Telecommunications Union (ITU) Focus Group on Applica-
no. 103, 2016. tion of Distributed Ledger Technology (FG DLT). Available online: https:

20 VOLUME 9, 2016
P. Fraga-Lamas, T. M. Fernández-Caramés: A Review on Blockchain Technologies for an Advanced and Cyber-Resilient Automotive Industry

//www.itu.int/en/ITU-T/focusgroups/dlt/Pages/default.aspx (Accessed on
December 2018)
[175] International Standards Organisation (ISO) Technical Committee 307 on
Blockchain and Distributed Ledger Technologies. Available online: https:
//www.iso.org/committee/6266604.html (Accessed on December 2018)
[176] European Committee for Standardization (CEN) and the Euro- pean
Committee for Electrotechnical Standardization (CENELEC) Focus
Group on Blockchain and Distributed Ledger Technologies (DLT).
Available online: https://www.cencenelec.eu/standards/Sectors/
ICT/BlockchainLedgerTechnologies/Pages/default.aspx (Accessed on De-
cember 2018)
[177] Recommendations for Successful Adoption in Europe of Emerging Tech-
nical Standards on Distributed Ledger/Blockchain Technologies CEN-
CENELEC Focus Group on Blockchain and Distributed Ledger Technolo-
gies (FG-BDLT), White Paper Subgroup: N 001, September 2018,
[178] Blockchain in transport alliance (BiTA) web page. Available online:
https://bita.studio/ (Accessed on December 2018)
[179] IEEE Blockchain web page. Available online: https://Blockchain.ieee.
org/ (Accessed on December 2018)
[180] MOBI web page. Available online: https://www.dlt.mobi/ (Accessed on 3
August 2018)

PAULA FRAGA-LAMAS (M’17) received the

M.Sc. degree in Computer Science in 2008 from
University of A Coruña (UDC) and the M.Sc.
and Ph.D. degrees in the joint program Mobile
Network Information and Communication Tech-
nologies from five Spanish universities: University
of the Basque Country, University of Cantabria,
University of Zaragoza, University of Oviedo and
University of A Coruña, in 2011 and 2017, re-
spectively. Since 2009, she has been working with
the Group of Electronic Technology and Communications (GTEC) in the
Department of Computer Engineering (UDC). She holds an MBA and
postgraduate studies in business innovation management (JMC of European
Industrial Economy), sustainability (CSR) and social innovation (INDITEX-
UDC Chair). She is co-author of more than fifty peer-reviewed indexed
journals, international conferences and book chapters. Her current research
interests include wireless communications in mission-critical scenarios,
Industry 4.0, Internet of Things (IoT), Augmented Reality (AR), blockchain,
RFID and Cyber-Physical systems (CPS). She has also been participating
in more than twenty research projects funded by the regional and national
government as well as R&D contracts with private companies.

TIAGO M. FERNÁNDEZ-CARAMÉS (S’08-

M’12-SM’15) received his MSc degree and PhD
degrees in Computer Science in 2005 and 2011
from University of A Coruña, Spain. Since 2005
he has worked as a researcher and professor for
the Department of Computer Engineering of the
University of A Coruña inside the Group of Elec-
tronic Technology and Communications (GTEC).
His current research interests include IIoT/IoT
systems, RFID, wireless sensor networks, Industry
4.0, blockchain and augmented reality.

VOLUME 9, 2016 21