Blockchain Technology for IoT Security and Trust: A Comprehensive SLR

Abstract

After the emergence of the Internet of Things (IoT), the way devices interact with each other changed, as it allowed automation and seamless communication in various fields. However, various challenges related to security and trust have emerged, hindering the widespread adoption of the IoT. Blockchain technology is considered the ideal solution to face these challenges because of its immutable and decentralized nature. This paper explores the potential of blockchain technology to address critical security and trust challenges within the rapidly growing IoT ecosystem. Through a systematic literature review, this study examines how blockchain’s decentralized, immutable, and transparent features contribute to enhancing security and trust in IoT networks. Key findings indicate that blockchain integration can prevent data manipulation, ensure robust identity management, and facilitate transparent, verifiable transactions, supporting both security and trust in IoT systems. These attributes not only improve IoT security but also promote sustainable practices by optimizing resource efficiency, reducing environmental impact, and enhancing resilience in systems like supply chain management and smart grids. Additionally, this study identifies open research challenges and suggests future directions for optimizing blockchain in IoT environments, focusing on scalability, energy-efficient consensus mechanisms, and efficient data processing.

1. Introduction

Blockchain technology is a transformative technology that can change many industries, including the IoT. Due to the rapid growth of the IoT ecosystem, security and trust are the most prominent challenges faced by this interconnected network of devices. Relying on traditional measures alone is not sufficient to protect the IoT from these challenges, such as providing proper authentication and maintaining data integrity. For this reason, this paper presents blockchain as an optimal solution to enhance the reliability and security of the IoT by providing transparency and decentralization and reducing manipulation [1].

The IoT consists of many interconnected devices that can exchange large amounts of data and that need to be protected from unauthorized access or hacking. The increasing reliance on these devices in our daily lives has created security and trust concerns [2].

Blockchain is the underlying technology behind cryptocurrencies such as Bitcoin. It allows multiple parties to maintain consensus through a shared database that is based on distributed ledger technology without relying on a central authority. This is realized by integrating the network’s decentralized intent and cryptographic algorithms. Each transaction in blockchain technology is recorded in an independent block linked to the previous block of the blockchain. Thus, a chain of information is formed that cannot be changed or manipulated. Immutability and transparency are among the most important characteristics of blockchain that enable it to address issues of security and trust in the IoT ecosystem [1]. Blockchain technology uses a distributed consensus mechanism to ensure agreement on the state of the ledger. The transaction is verified and approved by all parties participating in the network before being included in the blockchain. Proof of work (PoW) and proof of stake (PoS) are two of the most prominent examples of consensus mechanisms. The consensus of all parties enhances the flexibility and security of the network, which makes it difficult to hack and manipulate data [3]. Moreover, decentralization is one of the most important advantages of blockchain technology as it enhances the security of the IoT by having multiple nodes participate in validating a common ledger. Decentralization prevents reliance on a single point, which increases the difficulty of hacking the system or a single point of failure. The ledger is distributed and replicated across the network, which leads to enhancing trust in IoT networks [3].

The ability to maintain the integrity of data from unauthorized modification or manipulation is one of the most important features of blockchain technology. Once the data are written on the blockchain and approved by the network parties, they cannot be modified or tampered with until all participating parties accept that change, which ensures the safety of these data from unauthorized access. This feature allows the data path to be audited; its source, known; and its authenticity, verified. This gives IoT networks confidence and builds an ecosystem that cannot be tampered with [3]. Large amounts of data are generated when billions of devices are connected, as in the case of the IoT network. Blockchain uses cryptographic properties to keep these data secure and unchangeable, stored in a distributed ledger. It also ensures that there is no central authority over the data, which reduces the risk of fraud and ensures transparency and decentralization [1].

In short, blockchain technology can provide many advantages to the IoT. It enhances security by providing a decentralized framework. It improves trust by ensuring data are reliable and valid and ensuring that they have not been tampered with. It enables peer-to-peer data exchange without the need for intermediaries. Distributed consensus provides reliability and flexibility to IoT systems. It provives regulatory compliance by simplifying and streamlining compliance and audit processes. In general, blockchain technology is considered a promising solution to address security and trust issues in IoT systems [2].

This paper contributes to the literature by providing a comprehensive analysis of security and trust challenges in IoT and of the ability of blockchain technology to overcome these challenges. This study’s contributions are summarized in the following points:

• Analyze IoT Security and Trust Challenges: To provide an understanding of the major security and trust concerns in IoT systems, IoT security challenges are considered at multiple layers of the IoT reference model while illustrating the weaknesses of conventional security mechanisms.
• Assess Blockchain’s Potential Capabilities for IoT Security: To assess the potential capabilities of blockchain technology, including decentralization, transparency, and immutability, while assessing the application of the proposed solutions for IoT architecture with regard to the specified challenges, including data integrity, authentication, and access control.
• Explore Blockchain’s Role in Enhancing IoT Sustainability: To examine the role that blockchain can play in making IoT sustainable by increasing resource utilization, reducing carbon footprint, and increasing openness and veracity of sources.
• Identify Integration Challenges and Future Directions: To provide insights on some of the areas of experimental or technical challenge related to integrating blockchain into IoT and on future research opportunities to enable efficient, scalable blockchain IoT platforms.
• Provide a Comprehensive Review of Recent Studies: Due to rapid advancements in IoT technology, this scoping review aims to locate and consolidate the latest articles published from 2020 to 2024, including the findings, methods, and shortcomings of blockchain IoT security and trust.

These objectives would help analyze how blockchain can further IoT technology in terms of security while addressing existing loopholes.

This paper is structured as follows: Section 2 shows the methodology used to organize this paper. Section 3 elaborates on the IoT architecture, security threats in the IoT domain, and other issues like trust, data integrity, access controls, and authentication. Section 4 presents a comprehensive overview of blockchain technology, including blockchain history, concept, characteristics, components, and types. In addition, it identifies the possible advantages of combining blockchain with IoT. Section 5 explores state-of-the-art studies in this field. Section 6 presents how utilizing IoT devices in conjunction with blockchain technology will contribute to sustainability and reinforce the connection. Section 7 determines the challenges of integrating blockchain with IoT environments. Finally, Section 8 concludes this paper by summarizing the key findings.

2. Methodology

The methodology used in this paper is a Systematic Literature Review (SLR) [4]. This structured approach ensures an organized review by outlining research queries and identifying applicable studies to analyze their discoveries for valuable insights extraction. This paper involves research studies that were published between 2020 and 2024. In addition, the paper selection followed PRISMA 2020 to ensure transparency and precision in selecting studies related to blockchain technology for IoT security and trust. An SLR includes planning, conducting, and reporting the review. The process starts with creating research queries and establishing criteria for what to include and exclude in the study search process using search strings to find studies. These studies are then evaluated before being narrowed down based on their alignment with the research scope.

2.1. Planning

Here, we added details on the research questions and inclusion/exclusion criteria used in the planning phase.

2.1.1. Research Questions

Key research questions for this SLR included the following:

• What are the main security and trust challenges in IoT environments?
• How can blockchain technology address these IoT security and trust challenges?
• What are the benefits of combining blockchain with IoT systems?
• What are the potential limitations and challenges in implementing blockchain within IoT environments?
• How does blockchain integration contribute to sustainability in IoT security?
• What are future directions for enhancing blockchain applications in IoT security?

2.1.2. Inclusion and Exclusion Criteria

This section allows the readers to reproduce the selection process and understand why few papers pass the selection criteria. In addition, we applied the following inclusion and exclusion criteria to ensure the quality and relevance of the papers selected for this SLR.

• Inclusion Criteria

  –

  Data of publication: This SLR includes papers that were published from 2020 to 2024 to make sure the information is recent.

  –

  Relevance to the field: This SLR concentrates on papers that focus on how blockchain is used to enhance security and trust in IoT systems.

  –

  Language: English-language papers were the focus of this SLR to guarantee accessibility and understanding for all readers.

  –

  Peer-reviewed: Scholarly articles that have undergone peer review were considered for inclusion, such as peer-reviewed journal articles along with conference papers and technical papers.

  –

  Full-text Access: This SLR includes research papers that have full-text access for detailed examination.

  –

  Original research papers: This SLR includes research papers that contain research findings such as outcomes or theoretical examinations that contribute to the field of IoT and blockchain security with innovative methods.

• Exclusion Criteria

  –

  Irrelevant papers: Papers that are not relevant include papers that do not specifically tackle the merging of IoT technologies with blockchain.

  –

  Non-peer-reviewed: Non-peer-reviewed sources, such as gray literature and opinion articles, are not considered in this literature review.

  –

  Non-English Papers: Papers written in a language other than English were excluded to prevent translation errors and ensure a grasp of the content.

  –

  Duplicate Studies: This SLR excluded any studies that were duplicated or redundant across two databases.

  –

  Inaccessible Papers: Papers that cannot be fully accessed were not considered in the selection process.

  –

  Paper length: Short papers that do not provide full understanding or lack detailed information about the topic were excluded.

We made sure to select the most pertinent studies that match the focus of using blockchain technology for securing and establishing trust in IoT systems by following these criteria.

2.2. Conducting

Here, we added details on the data sources and search strings used during the conducting phase.

2.2.1. Search Strings

We used the following search query to find the relevant studies and to enhance the quality of the search results: (“Internet of Things” OR “IoT” OR “connected devices” OR “cyber-physical systems” OR “smart devices” OR “sensor networks”) AND (“Blockchain” OR “distributed ledger” OR “DLT” OR “smart contracts” OR “decentralized technology”) AND (“security” OR “trust” OR “privacy” OR “data integrity” OR “authentication” OR “access control” OR “encryption” OR “cybersecurity”). These keywords are separated with boolean operators like AND, OR, and NOT to improve search results and filter out information.

2.2.2. Data Sources

This review used two scientific databases, Google Scholar and the Saudi Digital Library, to extract papers. Each database was chosen for its pertinence to computer science and cybersecurity.

2.3. Reporting

Here, we provide a structured summary of findings from the screening and selection processes to ensure comprehensive reporting. In addition, we added details of the number of studies found, filtered, and selected in the selection process section.

2.3.1. Screening Process

Initially, all the studies collected from the search phase went through a review based on their titles and abstracts to determine their relevance to our paper. Any studies that did not match the research focus criteria were excluded from consideration. When we moved to the next stage of the process, which involved examining each chosen paper for its methodology, relevance, and impact in the field, any duplicated or irrelevant studies were eliminated at this phase. The tool used for the literature was PRISMA 2020, which considers identification, screening, and inclusion phases, as shown in Figure 1. These phases declare how many papers were reviewed and excluded, as well as how many were selected following some criterion, making SLR scanning systematic.

2.3.2. Selection Process

In our research, we applied PRISMA 2020 to efficiently handle and structure the flow of data during the review process [5]. The papers were extracted from two databases, Google Scholar and Saudi Digital Library. Google Scholar yielded 17,300 findings, and the Saudi Digital Library presented 7187 results. A total of 21,750 papers were removed for different reasons, such as the paper being flagged as ineligible. After a comprehensive review process, 2737 papers underwent detailed examination, resulting in the selection of 20 papers that aligned with the research goals (For more details, we added the studies reviewed to improve transparency; please refer to “Appendix A”). The remaining 2717 papers were eliminated due to reasons like being irrelevant to the topic, written in a language other than English, being outside the designated timeframe, or lacking accessibility.

2.4. Threats to Validity in Blockchain and IoT Security Systematic Review

Here are some threats to validity relevant to this SLR:

• Selection bias: The selection of studies may not be generalizable to a broader field, especially when few databases were considered (for instance, Google Scholar and Saudi Digital Library only).
• Publication bias: Using only certified articles obtained from peer-reviewed publications in specific databases.
• Temporal Bias: This review may have excluded studies published earlier and important studies related to blockchain and IoT security and focused on works published within a specific period, from 2020 to 2024 only.
• Technological and Methodological Limitations: Blockchain as well as IoT domains are still developing, so the methodology or technology from several years ago may not be valid.

3. Overview of IoT

IoT networks involve many connected devices that generate a large amount of data that must be protected against different cyberattacks. For example, medical sensors are attached to the human body to detect their status, like temperature, heart rate, blood pressure, and sugar level. In the realm of IoT networks, it is important to verify the authenticity of data to confirm device identities and ensure transmission from sources that are trusted. Moreover, integrity checks were carried out to guarantee data accuracy as the data travel. Validation processes ensure that data meet standards and are formatted correctly for their intended use. These steps protect data from being tampered with or altered and ensure their security and reliability within the system [6].

3.1. IoT Architecture

IoT layers or architecture organize the components of IoT and the interactions between these components systematically. IoT architecture integrates software, protocols, data flow, and interfaces. For instance, smart devices in an IoT environment collect data, which are then sent to the communication protocol. After that, data processing is carried out in the cloud infrastructure, while the users interact with the information using IoT applications [7].

While there are different architectures for IoT, this section presents a three-layer architecture [7], which is a generalized IoT architecture, as shown in Figure 2.

• Perception Layer: The perception layer is also called the physical layer. This layer contains sensors and different collecting tools that are used for collecting information. Furthermore, collecting and processing the information and then transmitting it to the network layer is the main responsibility of this layer. Moreover, it allows collaboration between IoT nodes within the local networks [7].
• Network Layer: The network layer is also called the transport layer. This layer contains different communication protocols and techniques, like Zigbee, Bluetooth, cellular networks, WiFi, and other technologies. Also, it consists of switches, Internet gateways, and routers. In addition, the main responsibility of this layer is safe and faster data transmission from one layer to another [7].
• Application Layer: The application layer is located at the top of the IoT architecture. This layer contains user interfaces, applications, data storage systems, and other services for the users. In addition, the main responsibility of this layer is to provide the interface between the IoT devices and the applications that interact with them. It also ensures the confidentiality, integrity, and availability (CIA) of the data. Also, it is responsible for interpreting the data to make them meaningful and actionable. Some of the protocols implemented in this layer include HTTP, MQTT, and CoAP, with HTTP supporting different functionalities within the IoT due to its resource availability and network constraints. For instance, HTTP is ideal for web-based IoT applications, MQTT is optimal for small data streaming, and CoAP is meant for restricted devices and networks [7].

3.2. Security Challenges in IoT

The connected devices in the IoT environments have limited resources and are targeted by different cyberattacks. In addition, a single point of failure may occur in IoT environments because IoT devices are connected through a centralized server. There are various security challenges in each layer of IoT architecture, and it is not easy to define an IoT security model that considers the IoT architecture’s heterogeneity. The most common attacks in the IoT architecture are data leakage, man-in-the-middle (MiTM) attacks, malicious node injection, phishing, and impersonation [8].

The IoT architecture suffers from various security issues related to each layer. Therefore, the architecture’s security solutions should be addressed [9]. We have to examine the available solutions to cybersecurity issues associated with the IoT model to obtain a more systematic, powerful, and integrated perspective on how to secure the IoT from being vulnerable to different cyberattacks. The IoT has a design of three layers that highlight cybersecurity concerns and solutions at the layer level [9]. Figure 3 groups typical IoT security threats based on the perception, network, and application layers, listing such threats as replay attacks, eavesdropping, DoS, and IP spoofing. From this layer-wise perspective, the threats are shown as utilizing certain points within the IoT framework, and this highlights the importance of security implementation at each layer.

• Perception layer: Replay attacks, eavesdropping, timing, node capture, and malicious and fake nodes are all included in the perception layer. By watching how long it takes for systems to react to input or cryptographic algorithms, attackers can use timing attacks to find security flaws and collect secrets kept within a security system [10]. Replay attacks are ones in which hackers listen in on communications between senders and recipients. Then, by pretending to be the real sender, the intruder utilizes the sender’s information to convince the recipient to carry out specific activities [11]. S. Lazzaro et al. [12] attempted to establish the extent to which replay attack vulnerability was apparent in consumer IoT devices as well as the extent to which they are equipped for local communication protection, and they observed that the standard is low. The authors conducted a practical experiment with 41 contemporary IoT devices employing the REPLIOT tool and succeeded with 51% of those not supporting local connectivity, which is promising offline functionality contrary to reliability standards set by ENISA/NIST. Out of all the devices with local connectivity, 75% of them, that is, 15 out of 20 were assessed to be susceptible to replay attacks. This study also identified that those devices relying on unencrypted or only weakly encrypted communication protocols were especially at risk. For all tested attack scenarios with and without device restarts, the replay attacks were accurate across a broad spectrum of IoT categories, smart plugs, cameras, and speakers. This highlights the importance of authentication for both as well as the acknowledgment of the importance of generally accepted protocols on securing consumer IoT devices.
  Malicious attacks that include adding nodes to systems and creating fraudulent data inputs are referred to as fake nodes. Mainly, this type of attack aims to prevent actual information from being transmitted. Malicious attackers also add nodes to networks, which they then delete because they use the power needed by legitimate nodes to function. By adopting strategies like gateway nodes, attackers can completely gain control of important nodes in node capture attacks [11]. Senders and recipients of secure information can leak information to each other thanks to these nodes. The perception layer is vulnerable to eavesdropping attacks, in which hackers intercept phone calls, text messages, emails, and video conferences. Private communications are targeted by attackers in an attempt to gain personal data. Significant losses result from the information gathered through these methods, mostly from attackers’ access to private data [13]. As a result, developers of IoT structures in various organizations must undertake in-depth studies on the best security methods to use for their perception layers.
• Network layer: Since the network layer transfers data from physical devices over wired or wireless networks, it is frequently the target of attacks. Active attacks known as Denial of Service (DoS) prevent legitimate users from using other devices or network resources. It is frequently achieved by flooding targeted devices or network resources with repetitive requests, which prevents or makes it difficult for legitimate users to utilize their devices [14]. Attacks known as IP spoofing are used to gain unauthorized access to servers. To keep the server from detecting the attacker’s presence on its network, attackers use trusted IP addresses. In addition to these attacks, IP spoofing can also be used for blind spoofing, man-in-the-middle attacks, and non-blind spoofing. One method that makes it challenging to stop these cybercrime activities is the attacker’s use of trusted IP addresses, as servers are unable to recognize that an attacker is accessing data using the trusted IP address rather than an authorized user [15]. Another tactic used in passive attacks is the MiTM attack. In this scenario, attackers manipulate messages sent between senders and recipients who believe they are speaking with one another in real time. Attackers can modify messages to match their requirements or viewpoints thanks to these secret interceptions. Passive attacks involve the eavesdropping of only the provided information, with no communication breaks between the sender and the recipient [16]. Paracha et al. [17] identified several main flaws that have been identified when it comes to the TLS protocol and its security, which can be attacked through MITM attacks. Other vulnerabilities include failure to verify issues like hostname, where an attacker will be able to provide a wrong name to the certificate authorities and allow untrusted certificate chains, making TLS vulnerable to MITM attacks. However, nowadays, the usage of outdated TLS versions (TLS 1.0 or 1.1) or poorly secured cipher suites (for example, RC4 or DES) is still prevalent, which makes a connection vulnerable to certain threats, including POODLE and Sweet32. Where trust in a CA that has been compromised has not been withdrawn, attackers can use the keys of the compromised CA to issue certificates for man-in-the-middle interception, thus violating TLS’s authentication guarantees. The absence of revocation checking only intensifies such a danger given that clients cannot identify certificates that have been revoked because of security breaches, thus giving hackers a free license to eavesdrop on the parties involved. Also, downgrade attacks in which the attackers compel the clients and servers to agree on a weaker version of TLs are successful in constraining forward cryptographic securities and enabling data decryption. All these weaknesses show that an opponent is able to fully violate TLS thus negating most of its inherent security assurances on data in transit.
  Storage and exploit attacks are two more types of network layer attacks. Passive storage attacks include data breaches that compromise data stored on multiple devices or in the cloud. The attacker can then modify these data to suit their goals. In order to increase the likelihood of future attacks, attackers also repeat the information they obtain [18]. Illegal attacks on software, data chunks, or command sequences are known as exploit attacks. An attack entails taking over these systems and stealing stored data. These kinds of attacks make use of security flaws in systems, hardware, or other apps. Thus, in order to secure the data used in various network tiers, a thorough investigation into appropriate security techniques is required [19].
• Application layer: Application layer security issues and threats that are frequently encountered include parameter manipulation, HTTP floods, SQL injections, cross-site scripting, and Slowloris attacks. To improve their application layer security systems, organizations deploy web application firewalls and secure web gateway services [20]. Similarly, MQTT and CoAP are other protocols implemented in the application layer that also have specific challenges. For example, MQTT follows a broker-based approach to data exchange, which does raise certain internal security threats. Since the broker is an intermediary, an untrusted broker may intercept or change all transmitted data, violating confidentiality and integrity. These are some of the hard-to-solve problems with reference to traditional security solutions in that the MQTT decoupling principle eliminates secure end-to-end communication and direct device authentication modes [21]. On the other hand, CoAP has been designed for use by constrained devices; it is commonly exposed to such threats as eavesdropping, message manipulation, or replay attacks in cases where secure transmission protocols are not allowed. To improve MQTT and CoAP security, there must be a strong authentication process, encryption and access control of brokers and devices, and frequent updates. They are useful in protecting the integrity, confidentiality of data, and trustworthiness of devices in an IoT network [21].
  An injection attack known as cross-site scripting occurs when an attacker inserts client-side scripts that, depending on their objectives, entirely change the content of the apps. Another type of attack is a malicious code attack, in which certain software components are utilized as codes to harm particular computers. This attack is especially problematic since anti-virus software is unable to stop or manage it. Furthermore, it is frequently created as a program that requires users’ attention in order to carry out specific tasks or as an activity in and of itself [9]. The vast volumes of data held on this layer also lead to data loss and network disruptions. It is challenging to build data processing security systems that can guarantee that security is enhanced for all users due to the variety of data transmission activities and devices used in data transmission among users. Since these enormous volumes of data raise issues, there has been a growth in data loss and network disruptions.

3.3. The Most Common Solutions to Address Security Challenges in IoT

In the previous section, we delineate the stratum of IoT risk and security challenges within the IoT layered architecture, which is foundational to cybersecurity. Understanding these layers is essential to taking the imperative for proactive measures to mitigate potential threats, which is what the following

Table 1. The most common solutions to address security challenges in IoT.

Layer	Threat	Description	The Most Common Solutions
Perception Layer	Node tampering [22]	In a common attack situation, sensor nodes are spread out across locations without supervision.	Authentication, encryption, and access control.
	Cyber-physical [20]	Trying to damage a device physically.	To determine the defective nodes in the system, a technique for detecting faults is employed.
	Fake node injection [23]	An injection attack occurs when harmful code is inserted into the network to extract data from the database and transmit them to the attacker.	Ways to verify identity and control access to information securely.
	Sensor tracking [24]	Using a laser beam is quite effective for monitoring and identifying an object.	Distributed ledger technology includes blockchain as one of its variations.
	Unauthorized access [25]	Anyone can access the IoT device using the Internet.	The IoT gadget must also undergo authentication to avoid any misuse.
	Storage access attack [26]	Accessing the cloud storage where all the device information is stored could potentially manipulate results by device.	Access control mechanisms, assigned permissions.
	Eavesdropping [25]	It is like an intrusion during an activity. Like when someone interrupts a video chat or a text exchange out of nowhere.	Implementing an Intrusion Detection System (IDS).
	Replay attack/play back attack [23]	The perpetrator saves data exchanged through the network with the possibility of transmitting them at a time.	Utilizing session keys alongside timestamps and unique passwords for security measures.
	Node capture [27]	The intruder seizes authority over the primary node, like the gateway, and could establish a harmful node there to expose all the data stored within it.	Involves encryption methods to protect data integrity and confidentiality; authentication processes to verify user identities; and access control measures to manage permissions effectively.
Network Layer	DoS [28]	Keeping a network asset from being utilized for its intention.	Examples of ingress and egress filtering include D WARD technology and the use of hop count filtering, along with implementing SYN Cookies.
	Replay [29]	Rearrange the data packets and manipulate the stream of the messages.	Timeliness of message.
	DoS [28]	This attack floods the network with requests, causing it to crash and become unusable even for authorized users.	Standardized IPv6 mechanisms.
	Spoofing attacks [30]	Spoofing occurs when a hacker pretends to be a user or device to carry out data theft and malware distribution or bypass security measures.	Authentication, encryption, and access control.
	DoS [28]	This assault overwhelms the network with requests until it crashes and becomes inaccessible to authorized users.	Secure data with AES encryption or configuring a firewall to prevent ping requests.
	MiTM attack [31]	The intruder disrupts communications by pretending to be the sender and making the recipient think the message originated from the sender.	Advanced encryption techniques and digital signatures are utilized for security purposes.
	Selective forwarding [32]	An intruder pretending to be a regular node in the routing process selectively drops packets from nodes.	Safety measures such as firewalls and encryption, along with certificates, are components for protecting data and ensuring cybersecurity.
	MiTM attack [33]	Confidentiality and integrity of data transmission have been compromised.	Securing data with encryption and verifying identities through authentication.
	Traffic analysis [34]	The greater the number of messages seen and analyzed, the more insights may be gathered.	machine learning (ML) model.
	Sybil attack [35]	The attacker disrupts the reputation system by creating identities and leveraging them to exert significantly greater influence.	Network features and encryption.
	DoS [28]	Stopping a network asset from being utilized as intended.	ML algorithms.
	MiTM attack [36]	Confidentiality and integrity of data transmission have been compromised.	IDS and Virtual Private Networks (VPNs).
Application Layer	Malicious code attacks [30]	Malicious codes are used to launch attacks.	Inspecting the firewall while it is running.
	Cross-site scripting attack [37]	The intruder injects scripts into the victims’ web browser by adding code to genuine websites and gains the ability to tamper with the application.	Verifying user input to ensure it is safe and accurate on the webpage.
	Botnet [38]	The hacker takes over a group of devices through Botnet and can manage them from an access point.	Enabling router encryption, like WPA3, for security measures.
	SQL injection [39]	Accessing the device utilizing an SQL script.	Incorporating parameterized phrases within the logging page script.
	Mirai malware [40]	Accessing an IoT device using a default Telnet or SSH account.	Making changes or updates to the default Telnet and SSH accounts.
	Buffer overflow [31]	The extra information leaks into the surrounding memory areas and disrupts and replaces the existing data stored there.	The permission levels for users and items are decided by access control techniques.
	Viruses, malware attack [40]	Malware refers to a form of cyberattack where malicious software carries out activities on the target computer system.	User authentication methods for individuals.
	Malicious code injection attack [30]	Malicious software is often created with the intention of altering the flow of data. This can lead to the loss of data and decreased functionality of applications.	Utilizing encryption methods along with two-factor authentication for added security measures for your API access.
	IRCTelnet [41]	Compromising the LINUX operating system of a device by exploiting the Telnet port.	The Telnet port is turned off.
	Account hijacking, ransomware [26]	A form of extortion known as ransomware involves perpetrators gaining access to a person’s computer documents, locking them through encryption, and then asking for payment in exchange for returning the data to their previous condition.	Authentication and Artificial Intelligence (AI).
	Service interruption attacks [42]	Interruptions can make resources unusable or out of reach for a while or permanently.	Guidelines for verifying identity and securing data through encryption.
	Injection [39]	Malicious commands or codes are inserted to take advantage of the application vulnerabilities, which lead to unauthorized access or data breaches.	Ensure and control input validation.

discusses.

4. Overview of Blockchain Technology

It is very difficult to find a generally agreed-upon definition of the blockchain. Some have defined blockchain as “a decentralized software mechanism that allows assets and transactions to be tracked and recorded without the presence of a central trust authority such as a bank”. Blockchain networks create proof of stake (POS) using unique digital signatures, which rely on public encryption keys known to everyone on the network and private keys known only to the owner. So, complex algorithms lead to consensus among users, ensuring that transaction data cannot be tampered with after verification, which reduces risks. Transaction records are stored and linked together in an encrypted way to form a chain of blocks. It is open to any node in the system, and everyone can add new blocks. Therefore, new blocks cannot be added without proof of work (PoW) or agreement on the part of other nodes that are participating in the system. Every participant on the blockchain has two keys: one public and the other private. The body and header are the components of every block on the blockchain. Transactions and operations that the user signs using the private key are located in the body. The public key is utilized to verify the source. The header contains block information like block size, timestamp, and transaction numbers. Once the block is created, it will be distributed to the minors to validate the transactions. When the transactions in the block are approved with the help of the PoW protocol, the block will be added to the blockchain, and it cannot be changed. This feature ensures security and transparency on the blockchain. Blockchain transactions are organized using a Merkle tree to ensure the integrity of the data [6,43].

Blockchain technology is also known as the largest transparent, secure, high-speed, low-cost, decentralized digital database. It is managed by its participants without an intermediary to modify or remove. These blocks are based on three principles: trust, transparency, and mutual oversight, as each user can confirm their data and verify the data’s integrity at all times, which achieves parity between users in exercising mutual collective control over data. Figure 4 shows a sequential block representation of blockchain technology. Every cube additionally includes cryptographic information relating to data that are not amenable to alteration, stressing how blockchain can encourage credible connectivity among IoT devices.

In summary, blockchain can be defined as an information system based on a decentralized information base distributed among all devices included in the network to record all transaction data and their modifications in a way that includes the approval of all relevant parties on the validity of the data. The power of blockchain technology enables two basic standards: decentralization and high transparency in managing transactions of all kinds, such as payments and bank transfers, registering real estate ownership and national identities, exchanging markets and documents, and voting processes. Figure 5 is a conceptual diagram that depicts the IoT environment based on blockchain technology. The left side of the picture presents the blockchain and the most valuable features of IoT networks, while the right side of the picture presents some of the common technologies used by IoT.

4.1. History of Blockchain Technology

In 1999, Stuart Haber and Scott Stormetta encrypted electronic files to protect them from tampering, and in the following year, the idea was developed using “the Merkel tree”, and a chain of encrypted blocks was produced [7]. In 2008, a study appeared on the Internet by Satoshi Nakamoto titled “Bitcoin: A Peer-to-Peer Electronic Cash System”. It included a proposal for a digital currency based on a new computer system called blockchain. This technology allows all members of the blockchain to have complete copies of the same content that is encrypted, organized, and saved in serial blocks. Then, any addition to the content will be known to everyone on the blockchain. The added content will be approved after ensuring that it follows the established rules and then added to the database that is updated on all participating devices. The blockchain does not accept any modification to its content, which makes manipulation or hacking attempts almost impossible in light of the high encryption and group participation [7].

4.2. Components of Blockchain

This section identifies the components of blockchain, including hashing, consensus mechanisms, and smart contracts.

• Hash Functions: The main component of the blockchain ensures that stored data will remain as they are without alteration, which ensures data integrity. Hashing utilizes cryptography algorithms to transfer data into hashing code. Additionally, blockchain uses digital signatures and symmetric and asymmetric encryption to secure data from unauthorized access [7].
• Consensus Mechanisms: Blockchain uses different consensus mechanisms like proof of work and proof of stake to ensure IoT data are decentralized, safe from unauthorized access, and reliable. In addition, consensus mechanisms keep records safe from tampering in IoT environments [1].

  –

  Proof of Work (PoW): In Proof of Work (PoWs), miners engage in a competition to decode puzzles to earn the privilege of adding a succeeding block to the blockchain system. This method demands computing capability to enhance network security by deterring entities from seizing control of the network at a high cost and resource investment. Bitcoin serves as an illustration employing the PoW mechanism.

  –

  Proof of Stake (PoS): Proof of stake is a way for participants to validate blocks by holding a number of coins rather than trying to solve difficult puzzles like in proof of work (PoW). This approach minimizes energy usage and promotes dedication to the blockchain network in the run by selecting validators according to their stake. Ethereum has recently made the shift toward utilizing PoS through Ethereum 2. O.

• Smart Contracts: With the management of secure data sharing, automating processes, enabling programmable monetization models, establishing decentralized access control, and improving supply chain traceability for IoT-enabled systems, smart contracts on the blockchain can play an essential role in IoT applications [3].
• Node: Individual computers or any entity that participates in distributing the transactions, validation, and making a full copy of the blockchain [2].

4.3. How Blockchain Works

A blockchain system is viewed as a historical record of transactions in which each block is linked to other blocks in a sequence and immutably recorded across a peer-to-peer network. The system applies a special coding guarantee for each transaction. Through the system, participants maintain an encrypted record of each transaction within a decentralized recording mechanism in order to improve security and availability and allow all participants especially participants who do not trust each other to verify records and transactions. The system is characterized by great scalability and high flexibility, and the system does not require any additional intermediaries [7]. Figure 6 shows how blockchain technology works to ensure the integrity of the data.

4.4. Types of Blockchain

This section discusses different blockchain types like public blockchains, consortium blockchains, and private blockchains [2]. The type selection depends on the case requirements.

Table 2. Blockchain types.

	Public	Private	Hybrid	Consortium
Definition	All of the participants are allowed to perform transactions	Private blockchain is accessed by a limited number of participants	Visibility of the chain can be limited to the validators, and it is viewable to authorized individuals	A combination of private and public
Advantage	Increase independence Increase transparency Increase trust	Increase access control Increase performance	Increase access control Increase performance Increase scalability	Increase access control Increase scalability Increase security
Disadvantage	Decrease performance Decrease scalability Decrease security	Decrease trust Decrease auditability	Decrease transparency Decrease upgrading	Decrease transparency
Use case	Cryptocurrency Document validation	Supply chain Asset ownership	Medical records Real estate	Banking Research Supply chain

presents the features of each type.

4.5. Advantages of Combining Blockchain with IoT

This section presents several advantages of combining blockchain technology with IoT environments like the distributed ledger, cryptography, consensus mechanism, decentralized identity, transparency, and auditability:

• Distributed Ledger: The blockchain is used to record IoT data in a distributed ledger that cannot be changed or manipulated by unauthorized users. This feature ensures the traceability and integrity of the data [3].
• Cryptography: Robust cryptography techniques are used in blockchain, like digital signatures and hashing to secure the IoT from disclosure through malicious attacks [2].
• Consensus Mechanism: Blockchain utilizes a consensus protocol to ensure that all participants or nodes in the blockchain agree about the state of the ledger, like proof of work and proof of stake. This feature enhances trust in IoT data and prevents unauthorized editing [43].
• Decentralized Identity: Identity management for IoT devices is decentralized in the blockchain, which means the blockchain identifies, authenticates, and authorizes IoT users, entities, or devices securely. This feature prevents identity theft attacks [6].
• Transparency and Auditability: Transparency and auditability are provided by the uneditable nature of the blockchain ledger, which allows stakeholders to view the history of all activities and transactions stored on the blockchain, which enhances trust [8].
• Prevent Data Manipulation: The blockchain system prevents data manipulation because it does not allow data to be changed without the permission of the participating parties. If you attempt to do so, all participating parties will be notified [7].

4.6. Blockchain’s Cryptographic Techniques and Security Across IoT Layers

Among the features that blockchain offers, cryptographic solutions are exactly what is needed to ensure data protection for IoT networks. These cryptographic techniques are used at the perception, network, and application layers of IoT to mitigate the security concerns at all these layers.

4.6.1. Cryptographic Techniques in Blockchain

Blockchain technology leverages several cryptographic methods to secure data, maintain trust, and control access within IoT systems [1]:

• Digital Signatures: Each of the parties and devices that are involved in an IoT network is validated by digital signatures that employ asymmetric cryptography. Clients possess distinct private–public keys, guaranteeing the ability to sign and ensure the authenticity of the message. This approach is crucial in as much as it helps to verify that the data used have not been interfered with as they were being transmitted.
• Hashing: Applications employing hash functions include SHA-256, which converts plain text data to fixed-length codes, therefore minimizing the possibility of an intruder decrypting the content. IoT data cannot be subjected to unauthorized modification since they use hashing in block headers and transactions. Hashing also facilitates the indexing and storage of IoT data and generally improves the security of distributed systems where data integrity or ‘immutedness’ is paramount.
• Encryption (Symmetric and Asymmetric): Blockchain uses simple key and complex symmetric encryption methods besides using asymmetric or public key encryption methods to encrypt its data. A symmetric key is most often used for IoT secure communication, and an asymmetric key for blockchain identity checks provides secure and peer-to-peer IoT node exchange.
• Consensus Protocols: Not strictly cryptographic in nature, consensus algorithms like proof of work (pow) or proof of stake (PoS) make sure that blockchains are agreed on in terms of data validity. Thus, applying consensus mechanisms allows the blockchain to ensure data transaction safety, which will contribute to the complete protection of IoT systems from data fraud.

4.6.2. Role of Blockchain in Securing IoT Layers

Blockchain’s cryptographic features strengthen security across each layer of IoT architecture [1], as follows:

• Perception Layer: The perception layer involves various IoT physical devices and sensors for data collection. The incorporation of the technology helps to make security better here as information is encrypted and hashed, thereby eliminating the risk of the data collected by sensors being easily accessed by unauthorized entities. Smart contracts, on the other hand, ascertain device identities to help the IoT ecosystem to only allow authorized devices to engage in data exchange. This ensures that no form of access or manipulation at the point of data collection is made by an unauthorized person.
• Network Layer: At the network layer, blockchain uses decentralized and cryptographic functionality to encrypt data transmission across communication channels such as WiFi, Bluetooth, mobile networks, etc. Digital signatures and secure transmission mechanisms help guard against the common forms of attacks that include the man-in-the-middle (MiTM) attacks and Distributed Denial of Service (DDoS). Fourth, blockchain disintermediates the need for any central authorities, thereby eliminating single points of vulnerability and malware attacks that target connected control points in the network.
• Application Layer: This layer provides user interfaces, data storage, and service applications where IoT data are retrieved and processed. Blockchain fortifies this layer by offering unchangeable and intelligible transaction records, which provide compliance and confidence within applications. Three key measures of data reliability include the following: Hashing can ensure data authenticity. The use of digital signatures ensures data authenticity. The use of consensus protocols can also ensure the integrity of the records. It is most effective, especially in high-risk IoT domains, for example, smart health and industrial IoT, where data are highly sensitive and must be accurate.

5. Related Study

This section presents and summarizes the state-of-the-art proposals regarding the integration of blockchain with IoT apps, highlighting trust management, data security and privacy, and scalability and efficiency. Therefore, by categorizing related applications and challenges, this review provides an up-to-date outlook of the current solutions and points out the direction for improvement in the future. A summary of all the studies is provided in Table 3, including methodology, the studies’ limitations, and possible mitigations.

5.1. Trust Management in IoT Networks

Trust is a significant component in IoT environments because various devices operate independently of each other, sending and receiving information, and have no historical interactions. Several research works have tried to build trust in IoT nodes by exploiting the distributed ledger of the blockchain. For instance, BBTM presents a blockchain-inspired trust management scheme that can be directly applied to resource-constraint IoT systems. This system assesses trustworthiness through values quantified from prior settlements while preserving the reliability of nodes causing interaction. In the light of using trust scores and in noting down the transactions that take place in BBTM, for all these issues, a decentralized solution gives protection from malicious attacks on IoT devices. However, BBTM does not include the comprehensive and modeled realistic simulation of actual scenarios, which might be problematic in truly large IoT environments during implementation [5].

In support of this, Sivaganesan D [44] provided a blockchain-based, data-based trust management scheme to protect sensor networks in IoT. Their method preserves reliable information in a block that is stored in a chain, which can be retrieved by any node at the point of verification. As a result, untrusted parties can exchange information while guaranteeing the data’s integrity. One thing to note here is that the decentralization offered by blockchain increases trust as it gets rid of the dependency on a single point, and that is why blockchain is suitable for IoT systems that experience frequent attacks. However, there are some issues in combining the blockchain-based authentication with the actual real-time data transfer due to high latency.

Santis et al. [45] proposed a new audit system using blockchain technology to solve trust issues in IoT environments. The proposed system is used for metrological traceability in a distributed measurement system. Integrating the Physical Unclonable Function (PUF) protocol and a hybrid BIoT architecture allows decentralized operations and enhances trust for IoT devices.

Hameed et al. [46] presented their solution that stores identities and trust metrics on the blockchain in SDN-based IoT networks. In addition, the proposed solution aims to solve key and trust management issues in IoT devices. Also, it improves scalability by achieving this target. The results prove that the proposed solution can improve performance and productivity even with an increase in the number of IoT nodes and data transmitted.

Guntur D et al. [47] proposed a novel decentralized mechanism that depends on attribute-based access control along with a Trust and Reputation System (TRS). The proposed mechanism aims to authorize IoT entities, quantify the scores of trust and reputation for flexible and dynamic access control, use private sidechains to store private information, operate on public blockchains, and evaluate the performance criteria of IoT environments.

Ali et al. [48] introduced a unique system to monitor device behavior and classify trust levels for each zone using deep learning techniques in IoT environments integrated with blockchain. The proposed system aims to solve or mitigate the security challenges in these environments. There are different steps to implementing the system, including catching and verifying the behavior, applying behavior monitoring, deploying the trusted environments, creating and configuring the private blockchain, utilizing auto-cryptography classification, and calculating threshold values.

Shala B et al. [49] focused on the need to build trust in decentralized IoT environments and proposed a novel trust model with multiple adaptive layers. Also, the authors proposed to combine blockchain with a trust system to improve security and authorize new entities based on trust model permissions. The results proved that the proposed model overcomes others’ trust models in terms of reliability and resiliency against different attacks.

Suparna D et al. [50] proposed a novel framework that depends on blockchain technology and zero trust. The proposed framework is used to address security issues, enhance the identification of the device, and provide access control. Moreover, different security issues in IoT environments are presented in this paper.

Djamel K et al. [51] proposed a scalable and hierarchical system that depends on the blockchain and trust management protocol for IoT environments. The proposed system aims to address various security issues, enhance the evaluation of trust processes, and protect against different types of cyberattacks. The efficiency of the proposed system was evaluated using simulations.

5.2. Enhancing Data Security and Privacy

Security and privacy are among the most crucial challenges in IoT systems since tremendous quantities of distinct data transferring through networks are remarkably sensitive. As for this, various works have addressed this in one of the preceding ways by employing blockchain’s cryptographic features to secure IoT data. A good example is the use of an Ethereum-based blockchain by Mohanta et al. [7] to establish the DecAuth protocol for device authentication. This shields the device from attempts at unauthorized connection, which is accredited through a unique digital identity validated by the Ethereum network. The main strength of DecAuth is, of course, its high level of security, but the second drawback connected with the Ethereum infrastructure is still the problem of network scalability for the realization of large-scale IoT networks, which can face the problem of network congestion.

Al-Rakhami et al. [43] proposed a lightweight blockchain incorporating a trust model for the IoT network in the supply chain environment. Consequently, the data within this model will be subject to real-time verification through the use of blockchain, which will enable the participants of the supply chain to have access to and trust the data even without the need for a middleman. Having such decentralized validation is quite important for applications such as asset tracking, where real-time validations are typically needed. However, this model has some drawbacks when applied to real-world problems, especially in computational complexity terms owing to the computational complexity of IoT networks. Further, it is contingent only on well-endowed settings outfitted with the capacity for processing blockchain transactions.

Gugueoth et al. [8] presented a review paper about IoT security and privacy using decentralized blockchain techniques. The paper deeply discussed the security issues in IoT environments. It also discussed blockchain-based solutions, the security features that blockchain can provide, and the challenges that will be solved when integrating blockchain with IoT. In addition, different consensus protocols were briefly explained. Furthermore, open research challenges and future directions were also outlined.

Avishaek D et al. [52] focused on the importance of securing IoT environments and proposed an approach that combines blockchain with IoT environments to meet this objective. The proposed approach guarantees secure and quick authentication in these environments. Furthermore, the efficiency of the proposed approach was measured using simulations. The results proved that security and trust are achieved by enhancing access control, authentication, and data exchange mechanisms.

Al Sadawi A et al. [3] presented a survey on the integration of blockchain with IoT to enhance performance and eliminate challenges. The authors focused on the IoT challenges and proposed an architecture that combines blockchain with IoT in three layers using different approaches like cloudlet and dew computing. This integration aims to enhance the efficiency of authentication, services of data storage, and the performance and security of the proposed architecture. The proposed architecture aims to ensure resilience, efficiency, scalability, security, and decentralized storage of data.

Lee J. et al. [53] proposed a system that utilizes CP-ABE and blockchains to enhance the security of the data through mutual authentication and to improve efficiency. The proposed system enables access control of the data and key agreements in the IoT ecosystem. Furthermore, formal and informal security verification is used to prove the system’s robustness against different attacks, like tracking and guessing attacks.

Jannik L et al. [54] developed and evaluated a new registration and tracking system that is used for monitoring sensor data in blockchain-based IoT environments. The proposed system is used to improve the confidentiality, integrity, and availability of data (CIA) in blockchain-based IoT environments. In addition, different IoT applications are discussed in this paper. Dependence on centralized cloud servers is also discussed. Additionally, how blockchain technology can address the CIA of IoT data is mentioned.

Sun S et al. [55] proposed a new secure and lightweight solution that allows IoT devices to act as specialized nodes in the blockchain. The proposed solution reduces the redundancy in the blockchain and allows the integration of blockchain permissions, attribute-based access control, and identity-based signatures. In addition, the proposed solution improves security and efficiently prevents different types of attacks, like DDOS attacks.

5.3. Scalability and Efficiency Solutions

One important concern that is currently an open issue in blockchain IoT systems is scalability due to the inherent high traffic rate of IoT devices. In response to this, Al Hwaitat et al. [6] presented a blockchain-based authentication framework with AES to lower computational overhead while enhancing data confidentiality. This system saves encrypted IoT data in a cloud environment, but at the same time, through keeping in mind the prospects for further development, it is as secure as possible. It improves the functionality of IoT by reducing the instances in which data have to be re-encrypted, thereby being relevant for applications that will need to access encrypted data in the shortest time possible. Nevertheless, the problems of potential latency in cases of high-level network load are not completely solved, although it also points to further optimizations in the case of the minimum availability of resources.

The second new idea is the Dynamic Practical Byzantine Fault Tolerance consensus Algorithm (DPA-PBFT) designed for industrial IoT systems. This algorithm tackles scalability in the following way so that nodes experience less communication overhead, hence enhancing faster consensus even in a large network. Moreover, DPA-PBFT enhances data synchronization among non-peer nodes and is therefore well adapted for use in industrial IoT settings, where the availability of real-time and reliable data access is critical. However, the DPA-PBFT algorithm benefits from less latency than the PBFT algorithm; it can be somewhat computationally intense, thereby restraining the implementation in the IoT networks that are known to be deprived of resources deeper than a certain level [56,57].

5.4. Insights and Future Directions

With the analysis of these studies, it is very clear that blockchain technology offers the potential to solve the problems of trust, security, and scalability in IoT systems. All of these concepts build upon blockchain’s main features—its state and distributed ledger with a strong focus on consensus. For instance, trust-centered systems aim at ensuring node dependability and standard secure communication, while security-centered studies aim at data privacy and intrusion prevention. Scalability solutions investigate the means of handling performance from the client side and minimize the amount of throughput time, which is essential for real-time IoT applications.

Despite these systems’ useful contributions, some constraints are still present. Higher computational complexity, higher latency, and the problem of connecting IoT’s less powerful devices to a blockchain system pose further research questions. Possible future works may include fine-tuning consensus protocols for IoT, improving encryption algorithms that consume minimal computations, and exploring new architectures such as private and public chains at the same time.

The methodology, advantages, and limitations of each reviewed study are summarized in Table 3, where the table further highlights detailed implementation information.

Table 3. Existing work in this field.

Ref.	Year	Proposal	Methodology	Limitations	Suggested Mitigation
[5]	2021	BBTM is a blockchain-based trust management approach for IoT systems with limited resources. BBTM contains multiple processes, such as node registration, task publication, feedback collection, and rewards based on the trust computation results.	Blockchain technology was used for the trust evaluation of sensor nodes using mobile edge nodes and addressing challenges related to energy efficiency.	There is no simulation for the proposed method with more complex scenarios. The consensus algorithm may cause some challenges during the practical implementation phase of the proposed framework.	Simulate the proposed method with more complex scenarios. Validate BBTM with IoT applications in the real world.
[44]	2021	A novel data-driven trust mechanism based on blockchain to secure IoT sensor networks. The proposed mechanism provides end-to-end trust and ensures trustworthy data. It uses blockchain technology to store trustworthy data on an immutable ledger to enhance the trust and accuracy of the data. The decentralization feature helps to ensure trust between unknown entities and ensures authentication, authorization, and security features.	The author did not provide a detailed discussion about the methodology used.	The focus area is how to incorporate trust mechanisms into the proposed framework while ignoring how to incorporate blockchain-based authentication and security during data transmission.	Based on the blockchain, the integration of authentication and security is considered essential for data transmission.
[43]	2021	Lightweight trust model that contains three modules: blockchain, IoT network, and data. It solves trust issues and protects data from being changed between supply chain parties. It enables data sharing and can reduce storage, computational, and latency requirements while increasing security. The effectiveness of this model is shown using a simulation approach.	The main contribution of the paper is focusing on the accuracy of the data in the supply chain by combining blockchain with IoT to handle trust issues.	The need for applying the proposed model to the real-world scenarios of an IoT supply chain system.	Test the performance, accuracy, and reliability of the proposed model in real-world scenarios.
[6]	2023	A new authentication framework based on blockchain technology is being used to secure IoT networks. The proposed approach enhances the scalability of some IoT applications. The contribution of this research is to provide a trust-aware security approach that levels up security and privacy while connecting IoT services.	It handles trust and privacy issues in IoT applications using blockchain-based permissions and lightweight authentication mechanisms. Secret encryption is used to encrypt IoT data and upload it to the cloud.	The proposed approach uses only one way, which is a permission-based blockchain, to enhance data storage, and a lightweight authentication mechanism depends on smart contracts.	Increasing the reliability of the proposed approach using a consensus algorithm. Adding recent and advanced algorithms like deep learning to categorize users based on their level of trust. Using software-defined networks and deploying them with 5G to provide efficient and quick responses.
[8]	2023	The paper deeply discussed the security issues in IoT environments. It also discussed blockchain-based solutions, the security features that blockchain can provide, and the challenges that will be solved when integrating blockchain with IoT. Different consensus protocols were briefly explained.	The paper presents a comprehensive review of the security issues in IoT environments.	Some research gaps need more attention. For example, the authors here discussed some security issues but did not talk about trust in blockchain or how it will help enhance secure communications in IoT environments.	Discussing more about security issues in blockchain and IoT environments. Developing new consensus protocols that could be effective in IoT environments. Presenting the role of blockchain-based SDNs in protecting IoT environments. Exploring blockchain-based IoT that supports 5G networks.
[56]	2020	A novel architecture for IoT environments that helps obtain and process data using blockchain. It ensures the security and consistency of IoT data. Consensus data in this architecture are written in the blockchain ledger. A new consensus algorithm called the Byzantine Fault-Tolerant Consensus Algorithm based on the Dynamic (DPA-PBFT) algorithm was designed to ensure data consistency between non-peer nodes. It will enhance efficiency and minimize the communication load to ensure consistency.	A novel architecture for industrial IoT groups that helps to obtain and process data using blockchain and evaluate trust to increase the possibility of obtaining correct authorizations even with malicious B-IIoT-Ds.	The IoT contains a lot of connected devices and produces huge amounts of data that need to be protected very well. The proposed model alone is not enough to provide sufficient security.	Integrating the proposed model with fog calculation will provide a better data security solution. Also, it is important to determine the number of selection consensus nodes when there are a large number of devices.
[7]	2020	A brief analysis of the security and privacy issues in IoT environments. Blockchain technology is utilized as a perfect solution for these problems. The focus area of this research is the Ethereum-based blockchain system in a smart IoT system. IoT devices are authenticated using the DecAuth protocol on the Ethereum platform.	Combining IoT technologies with blockchain technology. Analyzed each layer in the IoT to identify security and privacy issues.	Lack of details about the scalability issues in IoT networks. The DPA-PBFT algorithm has to be applied in a huge IoT environment to ensure its effectiveness.	Integrating fog computing to increase security and scalability. Large-scale IoT device networks can be accommodated by adapting the DPA-PBFT algorithm.
[45]	2020	A new audit system uses blockchain technology to solve trust issues in IoT environments. The proposed system is used for metrological traceability in a distributed measurement system. Integrating the PUF protocol and a hybrid BIoT architecture allows decentralized operations and enhances trust for IoT devices.	Using blockchain technology along with PUF for metrological traceability in IoT environments. Implementing their proposed system using JavaScript and Solidity.	Due to resource restrictions, various authentication protocols are needed for devices. Smart contracts’ privacy issues on Quorum. The need for implementation in real-world scenarios to verify scalability and its related challenges.	Integrating new technologies like AI and edge computing to enhance the performance of the proposed system. Implementing the proposed system in real-world scenarios to verify scalability and its related challenges.
[52]	2024	Focusing on the importance of securing IoT environments and proposing an approach that combines blockchain with IoT environments to meet that objective. The proposed approach guarantees secure and quick authentication in these environments. The efficiency of the proposed approach is measured using simulations. The results prove that security and trust are achieved by enhancing access control, authentication, and data exchange mechanisms.	A novel combination of blockchain and IoT to improve security, preserve the integrity of data, and protect the privacy of users. The proposed approach is verified using simulations of real-world IoT scenarios in the Polygon blockchain network by establishing and deploying smart contracts.	There is a delay in some phases, like transaction time, network latency, overload of transactions, and network congestion. Data exchange challenges exist in some scenarios. Scalability and inefficiency challenges in the blockchain due to processing large amounts of data.	Implementing the proposed approach in private blockchain will reduce the time of transactions and solve scalability issues. Integrating distributed storage solutions with distributed and decentralized storage networks to mitigate scalability issues.
[46]	2021	A new solution to store identities and trust metrics on the blockchain in SDN-based IoT networks. The proposed solution aims to solve key and trust management issues in IoT devices. Also, it improves scalability by achieving this target. The results prove that the proposed solution can improve performance and productivity even with an increase in the number of IoT nodes and data transmitted.	A new scalable solution to manage the keys and trust of IoT devices can be evaluated using different criteria like productivity and delays in access time. A scalability test can be conducted by minimizing the number of IoT nodes and transmitted data.	There is no comparison for key submission on blockchain as its access delay time is not captured.	It is recommended to use dynamic load balancing in the proposed solution with distributed SDN-WISE controllers and increase the range of multiple heterogeneous IoTs.
[47]	2021	A novel decentralized mechanism that depends on attribute-based access control along with a Trust and Reputation System (TRS). The proposed mechanism aims to authorize IoT entities, quantify the scores of trust and reputation for flexible and dynamic access control, use private sidechains to store private information, operate on public blockchains, and evaluate the performance criteria of IoT environments.	Using blockchain along with attribute-based access control and the Trust and Reputation System (TRS). A comprehensive methodology is achieved in different stages, like designing, comparing, implementing, and evaluating the proposed mechanisms.	A constraint on mitigating violations in the sidechains’ attribute registration procedure, as well as a bootstrapping issue for new nodes with a reputation score of zero.	Strengthen the trust model to reduce violations in the attribute registration process and solve the bootstrapping issue for new nodes with 0 reputation scores.
[48]	2020	Introducing a unique system to monitor device behavior and classify trust levels for each zone using deep learning techniques in IoT environments integrated with blockchain. The proposed system aims to solve or mitigate the security challenges in these environments.	There are different steps to implementing the system, including catching and verifying the behavior, applying behavior monitoring, deploying in trusted environments, creating and configuring the private blockchain, utilizing auto-cryptography classification, and calculating threshold values.	No trust mechanism at the device level is used to classify the zones based on external entities. There is no detailed discussion about the limitations of the centralized mechanisms.	Using different ML techniques, scaling the system to cover all IoT environments, and applying the proposed system to various device datasets.
[54]	2020	Developing and evaluating a new registration and tracking system that is used for monitoring sensor data in blockchain-based IoT environments. The proposed system is used to improve the confidentiality, integrity, and availability of data (CIA) in blockchain-based IoT environments. Different IoT applications are discussed in this paper. The dependence on centralized cloud servers is also discussed. How blockchain technology can address the CIA of IoT data is mentioned.	Using the design science research approach, the authors developed and evaluated a new registration and tracking system that is used for monitoring sensor data in blockchain-based IoT environments.	Focusing on specific frameworks that could limit the generalizability. The proposed system has not been implemented in real-world scenarios. There is a need for the most recent software and hardware technologies to solve security issues. Interviews were conducted only with local experts, which could restrict the diversity of perspectives.	Using different available frameworks to discover their effects on the CIA of IoT sensor data. Implementing the proposed system in real-world scenarios. Using the most recent software and hardware technologies to solve security issues. Conducting interviews with experts from different organizations to enable a diversity of perspectives.
[50]	2021	A novel framework that depends on blockchain technology and zero trust. The proposed framework is used to address security issues, enhance the identification of the device, and provide access control. Moreover, different security issues in IoT environments are presented in this paper.	A novel framework that depends on blockchain technology and zero trust.	There is a need for further research in the future to increase and measure the reliability of the proposed framework in real-world IoT scenarios.	Increase the reliability of the proposed framework by implementing it in real-world scenarios.
[51]	2020	A scalable and hierarchical system that depends on the blockchain and trust management protocol for IoT environments. The proposed system aims to address various security issues, enhance the evaluation of trust processes, and protect against different types of cyberattacks. The efficiency of the proposed system was evaluated using simulations.	A scalable and hierarchical system that depends on the blockchain and trust management protocol for IoT environments.	The trust evaluation process needs further discussion. There is a need for offline algorithms that recognize malicious nodes using ML efficiently.	More discussion about the trust evaluation process. Implementing offline algorithms that help to recognize malicious nodes using ML efficiently.
[55]	2021	A new secure lightweight solution that allows IoT devices to act as specialized nodes in the blockchain. The proposed solution reduces the redundancy in the blockchain and allows the integration of blockchain permissions, attribute-based access control, and identity-based signatures. The proposed solution improves security and efficiently prevents different types of attacks, like DDOS attacks.	A new secure and lightweight solution that allows IoT devices to act as specialized nodes in the blockchain. A private blockchain ledger is created for each domain. The integration of blockchain permissions, attribute-based access control, and identity-based signatures. To choose multiple IoT devices for distributed real-time policy decisions, a Policy Decision Point (PDP) algorithm was established.	Vulnerability to blockchain attacks like DDoS attacks. A lot of IoT devices cannot act as nodes in the blockchain. The proposed solution suffers from privacy issues due to granting delegate nodes all the access policies.	Designing a dynamic PDP algorithm. Reducing the communication cost of the PBFT consensus algorithm, Minimizing the cost of communication with the PBFT consensus algorithm. Implementing the proposed solution with an increasing number of IoT devices to measure the performance.
[49]	2020	Focusing on the need to build trust in decentralized IoT environments and proposing a novel trust model with multiple adaptive layers. The authors propose to combine blockchain with the trust system to improve security and authorize new entities based on trust model permissions. The results prove that the proposed model overcomes others’ trust models in terms of reliability and resiliency against different attacks.	A novel trust model with multiple adaptive layers that combine blockchain with the trust system to improve security and authorize new entities based on trust model permissions.	There is a need for a detailed explanation of how to improve trust in IoT networks using blockchain. Limited applications of the proposed trust model.	Combining the decentralized IoT environments with a control loop. Improving trust in IoT networks using blockchain by conducting further research in this field. Presenting more applications for the proposed new trust model in different fields like FANETs and VANETs.
[57]	2021	The proposed architecture aims to secure data and improve security in IoT environments through self-optimization, isolating processing data to enhance the security and efficiency of storage, as well as consensus. The DPA-PBFT algorithm was developed, which is a modification of the traditional PBFT algorithm. The DPA-PBFT algorithm grants auto-adjustment and enhances the efficiency of consensus.	A new architecture that depends on the blockchain. The modification of the traditional PBFT algorithm to introduce the DPA-PBFT algorithm. The implementation of the proposed architecture is done using the Go language.	The limitations of the proposed algorithm prevent it from handling wide-ranging environments.	Integrating fog computing with the proposed architecture will enhance data security.
[53]	2023	A system that utilizes CP-ABE and blockchains to enhance the security of the data through mutual authentication and improve efficiency. The proposed system enables access control of the data and key agreements in the IoT ecosystem. Formal and informal security verification methods are used to prove the system’s robustness against different attacks, like tracking and guessing attacks.	Determining problems in secure access control. Formal and informal security verification methods are carried out. Compare the proposed system with other related systems. Calculations of cryptography algorithms are conducted.	The efficiency of the proposed system needs to be improved. Computation cost limitations when increasing the number of users or entities in the system.	The efficiency of the proposed system needs to be improved. Computation cost limitations when increasing the number of users or entities in the system.
[3]	2021	Present a survey on the integration of blockchain with IoT to enhance performance and eliminate challenges. Focusing on the IoT challenges and proposing an architecture that combines blockchain with IoT in three layers using different approaches like cloudlet and dew computing. This integration aims to enhance the efficiency of authentication, services of data storage, and the performance and security of the proposed architecture. The proposed architecture aims to ensure resilience, efficiency, scalability, security, and the decentralized storage of data.	A new architecture with three layers: dew and cloudlet blockchain layers and the device layer to reduce the delay and enhance the efficiency. The proposed architecture uses local and consortium blockchains to verify the transactions faster.	Focusing on the blockchain characteristics while ignoring addressing integration process challenges, and integration process restrictions need further discussion.	Detailed discussions about integration process challenges and restrictions.

Table 3. Existing work in this field.

Ref.	Year	Proposal	Methodology	Limitations	Suggested Mitigation
[5]	2021	BBTM is a blockchain-based trust management approach for IoT systems with limited resources. BBTM contains multiple processes, such as node registration, task publication, feedback collection, and rewards based on the trust computation results.	Blockchain technology was used for the trust evaluation of sensor nodes using mobile edge nodes and addressing challenges related to energy efficiency.	There is no simulation for the proposed method with more complex scenarios. The consensus algorithm may cause some challenges during the practical implementation phase of the proposed framework.	Simulate the proposed method with more complex scenarios. Validate BBTM with IoT applications in the real world.
[44]	2021	A novel data-driven trust mechanism based on blockchain to secure IoT sensor networks. The proposed mechanism provides end-to-end trust and ensures trustworthy data. It uses blockchain technology to store trustworthy data on an immutable ledger to enhance the trust and accuracy of the data. The decentralization feature helps to ensure trust between unknown entities and ensures authentication, authorization, and security features.	The author did not provide a detailed discussion about the methodology used.	The focus area is how to incorporate trust mechanisms into the proposed framework while ignoring how to incorporate blockchain-based authentication and security during data transmission.	Based on the blockchain, the integration of authentication and security is considered essential for data transmission.
[43]	2021	Lightweight trust model that contains three modules: blockchain, IoT network, and data. It solves trust issues and protects data from being changed between supply chain parties. It enables data sharing and can reduce storage, computational, and latency requirements while increasing security. The effectiveness of this model is shown using a simulation approach.	The main contribution of the paper is focusing on the accuracy of the data in the supply chain by combining blockchain with IoT to handle trust issues.	The need for applying the proposed model to the real-world scenarios of an IoT supply chain system.	Test the performance, accuracy, and reliability of the proposed model in real-world scenarios.
[6]	2023	A new authentication framework based on blockchain technology is being used to secure IoT networks. The proposed approach enhances the scalability of some IoT applications. The contribution of this research is to provide a trust-aware security approach that levels up security and privacy while connecting IoT services.	It handles trust and privacy issues in IoT applications using blockchain-based permissions and lightweight authentication mechanisms. Secret encryption is used to encrypt IoT data and upload it to the cloud.	The proposed approach uses only one way, which is a permission-based blockchain, to enhance data storage, and a lightweight authentication mechanism depends on smart contracts.	Increasing the reliability of the proposed approach using a consensus algorithm. Adding recent and advanced algorithms like deep learning to categorize users based on their level of trust. Using software-defined networks and deploying them with 5G to provide efficient and quick responses.
[8]	2023	The paper deeply discussed the security issues in IoT environments. It also discussed blockchain-based solutions, the security features that blockchain can provide, and the challenges that will be solved when integrating blockchain with IoT. Different consensus protocols were briefly explained.	The paper presents a comprehensive review of the security issues in IoT environments.	Some research gaps need more attention. For example, the authors here discussed some security issues but did not talk about trust in blockchain or how it will help enhance secure communications in IoT environments.	Discussing more about security issues in blockchain and IoT environments. Developing new consensus protocols that could be effective in IoT environments. Presenting the role of blockchain-based SDNs in protecting IoT environments. Exploring blockchain-based IoT that supports 5G networks.
[56]	2020	A novel architecture for IoT environments that helps obtain and process data using blockchain. It ensures the security and consistency of IoT data. Consensus data in this architecture are written in the blockchain ledger. A new consensus algorithm called the Byzantine Fault-Tolerant Consensus Algorithm based on the Dynamic (DPA-PBFT) algorithm was designed to ensure data consistency between non-peer nodes. It will enhance efficiency and minimize the communication load to ensure consistency.	A novel architecture for industrial IoT groups that helps to obtain and process data using blockchain and evaluate trust to increase the possibility of obtaining correct authorizations even with malicious B-IIoT-Ds.	The IoT contains a lot of connected devices and produces huge amounts of data that need to be protected very well. The proposed model alone is not enough to provide sufficient security.	Integrating the proposed model with fog calculation will provide a better data security solution. Also, it is important to determine the number of selection consensus nodes when there are a large number of devices.
[7]	2020	A brief analysis of the security and privacy issues in IoT environments. Blockchain technology is utilized as a perfect solution for these problems. The focus area of this research is the Ethereum-based blockchain system in a smart IoT system. IoT devices are authenticated using the DecAuth protocol on the Ethereum platform.	Combining IoT technologies with blockchain technology. Analyzed each layer in the IoT to identify security and privacy issues.	Lack of details about the scalability issues in IoT networks. The DPA-PBFT algorithm has to be applied in a huge IoT environment to ensure its effectiveness.	Integrating fog computing to increase security and scalability. Large-scale IoT device networks can be accommodated by adapting the DPA-PBFT algorithm.
[45]	2020	A new audit system uses blockchain technology to solve trust issues in IoT environments. The proposed system is used for metrological traceability in a distributed measurement system. Integrating the PUF protocol and a hybrid BIoT architecture allows decentralized operations and enhances trust for IoT devices.	Using blockchain technology along with PUF for metrological traceability in IoT environments. Implementing their proposed system using JavaScript and Solidity.	Due to resource restrictions, various authentication protocols are needed for devices. Smart contracts’ privacy issues on Quorum. The need for implementation in real-world scenarios to verify scalability and its related challenges.	Integrating new technologies like AI and edge computing to enhance the performance of the proposed system. Implementing the proposed system in real-world scenarios to verify scalability and its related challenges.
[52]	2024	Focusing on the importance of securing IoT environments and proposing an approach that combines blockchain with IoT environments to meet that objective. The proposed approach guarantees secure and quick authentication in these environments. The efficiency of the proposed approach is measured using simulations. The results prove that security and trust are achieved by enhancing access control, authentication, and data exchange mechanisms.	A novel combination of blockchain and IoT to improve security, preserve the integrity of data, and protect the privacy of users. The proposed approach is verified using simulations of real-world IoT scenarios in the Polygon blockchain network by establishing and deploying smart contracts.	There is a delay in some phases, like transaction time, network latency, overload of transactions, and network congestion. Data exchange challenges exist in some scenarios. Scalability and inefficiency challenges in the blockchain due to processing large amounts of data.	Implementing the proposed approach in private blockchain will reduce the time of transactions and solve scalability issues. Integrating distributed storage solutions with distributed and decentralized storage networks to mitigate scalability issues.
[46]	2021	A new solution to store identities and trust metrics on the blockchain in SDN-based IoT networks. The proposed solution aims to solve key and trust management issues in IoT devices. Also, it improves scalability by achieving this target. The results prove that the proposed solution can improve performance and productivity even with an increase in the number of IoT nodes and data transmitted.	A new scalable solution to manage the keys and trust of IoT devices can be evaluated using different criteria like productivity and delays in access time. A scalability test can be conducted by minimizing the number of IoT nodes and transmitted data.	There is no comparison for key submission on blockchain as its access delay time is not captured.	It is recommended to use dynamic load balancing in the proposed solution with distributed SDN-WISE controllers and increase the range of multiple heterogeneous IoTs.
[47]	2021	A novel decentralized mechanism that depends on attribute-based access control along with a Trust and Reputation System (TRS). The proposed mechanism aims to authorize IoT entities, quantify the scores of trust and reputation for flexible and dynamic access control, use private sidechains to store private information, operate on public blockchains, and evaluate the performance criteria of IoT environments.	Using blockchain along with attribute-based access control and the Trust and Reputation System (TRS). A comprehensive methodology is achieved in different stages, like designing, comparing, implementing, and evaluating the proposed mechanisms.	A constraint on mitigating violations in the sidechains’ attribute registration procedure, as well as a bootstrapping issue for new nodes with a reputation score of zero.	Strengthen the trust model to reduce violations in the attribute registration process and solve the bootstrapping issue for new nodes with 0 reputation scores.
[48]	2020	Introducing a unique system to monitor device behavior and classify trust levels for each zone using deep learning techniques in IoT environments integrated with blockchain. The proposed system aims to solve or mitigate the security challenges in these environments.	There are different steps to implementing the system, including catching and verifying the behavior, applying behavior monitoring, deploying in trusted environments, creating and configuring the private blockchain, utilizing auto-cryptography classification, and calculating threshold values.	No trust mechanism at the device level is used to classify the zones based on external entities. There is no detailed discussion about the limitations of the centralized mechanisms.	Using different ML techniques, scaling the system to cover all IoT environments, and applying the proposed system to various device datasets.
[54]	2020	Developing and evaluating a new registration and tracking system that is used for monitoring sensor data in blockchain-based IoT environments. The proposed system is used to improve the confidentiality, integrity, and availability of data (CIA) in blockchain-based IoT environments. Different IoT applications are discussed in this paper. The dependence on centralized cloud servers is also discussed. How blockchain technology can address the CIA of IoT data is mentioned.	Using the design science research approach, the authors developed and evaluated a new registration and tracking system that is used for monitoring sensor data in blockchain-based IoT environments.	Focusing on specific frameworks that could limit the generalizability. The proposed system has not been implemented in real-world scenarios. There is a need for the most recent software and hardware technologies to solve security issues. Interviews were conducted only with local experts, which could restrict the diversity of perspectives.	Using different available frameworks to discover their effects on the CIA of IoT sensor data. Implementing the proposed system in real-world scenarios. Using the most recent software and hardware technologies to solve security issues. Conducting interviews with experts from different organizations to enable a diversity of perspectives.
[50]	2021	A novel framework that depends on blockchain technology and zero trust. The proposed framework is used to address security issues, enhance the identification of the device, and provide access control. Moreover, different security issues in IoT environments are presented in this paper.	A novel framework that depends on blockchain technology and zero trust.	There is a need for further research in the future to increase and measure the reliability of the proposed framework in real-world IoT scenarios.	Increase the reliability of the proposed framework by implementing it in real-world scenarios.
[51]	2020	A scalable and hierarchical system that depends on the blockchain and trust management protocol for IoT environments. The proposed system aims to address various security issues, enhance the evaluation of trust processes, and protect against different types of cyberattacks. The efficiency of the proposed system was evaluated using simulations.	A scalable and hierarchical system that depends on the blockchain and trust management protocol for IoT environments.	The trust evaluation process needs further discussion. There is a need for offline algorithms that recognize malicious nodes using ML efficiently.	More discussion about the trust evaluation process. Implementing offline algorithms that help to recognize malicious nodes using ML efficiently.
[55]	2021	A new secure lightweight solution that allows IoT devices to act as specialized nodes in the blockchain. The proposed solution reduces the redundancy in the blockchain and allows the integration of blockchain permissions, attribute-based access control, and identity-based signatures. The proposed solution improves security and efficiently prevents different types of attacks, like DDOS attacks.	A new secure and lightweight solution that allows IoT devices to act as specialized nodes in the blockchain. A private blockchain ledger is created for each domain. The integration of blockchain permissions, attribute-based access control, and identity-based signatures. To choose multiple IoT devices for distributed real-time policy decisions, a Policy Decision Point (PDP) algorithm was established.	Vulnerability to blockchain attacks like DDoS attacks. A lot of IoT devices cannot act as nodes in the blockchain. The proposed solution suffers from privacy issues due to granting delegate nodes all the access policies.	Designing a dynamic PDP algorithm. Reducing the communication cost of the PBFT consensus algorithm, Minimizing the cost of communication with the PBFT consensus algorithm. Implementing the proposed solution with an increasing number of IoT devices to measure the performance.
[49]	2020	Focusing on the need to build trust in decentralized IoT environments and proposing a novel trust model with multiple adaptive layers. The authors propose to combine blockchain with the trust system to improve security and authorize new entities based on trust model permissions. The results prove that the proposed model overcomes others’ trust models in terms of reliability and resiliency against different attacks.	A novel trust model with multiple adaptive layers that combine blockchain with the trust system to improve security and authorize new entities based on trust model permissions.	There is a need for a detailed explanation of how to improve trust in IoT networks using blockchain. Limited applications of the proposed trust model.	Combining the decentralized IoT environments with a control loop. Improving trust in IoT networks using blockchain by conducting further research in this field. Presenting more applications for the proposed new trust model in different fields like FANETs and VANETs.
[57]	2021	The proposed architecture aims to secure data and improve security in IoT environments through self-optimization, isolating processing data to enhance the security and efficiency of storage, as well as consensus. The DPA-PBFT algorithm was developed, which is a modification of the traditional PBFT algorithm. The DPA-PBFT algorithm grants auto-adjustment and enhances the efficiency of consensus.	A new architecture that depends on the blockchain. The modification of the traditional PBFT algorithm to introduce the DPA-PBFT algorithm. The implementation of the proposed architecture is done using the Go language.	The limitations of the proposed algorithm prevent it from handling wide-ranging environments.	Integrating fog computing with the proposed architecture will enhance data security.
[53]	2023	A system that utilizes CP-ABE and blockchains to enhance the security of the data through mutual authentication and improve efficiency. The proposed system enables access control of the data and key agreements in the IoT ecosystem. Formal and informal security verification methods are used to prove the system’s robustness against different attacks, like tracking and guessing attacks.	Determining problems in secure access control. Formal and informal security verification methods are carried out. Compare the proposed system with other related systems. Calculations of cryptography algorithms are conducted.	The efficiency of the proposed system needs to be improved. Computation cost limitations when increasing the number of users or entities in the system.	The efficiency of the proposed system needs to be improved. Computation cost limitations when increasing the number of users or entities in the system.
[3]	2021	Present a survey on the integration of blockchain with IoT to enhance performance and eliminate challenges. Focusing on the IoT challenges and proposing an architecture that combines blockchain with IoT in three layers using different approaches like cloudlet and dew computing. This integration aims to enhance the efficiency of authentication, services of data storage, and the performance and security of the proposed architecture. The proposed architecture aims to ensure resilience, efficiency, scalability, security, and the decentralized storage of data.	A new architecture with three layers: dew and cloudlet blockchain layers and the device layer to reduce the delay and enhance the efficiency. The proposed architecture uses local and consortium blockchains to verify the transactions faster.	Focusing on the blockchain characteristics while ignoring addressing integration process challenges, and integration process restrictions need further discussion.	Detailed discussions about integration process challenges and restrictions.

6. Blockchain-Driven Sustainability in IoT Security

Our research paper contributes to sustainability and reinforces the connection through the following aspects [58,59,60,61]:

• Improving security and trust:
  • Data integrity: one of the characteristics of the blockchain is having a tamper-proof and decentralized ledger, which will guarantee that IoT devices remain trustworthy and accurate, mitigating the threat of data manipulation.
  • Authentication: Blockchain can prevent unauthorized access and secure device authentication by implementing encryption techniques. This is a very critical point in the smart grid where data integrity is necessary for best sustainable practices.
• Resource efficiency:
  • Resource management optimization: Blockchain can facilitate our lives by applying more efficient resource allocation in IoT networks. For instance, in smart agriculture systems, blockchain can contribute to tracking resource usage like the amount of water used, which leads to enhanced input usage and minimizes waste.
  • Decentralized energy systems: Peer-to-peer energy trading among IoT devices using blockchain technology can help create decentralized energy systems in energy management that are both resilient and sustainable.
• Accountability and transparency:
  • Transparency: Blockchain can enhance transparency by enabling the tracking of products in supply chains and empowering consumers to make informed decisions regarding sustainable products.
  • Environmental impact tracking: With the integration of sensors linked to blockchain technology in place, for environmental impact monitoring purposes, companies can actively track their footprint in real time to foster responsibility and advocate for eco-friendly behaviors.
• Reduced carbon footprint:
  • Improved efficiency in logistics: Utilizing IoT devices in conjunction with blockchain technology can streamline logistics and transportation processes to minimize fuel usage and emissions—a key factor in maintaining sustainable supply chains.
  • Smart waste management: Utilizing blockchain can assist in waste management by offering insights into patterns of waste generation and promoting recycling through incentivized programs.
• Decentralization and resilience:
  • Distributed networks: Leveraging the structure of blockchain technology can improve the robustness of IoT systems. This is especially advantageous in emergencies where ensuring communication and data security is crucial, for the distribution of resources.
  • Empowerment of local communities: Local communities can gain empowerment through blockchain technology support for decision making and resource management to adopt sustainable practices that suit their unique environments.
• Innovation and collaboration:
  • Encouraging research and development: Embracing blockchain technology in the IoT fosters teamwork, across fields and fuels advancements that support the development of eco-friendly technologies.
  • Engagement of stakeholders: Collaboration among groups, like governments and businesses, can be improved with the help of blockchain technology to work together toward achieving sustainability goals.

Table 4. How blockchain-driven IoT contributes to sustainability.

Area	Contribution to Sustainability
Improving Security and Trust	Helps to maintain data integrity through the use of indemnified ledgers and authentication, a key note for credible, long-term IoT applications like smart grids.
Resource Efficiency	For example, monitoring water in smart agriculture increases the effectiveness of resource use in IoT networks and helps to implement decentralized and resistant energy systems.
Accountability and Transparency	Improves transparency, enabling people to make sustainable decisions in a supply chain; tracks impact for corporate responsibility.
Reduced Carbon Footprint	Optimizes operational and transportation processes to reduce emissions; supports waste management by studying the patterns of waste produced and encouraging the recycling of waste material.
Decentralization and Resilience	Enhances the resilience of IoT systems against failures or malicious action; fosters the use of collective adherence to resource conservation and management.
Innovation and Collaboration	Promote the technological process of environment conservation, and enhance the idea of a partnership between various players toward environmental sustainability.

summarizes how blockchain-driven IoT contributes to sustainability.

In this section, we showed how security, trust, and sustainability are all linked together. We also discussed real-life examples and possible advancements to support the idea of blockchain contributing to practices in IoT by highlighting how secure and reliable IoT systems can improve resource efficiency and increase transparency. Lastly, the document can demonstrate the significant impact of this research on sustainability.

IoT Integration Challenges and Sustainability

For IoT integration, one of the significant issues encountered is in terms of data integration compatibility. For instance, smart agriculture systems include sensors from different manufacturing companies to check soil moisture and crop status. However, the absence of protocols results in format variations that present challenges in analysis and action. Blockchain comes in handy in this case by creating a standardized, distributed, and auditable system for data exchange and verification across disparate IoT devices [1].

One of the key issues is the question of energy demand. Many IoT devices are installed in areas that are very remote or may have little or no access to resources (e.g., sensors used to monitor climate change in forests), and the sustainability problem arises when batteries need replacement, as this is very expensive and negatively impacts the environment. When leveraging blockchain technology integrated with, of course, energy-friendly consensus algorithms like PoS, datasets do not need to be transmitted or stored when unapproved or deemed suspicious—this greatly improves efficiency while simultaneously cutting energy costs in the process [3].

7. Challenges, Open Issues, and Future Research Directions

7.1. Challenges of Integrating Blockchain with IoT Environments

There are different challenges encountered by integrating blockchain technology with IoT, which are summarized in the following points:

• Blockchain networks are often suitable for small-scale applications, while IoT networks contain a lot of restricted devices that introduce a lot of information.
• The restricted devices in IoT environments have limited memory, computational power, and resources, which make it difficult for blockchain to apply very complex operations on these devices, which will affect their performance.
• Many IoT applications require fast responses, like emergency notifications in medical environments, while the networks of blockchain have lower latency, which may impact the response time.
• IoT devices suffer from many security challenges, like malware, physical tampering, or network-based attacks, which cannot be solved with blockchain. Even if it provides security countermeasures over the network, providing security to IoT devices exceeds its capabilities. Thus, ensuring the full security and privacy of IoT data is impossible.
• Some consensus mechanisms, like proof of work, consume a lot of energy, which may not align with IoT-restricted resources.

7.2. Future Directions

As a solution for some of these challenges, we propose the following points as future directions for other researchers and as other opportunities to conduct valuable research:

• Energy-Efficient Consensus Protocols: Centralized traditional consensus mechanisms such as proof of work (PoW) demand high computational power and energy, which become increasingly infeasible in the IoT context. The suggested future work is on extending stateless and resource-limited lightweight protocols such as PoS and DPoS to IoT networks. In addition, expanding the research focused on the set of adjustments that allow for the inclusion of minimal PoW with other minimal protocols would further help to achieve the balance between security and efficiency.
• Scalability in Large-Scale IoT Networks: Comprising several thousands or sometimes millions of interconnected devices within a distinct IoT network, scalability then becomes a problem within traditional consensus approaches. There is a lack of research on network-wide consensus algorithms like sharding or the use of Directed Acyclic Graphs (DAGs), in which the validation process is split across multiple subnets or in which the transactions can be validated asynchronously. Such approaches could increase the throughput, decrease the latency, and keep security; therefore, these techniques might be useful for a large-scale IoT environment.
• Latency-Optimized Consensus for Real-Time Applications: IoT interface response validity is critical in many interfaces, mainly due to the required real-time feedback in various healthcare monitoring or industrial automation applications. Other consensus mechanisms with fast finality that can also be further researched and modified for IoT consist of the BFT variants and Raft. These protocols reduce the delay by checking and affirming transactions in a more centralized or hierarchical model, making the response time for crucial applications optimum.
• Consensus Mechanisms with Built-In Security and Privacy for IoT: The point is that the IoT is an open and typically unstructured environment, so solutions based on consensus mechanisms, which also include lightweight encryption or even privacy-preserving techniques such as zero-knowledge proofs could boost both security and privacy. Further research can investigate ways of developing consensus algorithms that naturally address permission, privacy, and security issues in achieving consensus across IoT devices with minimal computational cost.
• Adaptive and Flexible Consensus Protocols for Dynamic IoT Environments: Indeed, IoT environments are characterized by continuous device onboarding and disconnection. Dynamic consensus protocols that provide flexibility in parameters such as the number of nodes involved in consensus and validation rules involved in the consensus are required. Studying non-rigid or auto-configurable protocols on which ML or auto-configuration algorithms for the assessment of network states and subsequent fine-tuning of consensus mechanisms could considerably enhance the stability and throughput of consensus across IoT networks.

8. Conclusions

Recently, a new concept has emerged that allows many devices with limited resources to communicate with each other, like sensors and other restricted devices, referred to as the IoT. These are called restricted devices because they use less memory, computing resources, and power. Nowadays, IoT can simplify daily life activities, but we have billions of interconnected devices that introduce a lot of information. So, attackers try to exploit this information for their purposes. In addition, a lot of security threats have occurred in IoT-layered architectures. For this, blockchain is considered an optimum solution to improve security solutions and enhance the reliability of the IoT by providing different features like transparency and decentralization, which leads to minimizing the manipulation of transmitted information over the network. In addition, blockchain helps control access to network resources, allowing the sharing of data securely and managing trust. This paper discussed the challenges of IoT-layered architectures and how blockchain can overcome these challenges. Moreover, this paper explored the most recent papers that were published between 2020 and 2024 to focus on their results and limitations. Furthermore, the advantages of combining blockchain with IoT are also elaborated. Additionally, this paper presents the challenges that need more attention when we integrate blockchain with IoT along with future directions that will help to address these issues.