Blockchain-Based Internet of Things and Industrial IoT: A Comprehensive Survey

Industry 4.0 connects the latest technologies such as cloud computing, Internet of things (IoT), machine learning and artiﬁcial intelligence (ML/AI), and blockchain to provide more automation in the industrial process and also bridges the gap between the physical and digital worlds through the cyber-physical system. The inherent feature of IoT devices creates the industry to smart industry (referred to as industrial IoT, i.e., IIoT) through its data-driven decision policies. However, several challenges such as decentralization, security and privacy vulnerability, single point of failure (SPOF), and trust issues exist in the IoT system. Blockchain is one of the promising technologies that can bring about opportunities for addressing the challenges of IoTsystems. In this article, we have investigated the integration of IoT with blockchain technology and provided an in-depth study of the blockchain-enabled IoT and IIoT systems. The state-of-the-art research is categorized into data storage and management technique, big data and cloud computing technique (ﬁnance and data auditing), and industrial sectors (supply chain, energy, and healthcare sector). The insightful discussion based on the diﬀerent categories is also presented in the paper. In particular, ﬁrst, we introduce the IoT and IIoT and then discuss the need for smart contracts in IoT and IIoT systems. Next, we concentrate on the convergence of blockchain and IoT with state-of-the-art research. In addition, this article also provides the open and future research directions towards this era with the highlighted observations.


Introduction
Internet of things (IoT) consists of devices and machines equipped with networking capability which can collect data from their environment via various sensors, share them with other devices over the Internet, and carry out analysis (or act) on received data automatically without requiring human intervention [1,2]. For example, an IoT-based smart home system can use sensors to detect when the electrical appliances need to be turned on (or off) and do so automatically, thereby conserving energy and making life easier for people. IoT has a huge range from sensors and smart consumer devices like smart television, wearable electronics to human and animal implants (e.g., medical implants or identification), and tracking chips for animals [3]. IoT has a very wide range of applications starting from home consumer products, health, agriculture, energy, and transport to any sector that can benefit from integrating IoT. e number of IoT devices is increasing at an explosive rate, but many challenges [4] exist with the same. IoT devices usually have limited processing capabilities and are vulnerable to security attacks [5]. Hence, security is an important aspect while designing the IoT-based system. e attacks in the IoT-based system are broadly classified into four major categories [6]. e first category is known as the physical attack in which the attacker is physically very close to the network and tries to launch the malicious functionality in the system. Tampering to the IoT device, jamming the radio frequency signals, side-channel attack, and malicious code injection are the common forms of physical attacks. To counter the physical attack, researchers use the physical unclonable function (PUF) [7] for the authentication of IoT devices. In those systems, authentication is mainly dependent on the challenge-response mechanism. e beauty of using the PUF is that it is impossible to clone the exact microstructure of the device. e network attack is the second category of attack in which the attackers try to manipulate the IoTnetwork. e attacker can launch this attack without being close to the network. Traffic analysis attacks, RFID spoofing, Sybil attack, and man-inthe-middle attack are based on the network attack. e use of a secure hash function and authentication technique can prevent this attack [8]. e third and fourth categories of attacks are known as software attacks and data attacks, respectively. In the software attack, the attacker launches the attack by considering the advantages of software present in the IoT system. In contrast, a data attack involves data inconsistency and unauthorized access to the data. e blockchain-enabled privacy-preserving technique efficiently prevents the data attacks [9].
Industrial IoT (IIoT) refers to using IoT technology in industries in order to boost productivity and efficiency in manufacturing and industrial processes [10]. IoT helps industries by improving data collection, machine-to-machine coordination, monitoring and maintenance of hardware, quality control, supply chain traceability, energy management, and overall cost reduction. Connecting everything to the Internet [11] offers a great advantage; sensors can collect and harvest data and then send them to the servers equipped with high processing capabilities for further analysis and make decisions based on which they can then be enacted by other IoT devices [12]. For example, a watering system for crops can use moisture sensors to collect data about soil moisture, send them to a server to figure out when and how much watering is needed, and automatically water the crops. It can even receive information about weather from the Internet and make decision based on it. e blockchain is one of the promising technologies that can solve various issues (trust, adversary attack, etc.) existing in the IoT and IIoT-based systems [13]. Blockchain technology involving smart contracts has a wide range of applications in the IoT and IIoT [14]. IoT is more consumer-oriented (i.e., focuses on smart appliances which would be beneficial to the endusers), for example, a smartwatch that records the pulse rate.
Blockchain is a decentralized peer-to-peer system and distributed immutable ledger [15]. It is a chain of blocks, where block is a piece of information that is made up of transaction, and it contains a timestamp, as well as hash of the previous block which is used to create the hash of the recent block [16]. e blockchain technology is poised to innovate and transform a wide range of applications. It is a database or digital ledger of transactions. In traditional databases, centralized server is used to store the data where centralized authority (as a trusted one) deletes or updates the data, whereas, under the blockchain mechanism, data are shared across a network of multiple computers (or nodes) which run special software to ensure that all data remain identical [17]. As the information is stored across various computers (or nodes) and all the information (blocks) is linked with the previous one, it is difficult for the adversary to change (or delete) the information from a blockchain-based system and, simultaneously, the blockchain helps to securely store and validate sensitive information that maintains the trust in the decentralized network [18].
Smart contracts are an important feature of blockchain technology. e Ethereum system uses the smart contracts for creating the immutable ledger of records. Smart contracts are just like contracts in the real world [19]. e only difference is that they are completely digital, which means that there is an agreement between two or more people in the form of computer code. It is a computer program that is stored inside a blockchain that computers (or the nodes) execute, and, after execution, the ledger gets updated [20]. Smart contracts are self-executing codes when predetermined terms and conditions are met and verified. As they are stored on a blockchain, they inherit some interesting properties; for example, they are immutable and distributed [21]. Figure 1 illustrates the integration of blockchain with the IoT-based system, where data owners send the collected data from IoT devices to blockchain for storage, and data users get the data from blockchain under the required access control mechanism.
A lot of personal information is stored by the devices gathered from different IoT devices [11], which needs to be secure and can only be accessed by the owner and approved and verified stakeholders. e blockchain is one of the probable solutions that can assure integrity and security of data and, with smart contracts, the owner can control sharing of his data on his terms. Major advantages of blockchain technology in IIoT are the decentralization, immutable records, and nonrepudiation of stored information [22]. e general working mechanism of smart contracts with the IIoT-based system is depicted in Figure 2. e smart contract executes the data provided by the IIoT devices and stores them to the blockchain.

Background Study of the Smart Contracts.
Nick Szabo introduced the smart contracts concept in 1994. According to Nick Szabo, smart contracts are "a computerized transaction protocol which executes the term of contracts." As long as the blockchain is concerned, smart contracts are a piece of code or scripts (or programs) that store inside the blockchain [23]. e scripts are written in a high-level language. Generally, smart contracts scripts are "IF ...this THEN...this" based statement. Smart contracts always execute in a secure environment. e closed environment provides the correctness of execution and integrity of code and data. ese contracts also interact with other contracts and other smart contract-based systems. Smart contracts mechanisms for the blockchain-based system are generally based on a deterministic state machine model. e flow of smart contracts cannot be nondeterministic. e reason is that the nondeterministic model achieves the different output (or states) for the same inputs, and if the system behaves in a nondeterministic way, consensus cannot be achieved. All the nodes in a network agree on contracts in the smart contract-based system, either in permissionless or in permissioned blockchain. ese contracts define a set of rules stored on all the nodes in the blockchain network. In turn, blockchain nodes execute these scripts to perform certain activities or transactions in a network [24]. e systematic architecture of state machine-based smart contract is illustrated in Figure 3. In this directed graph, vertices represent the state, and edges represent the transition from one state to another. e set of actions (Authentication, NoAction, Violation, Permission, etc.) are used for transition from one state to another. For example, if the machine is in state 0 and the action is Authentication, the machine automatically moves from state 0 to state 1, and if it is in state 1 and the action is Violation, the machine automatically moves to state 2, and so on. e smart contracts are not developed well initially due to the lack of relevant digital systems and theoretical techniques. At that time, there are hardly any digital assets available which are directly manipulated by the contracts. e limitation on computational law is the second big challenge associated with the contracts. e computational law requires the very efficient execution of code, but fast processors' unavailability limits this process. Lastly, the lack of a creditable environment stagnates the development of smart contracts [25]. In the last few years, decentralized blockchain platforms provided a secure and trusted environment for the execution of smart contracts. e technology is changing very rapidly; simultaneously, the attackers are too smart as well. Concerning smart contracts, the attackers try to inject the vulnerabilities in the smart contracts. In 2018, the MAIAN tool was used by Nikolic et al. [26] to perform the security analysis in the smart contracts. ey collected the 1million smart contracts for this, and the result revealed that the 34200 smart contracts are vulnerable, where, on average, each contract takes 10 seconds. Nowadays, many formal verification tools are available, which can check the smart contracts and find out the bugs and errors associated with the same. To check the vulnerability in smart contracts code, many researchers and coders use the Oyente tool. is tool generally captures time-stamp dependence, transaction ordering dependence, and reentrancy. Whenever the smart contracts are checked using the Oyente tool, the program variables are replaced by the symbolic variables. Different paths are examined and generate the control flow graph of the contract byte code [27]. e benefits of smart contracts include the faster and more accurate execution, cost reduction, and trust. Due to   their unique features, many applications use the smart contracts according to their needs and requirements. e diverse scope of the smart contracts includes the following: (1) In the present time, the costly and risky settlement process hinders the efficiency of transactions processed in the trade settlement system. Due to the involvement of a number of sequential practices, the settlement process is time-consuming and ineffective. For example, on average, more than 20 days are required to settle a leveraged loan. In this context, smart contracts can play a significant role where the transactions are not executed until the predefined conditions are met. ey also reduce the risk and decrease the operational cost and settlement time [28].
(2) Similar to the trade settlement, the current mortgage lending relies on outdated processes and frameworks. e loan approvement requires a lot of paperwork and involves many intermediaries (many bank employees and third parties). Each financial document is manually shared with multiple departments, which needs to be signed and tracked by the authorities [29]. erefore, this whole process requires a lot of human effort and sometimes it is vulnerable because of human mistakes. With the integration of smart contracts, the entire process can be digitized and automated.
(3) e land registry process involves the real-estate agents who examine the land documents such as buyer and seller agreement records and construction data. e involvement of the third party and its manual process lead to the alteration of land documents and, consequentially, fraud. A lot of extra money is also paid to the third party for the settlement of land. Smart contracts-enabled blockchain systems can solve the aforementioned problem, where the blockchain token contains the relevant information of property such as buyer and seller ID and legal description [30]. (4) e insurance industry faces various challenges such as high operational costs and slow claim processing.
To further speed up the transaction, the insurance sector can integrate the smart contracts and blockchain, where only a few seconds are required to settle the claims and transfer the funds from one party to another [31]. e IIoT devices play a crucial role for the insurance industry, where the smart sensors are placed on the vehicle (or home) and transfer the realtime data to authorities. After verifying the user's credentials, the smart contracts are automatically triggered to settle the claim.

Importance of Smart Contracts in
IIoT. e smart contract executes automatically, independently, and in a transparent manner (based on the agreement policies) and transfers the ownership of the assets between the two parties without the involvement of a trusted third party (TTP). e detachment of TTP in the smart (digital) contracts saves the extra money and time that are associated with the physical contracts [32]. e key advantage of smart contracts includes the automation, transparency, accuracy, enhanced security, and trust, and the very brief description of the same is discussed below. e smart contract system creates an environment of trust as the information and logic of the smart contracts are visible to all the participants of the network (based on the permissioned and permissionless network model). In the industrial IoT system, the participants are distributed across the globe, and it is necessary for the industrial sectors to provide full transparency in the system [33]. e smart contracts-based IIoT system is the best option for achieving this. e industrial sectors generally used a third party that maintains a level of trust and imposes security in the system. Due to the TTP, extra costs occurred in the industrial sectors. e smart contract not only removes the TTP but also provides trust in the global trustless environment. e adoption of smart contracts in the industrial sector provides more automation for the contracts. Also. once a contract is deployed over the blockchain network (under the assumption of the majority of consensus), no one can change it. Smart contracts provide more efficiency and speed in the system. By using smart contracts, processed transactions per unit of time are more than the traditional contracts [34]. e IIoT sector (such as healthcare) generates a large volume of data; therefore, to process them, smart contracts are the best-suited option for IIoT sectors.

Contributions of the Paper.
e objective of this paper is to illustrate how blockchain technology solves the issues associated with the IoT and IIoT system. e primary contributions of this paper are summarized as follows: (1) A very brief introduction of IoT and IIoT is first provided in the paper. Meanwhile, the various research challenges associated with the IoT and IIoT are also outlined in the paper. (2) is paper highlights the importance of smart contracts in the IIoT sector.

Organization of the Paper.
e paper is organized as follows: Section 1 introduces our paper by describing the IoT and IIoT systems, as well as the need for blockchain in those systems. Section 2 discusses the adoption of blockchain technology in different application areas including the healthcare, supply chain system, and IoT. e state-of-theart researches based on the different categories are presented in Section 3. Sections 4 and 5 elaborate the open research issues, as well as our observations from the state-of-the-art research. Finally Section 6 provides the conclusion of the paper with future research.

Adoption of Blockchain Technology in
Application Domains e blockchain technology is applicable in different domains ranging from health sector and supply chain management system to IoT, smart and autonomous vehicles, and so forth.
is technology is applicable to handling the various challenges that are faced by the traditional system; for example, the functionality of the system depends on the trusted third party, as well as many more.

Health Sector.
Due to the continuously increasing world population, the health sector becomes one of the most important social-economic problems. e numbers of hospitals and resources in the hospitals are very limited and, in some areas, there are no hospitals. Currently, wearable health devices play an important role in remote patient's treatment. ese devices continuously measure the patient and collect the health data for the required treatment. e advantage of this technique is that the healthcare team and the doctors access the data remotely at any time. But the privacy and security of these wearable devices are a challenging task. Incorporating the blockchain technology in the health sector potentially overcomes few of the challenges that are faced by this sector. In the continuation of it, the authors in [35] proposed a new model for monitoring remote patients using the patient agent-based blockchain system. e health-related data are collected by the wearable sensors and transmitted to the patient agent that further breaks the data into small blocks before storing them in the blockchain network. Meanwhile Xia et al. [36] suggested a blockchain-based secure data-sharing scheme for the private health-data management system. e suggested protocol used identity-based authentication and key-agreement protocol. To manage the individual health records and support the secure sharing of patient's data across the different hospitals, insurance companies, and medical centers, the blockchain-based solutions have been proposed by the authors [37]. is model guarantees the security and privacy of health data. Furthermore, an attribute-based signature scheme to manage the decentralized health records based on the blockchain mechanism gas been proposed by Sun et al. [38]. is scheme verifies the authenticity of the health data and also preserves the privacy of the health-data owner. Griggs et al. [39] suggested that the smart contracts enabled the permissioned blockchain platform to monitor the remote patients. e medical sensors collect the data and send them to the smart contracts for further analysis. e PBFT consensus mechanism is used by this system for the block validation. e patient-centric approach for sharing medical information among the different hospitals and research institutions is proposed by the authors in [40]. e privacy of the patient's medical data is ensured by the system.

Supply Chain Management.
In the supply chain management system, a product consists of multiple parts that are provided by the different manufacturers. In the entire process, if any manufacturer or any other entity submits the low-quality parts (or forged parts), then it is quite expensive to detect the low-quality parts. e integration of blockchain with IoT solves the above-mentioned issue. e unique ID of every part is attached with the timestamp and stored in the blockchain network, which is traceable at any time. In [41], the authors adopted the blockchain mechanism for the authentication of every part that is provided by the owner. Meanwhile, in [42], the authors integrate the blockchain with the IoT to trace the products. ey used the Ethereum platform for it. e suggested method achieves the data provenance in the supply chain management system. e authors in [43] showed that the integration of IoT with the blockchain mechanism helps to reduce the cost and risk and fasten the supply chain process. Moreover, to improve the quality and its services, machine learning and the blockchain mechanism are combined in [44]. To provide the traceability system for an agrifood supply chain, the authors in [45] used the radio-frequency identification (RFID) with the blockchain mechanism.
e system provides transparency and product traceability.
e double marginalization and information asymmetry are the problems associated with the supply chain system. To solve this kind of problems, Nakasumi [46] proposed a solution based on the homomorphic encryption method for the security and privacy of the user's data. In [47], the authors proposed the blockchainbased secured information-sharing scheme for the supply chain system. e two-phase validation protocol (transaction and block validation) was designed by the authors to enhance the security of the proposed system. To show transparency in the supply chain system, smart contracts were designed and the Ethereum blockchain platform was used for its evaluation.

Internet of ings (IoT).
Generally, IoT devices are data-centric devices where data are sent and uploaded by a huge number of devices. Both the device and data can be targeted by the attackers. e attacker sends the falsified data to the network. In the IoT-based system, data can be personal and sensitive. erefore, the integrity and privacy of data are the top priority for these systems. Blockchain is believed to solve this issue. e characteristics of blockchain attracted the attention of researchers. In the continuation of this, Gu et al. [48] suggested the malware detection system based on the consortium blockchain which is further based on the statistical analysis method. In order to reduce the false-positive rate, they adopted the multiple marking function and fuzzy comparison method. Further, a blockchain technology-based firmware update methodology was proposed by the authors in [49] for the protection of embedded devices in the IoT system. To manage the IoT devices, the authors in [22] suggested the blockchain technology-based access control system. eir system consists of a wireless sensor network, agent node, smart contracts, management hub, managers, and blockchain network. e system is scalable and preserves transparency. e authors in [50] suggested the cloud blockchain for the IoT system to manage the resource allocation scheme. But the disadvantage of this scheme is that the smart contracts for resource allocation are not investigated. e IoT is also applicable in the 5G era, where millions of devices are connected with each other. To solve the privacy issue in the 5G environment, Fan et al. [51] proposed the blockchain-based data-sharing and privacypreserving scheme.

State-of-the-Art Research
With growing innovations and implementation of IoT in different fields such as industries, health [52], supply chain [47], and VANET [53], the huge volume of data is generated from the above application areas, and it is continuously growing. e state-of-the-art research is broadly classified into four major categories: data storage and management technique (discussed in Subsection 3.1), industrial sectors (discussed in Subsection 3.2), big data, cloud computing technique, and network security management technique (discussed in Subsection 3.3), and the various techniques adopted in the healthcare sector (discussed in Subsection 3.4), which are shown in Figure 4.

Data Storage and Management Techniques.
e management and storage of these data for ensuring security, integrity, traceability, and immutability as well as the trusted exchange of data are of utmost importance in current times [13]. ese requirements of IIoT-based systems are easily met by blockchain technology. Blockchain technology can be expensive due to the involvement of multiple agents (or nodes), and it requires high processing and computational power. Kurt Peker et al. [54] explored the cost of storing the collected data in blockchain for low computation power in terms of storage and processing. eir work presented that overwriting new data is more cost-efficient than appending new data. ey also demonstrate that storing the data in one variable within a smart contract is more cost-efficient than storing the same in an array, but the difference is insignificant.
is work provides an idea about how one can reduce cost without compromising data storage in the blockchain.
A huge amount of data generated by the IoT devices is generally stored in a centralized cloud system, but it requires trust in the central authority, and there can exist a singlepoint-of-failure (SPOF) problem that affects the functionality of the whole network. Moreover, the data exchange between the two parties (or nodes) takes place through the third party. As a result, all the nodes must trust the third party. Manzoor et al. [55] proposed a framework with a distributed cloud server and blockchain-enabled smart contact to ensure security and integrity of data, and a proxy reencryption technique is used while exchanging the data. e distributed cloud solves the problem of centralized cloud and SPOF. e smart contract enables the dynamic data exchange between the owner and the receiver with some preagreed policies and rules to ensure fair, secure, and trusted exchange. ese contracts are mined into blockchain for immutability and traceability. However, they utilized the elliptic curve cryptography-(ECC-) based implementation, and the communication and computation costs are high in their method. In addition to this, the authors also did not present any security validation of the framework.
Pan et al. [56] proposed a framework called EdgeChain for improving the scalability of the centralized cloud by deploying edge computing. ey used a permissioned blockchain that ensured only authorized nodes are part of the network. e credit-based resource management scheme (resource obtaining depending on rules, priorities, and past behavior), along with the smart contracts for monitoring, controlling, and regulating IoT devices behaviors with defined rules, is used. It also keeps track of resource pool and resource sharing. However, they utilized the centralized cloud server. As a result, the functionality of the system depends on the centralized cloud server, and they did not pay much attention to ensuring fair and trusted exchange of resources. is framework is expensive as edge computing has a complex infrastructure, which raises the question of maintenance.
e efficient and frequent computing-resource trading for edge-assisted IoT is still an open issue. e authors in [58] focused on data provenance as it would confirm the authentication of data and enable their reuse. ere is a private blockchain with different types of smart contracts, which guarantees provenance receipt to actual data in the cloud. e device registration contract (unique address), device provenance contract (authenticating device), data provenance contract (data are hashed and stored in blockchain along with a timestamp and public key), and traffic provenance contract (checking for valid data range, sampling interval, size of data for each sample, data rate, and the destination address) are used by them. All this interacts with a centralized cloud server that stores the actual data, whereas the blockchain stores only the device metadata. Furthermore, their work also did not pay much attention to fair and trusted data and the exchange between the owner and requester as well as the centralized cloud server. e work of Bahga and Madisetti [57] was more inclined towards IIoT resource management. ey proposed a framework called BPIIoT to provide trustworthy centralized cloud resources securely. e framework consisted of a public blockchain in which each IoT device would have an account and wallet for easy data exchange. e smart contract (with the rules and policies) eliminates third-party involvement. It also interacts with the centralized cloud where the actual data is stored. e blockchain keeps track of  Security and Communication Networks the inventories, manufacturing information of the product, and machine maintenance. Once a smart contract is employed and a transaction is made, it is mined into the blockchain; therefore, it becomes immutable and traceable. e proposed work utilized the centralized cloud and has employed public blockchain.
Huh et al. [11] worked on synchronization and communication of IoT devices when thousands of them are connected to a network, thereby ensuring scalability. ey proposed building an IoT system using blockchain. All the devices will be configured on the blockchain and smart contracts will be used for monitoring the behavior of the IoT devices. Meter contract would record the performance data of the IoT device and send them to the blockchain, whereas policy contract states about the working of the devices and key management technique are used to keep public key and signatures of the devices for device authentication. e devices do not have large storage to store data, and, for doing this, they utilized the third party which would compromise the security of the system. For both large storage and security, the cost will be very high and infeasible for small devices. Tables 1 and 2 show the brief overview of different data storage and management techniques used for IIoTbased system.
Zareen et al. [60] suggested the off-chain storage mechanism (i.e., IPFS) with the blockchain. e model utilizes the off-chain storage model for storing the IoT data and node credentials. Moreover, the blockchain is used to storing the hash that the IPFS provides. A prototype for the service model has been proposed between the consumers and service providers to share the services. Additionally, the secure hash algorithm (SHA-256) does the service verification. In case of dispute between the consumers and service providers, a smart contract is designed to resolve it. Similarly, Na and Park [61] proposed a protocol named FusionChain, which utilizes the IPFS to solve the storage issue faced by blockchain technology. eir mechanism adopts the practical byzantine fault tolerance consensus mechanism, which does not have high computational power for adding a new block in the blockchain nodes. Moreover, public key infrastructure-based encryption schemes are used for ensuring the security and privacy of IoT data. eir experimental results show that the computational power required for creating a blockchain is lower than those of the traditional platforms such as bitcoin and Ethereum. e paper in [59] proposed an IIoTdata management framework based on the blockchain and IPFS. e authors have suggested the proof-of-concept-based implementation to achieve better security for IIoT data that further utilize the IOTA protocol and IPFS. e data-handling unit, IPFS, IOTA Tangle, and IIoT data consumers are the central unit of their system. In this paper, the authors only provide the theoretical analysis of the suggested protocol. e authors in [62] suggested a decentralized architecture to incorporate the challenges faced by the smart cities, which is further based on the combination of IoT, smart contract, blockchain, and IPFS. e simulation of the proposed prototype is done using the Ganache CLI v6.9.1, Solidity v0.5.16, Truffle Suite v5.1.15, and Remix IDE. In this work, the authors discuss the prototype model and the results obtained from their simulations. However, they do not discuss the underlining work of the prototype model and cryptographic mechanism.

Industrial Sectors.
Wen et al. [63] proposed an improved structure of blockchain-based supply chain system (BSCS) which ensures the security of data, transparency, and access control policies in the chain by setting access policies to smart contracts. e BSCS consists of 3interdependent parts: supply chain management, supply chain network structure, and supply chain business process. In BSCS, attribute-based encryption (ABE) is used as the supply chain network to address data-sharing, information occlusion, and lack of supervision issues. Business processes are enabled by BSCS to determine which core processes should be connected and integrated into the supply chain system by using smart contracts. e entities of the system may interact with the network without manual operations and efficiently carry out the flow of goods by using IIoT as the process interface at the boundary in the blockchain. Early detection of SPOF issues in the network is also addressed.
Chen et al. [64] proposed a blockchain-enabled searchable encryption scheme for electronic health records (EHRs) sharing. It is a logical approach that ensures data integrity without additional verification, standardized auditing procedures, and some formalized contracts for accessing the data. is framework securely facilitates datasharing and provides much convenience to patients and also allows information-sharing among researchers. It also supports complex queries by different healthcare agents to request permission for accessing the records. A smart contract is used in the proposed work to trace rewards and transaction fees and also ensures that the owner of the data is paid as long as they reveal the transcript, which allows other users to search the database. e EHRs are created by data owners (human or organization). e data owner then constructs the index through complex logic expressions and creates a smart contract to describe how one can search the index and then it is stored in the blockchain for the respective EHRs. e symmetric encryption algorithm is used to encrypt the EHRs and is stored in a cloud server. e data owner authorizes the user who needs the required EHR. However, this scheme lacks the effective countermeasure to punish the dishonest and malicious entity.
Curbera et al. [65] focused on the use of blockchain for data exchange across the health ecosystem. Several cases of healthcare and life sciences are presented, including patient consent, outcome-based contracts, data exchange (related to the health), next-generation clinical trials, and payments and claims, where, by the adoption of blockchain technology, current practices can be disrupted and transformed. e authors proposed a blockchain-based architecture for providing the secure services for the above-mentioned use cases. Described architecture adds a layer of data encryption, and data access is restricted to authorized users only. Encryption of data stored on the ledger is done with a data key, and only authorized users are given access to the decryption key. e decryption key will be expired or will be no longer available to the user, when the access is revoked. Hence, privacy and security of data are achieved to a greater extent. Moreover, their framework achieves scalability and data integrity and provides more flexibility to the participating entities. e additional layer of encryption included in architecture adds to the overall latency of chain code calls. Suliman et al. [66] proposed a smart contracts-based blockchain solution to monetize the IoT data systematically with automated payment that does not involves the third party.
e proposed architectural design considers four components, each possessing Ethereum addresses: IoT device, device owner, MQTT broker, and customers. Furthermore, scripting of smart contracts is done using the Ethereum blockchain. e ether token (cryptocurrency) is used for payment purposes. e proposed system comprises code (written in Solidity language), which is used by device owners to set the rules, and conditions for automating the sale of the data of IoT devices owned by them. If the end-user wants to use the data, they can interact and call the smart contracts without the third party. Furthermore, an MQTT broker hosted in the cloud collects and aggregates the data generated by IoT devices. It also authenticates valid customers through the smart contracts. e hosting in the cloud environment of the MQTT broker provides scalability, reliability, and accessibility to all the customers with low latency. A payment (ether) that is based on use time of the device is directly deducted from customer balance upon successful data access and is sent to the IoT device owner. e gas consumption (ether) when a smart contract calls the function is paid by the customer. It is not debited from the funds within the smart contract.
Lombardi et al. [67] proposed a reliable, decentralized, and cost-effective infrastructure for trading energy, which was further based on smart contracts-enabled blockchain. Here, blockchain stores the energy transactions. Blockchain and smart contracts-based architecture is presented for transactive grids, which offers functionalities like managing energy trading policies, isolating devices with known vulnerabilities, carrying out energy auctions within the grid, and so forth. Security is improved in the presented work. Presented architecture also provides new relevant functionalities such as energy trading policy management. Tables 3 and 4 show the brief overview of existing IoTenabled industrial sectors.   [68] developed a framework that directly integrates the IoT and blockchain (Ethereum) without relying on the TTP. e food-chain application (monitoring the temperature of fish products) is considered as a use case. e solution is implemented in Ethereum-enabled smart contracts, and Web3API does the transactions on the real Ethereum network. In the proposed solution, devices do execute the mining procedure, and also there is no need to store the entire blockchain. Vangala et al. [69] presented the generalized architecture for smart agriculture based on blockchain technology. In this paper, the authors discuss the essential security requirements and the possible security threats for developing the smart agriculture system. After this, they provide the crucial functionalities and the various challenges that arise when developing the blockchain-based decentralized smart agriculture system. e generalized architecture of their system uses the cloud servers to maintain the full copy of the blockchain. Moreover, the future research challenges and open issues are also presented in the paper. Bera et al. [70] proposed an access control protocol for the detection and mitigation of unmanned aerial vehicles using the private blockchain in the Internetof-drones (IoD) environment. In this work, the authenticated transactions are collected by the ground station servers and a valid block is created based on the practical Byzantine fault tolerance consensus algorithm. e Real-Or-Random oracle security model, with the AVISPA as a formal security validation tool, is used for formally analyzing the protocol. e solution uses elliptic curve cryptography (ECC), hash functions, and a symmetric-key encryption algorithm to achieve mutual authentication between the drones and station servers and supports the session key agreement. Furthermore, the incorporation of blockchain provides the desired trust, decentralization of authenticated transactions, and desired level of security for IoD. Similarly, a paper in [71] designed an access control scheme named DBACP-IoTSG for the IoT-enabled smart-grid system based on blockchain technology. In this protocol, the sensitive data collected by the smart meters are sent to the service providers through public channels. To ensure the security of data, cryptographic primitives such as ECC and hash functions are used. After this, the service providers create a valid block based on the voting consensus mechanism. e security protocol is verified informally and formally based on the AVISPA validation tool, and it is confirmed that the protocol is resilient against various security attacks, such as smart meter physical capture attack, impersonation attack, and many more.

Big Data, Cloud Computing, and Network Security Management Techniques.
e functionality of resource-constrained IIoT can be extended using on-demand service provisioning schemes in which service providers can provide local lightweight terminal services via the network [72]. However, this poses various security challenges in untrusted distributed IIoTsystems as dishonest providers can deny service provisions or client can deny usage, for their own benefit. Tables 5 and 6 show the brief overview of big data, cloud computing, and network security management technique.
Xu et al. [76] proposed a blockchain-enabled fair nonrepudiation service provisioning scheme where blockchain is utilized as a service publisher and an evidence recorder. shows that the computational cost of service providers is 3.303 msec, and communication cost is 3040 bits ey used blockchain for recording the interactive evidence of service providers and IIoT clients. Each service is divided up into two nonexecutable parts and both parts are delivered separately via on-chain and off-chain channels. e larger part of the program is delivered off-chain to reduce cost and expose code. After recognizing evidence of this, the remainder is delivered on-chain for fair nonrepudiation purposes. A very lightweight service verification methodology using the homomorphic hash technique is designed, which can verify using only the on-chain evidence, and to resolve disputes between the clients and service providers, smart contracts are used. e work provides a scheme to tell whether a promised service has been provided or not but dispute resolution in case of storing massive amounts of data on servers has not been considered.
Bai et al. [77] proposed addressing security, trust, and island connection problems in decentralized manufacturing applications using lightweight blockchain-based architecture consisting of on-chain and off-chain networks. Distributed hash tables among nodes are used for off-chain network. e smart contract is used as a service contract between consumers and on-demand manufacturing service providers. e transactions are digitally signed for the admission control and activities like programmable licenses and so forth that are performed via the on-chain network, while storage and complex data processing is handled via the off-chain network. Although their scheme utilizes blockchain, the architecture is still partially decentralized.
Privacy and security are major concerns in large-scale IoT applications. Access authorization plays a critical role in resource-sharing and information protection. Access control using a centralized authorization server poses problems, such as SPOF. A blockchain-enabled decentralized capability-based access control (CAC) scheme for On-chain network used for transaction, off-chain networks used for other tasks the security of IoT devices has been proposed by the authors in [74]. ey have transcoded their model to smart contracts, and it works on the Ethereum private blockchain. A proof of concept has been built using Raspberry Pi devices as edge computing nodes that provide and access IoT services, and desktops and laptops serve as miners. Compared to centralized CAC, their work claims to have the following advantages: decentralized authorization which is important for heterogeneous, scalable, and dynamic IoT applications, mitigating performance bottleneck and SPOF by moving the intelligence and power from the centralized to the edge network with the fine-grained access control, and lightweight design using JSON-based capability token structure. e ongoing automation of industries and manufacturing processes termed Industry 4.0 uses machine learning (ML) on massive data collected from IIoT devices. Sensitive data are used for training the ML models, but they are prone to privacy leaks through adversarial attacks, man-in-the-middle attacks, and so forth.
Arachchige et al. [78] have introduced a framework called PriModChain which combines differential privacy, smart contracts (Ethereum blockchain), and federated ML to enforce privacy and trustworthiness on IIoT data. ey have used InterPlanetary File System (IPFS) for managing the data in an off-chain manner because it provides immutability and achieving the fast decentralization with secure peer-to-peer content delivery. Ethereum blockchain-enabled smart contracts provide transparency, traceability, and immutability. Federated ML has been used in which different models are trained on local datasets at different locations, and then their parameters are collected to create a global model. In this way, local datasets are not exposed. Python and socket programming are used for simulations.
Machine-to-machine (M2M) communication (communication between devices with limited or no human intervention) encounters mainly three problems: transparency (it is difficult to audit and make sure that private user information is not sent to the cloud), longevity (IoT devices are expected to work for decades, but they need the central Simulation result reveals that the performance of the system is better while increasing the number of users and load on the system entity that manages their state and communication protocols, so if the central entity stops supporting an IoT device it becomes vulnerable and may not work at all), and trust (IIoT transactions require the consumers to trust vendors and third parties). Hanada et al. studied the use of smart contracts for addressing these problems by designing and evaluating the automated gasoline purchasing (AgasP) application. eir work shows that transparency is achieved, since the transaction is done via a smart contract. In addition, longevity is ensured as the infrastructure is completely distributed and depends on the infrastructure of Ethereum instead of a centralized entity. e need for a trusted third party for payment is also eliminated as the payment is distributed via smart contract. All this helped to reduce the fees paid by the gas station for a typical transaction.
Because IoT data are inherently dynamic in nature, it is challenging to ensure data integrity for cloud-based IoT applications. Traditionally, the third party is used for data integrity verification, which is not reliable. Liu et al. [73] proposed a blockchain-based data integrity service framework for IoT data. eir framework has four parts: data owner's application and consumer's application, blockchain, and cloud storage service. e cloud is used to store the general purpose data (data owners) and a peer-to-peer file system for sharing the data between consumers and owners. ey have only implemented the fundamental functions of their proposed protocols, and their test environment is of small scale. e authors in [81] presented an access control scheme for the end-users based on the blockchain mechanism in the IIoT environment which further provides the data security and scalability to the system. In this protocol, the cipherpolicy attribute-based encryption scheme is used to encrypt the data gathered by the IoT smart devices, and then the encrypted data are forwarded to the gateway nodes. e gateway nodes create the partial blocks from the encrypted data and hand them over to the cloud servers. After this, the cloud server forms the full block based on the practical Byzantine fault tolerance voting mechanism and maintains the peer-to-peer blockchain network. e cipher-policy attribute mechanism allows the end-user to access the blocks from the blockchain. e simulation result captures the computation costs for the varied numbers of transactions in a block. Son et al. [79] designed a secure authentication protocol based on the blockchain for the telecare medical information system which consists of an IoT-enabled wireless body area network. e cipher text-policy attributebased encryption scheme is used as an access control mechanism to retrieve the data stored in the cloud server. erefore, only the authentic users can access the stored data. In addition to that, the scheme integrates the consortium blockchain (based on the proof-of-authority consensus mechanism) maintained by the health centers and local hospitals, which ensures the integrity of data and increases the trust in the telecare medical information system. e simulation analysis of the protocol shows that it achieves the desired security for the system and resilience against various security attacks, such as session key disclosure attacks and privileged-insider attacks. e authors in [82] created a cloud-based softwaredefined networking (SDN) framework which mainly consists of IoT mobile nodes, blockchain as a controller, cloud server, investigator, and authentication server. e mobile nodes encrypt the data packet based on the elliptic curve integrated encryption scheme and SHA-256 hashing algorithm and transfer to the cloud servers. In this scheme, the SDN controller maintains the blockchain (based on the proof-of-work consensus) to provide the evidence provenance further. e user registration and authentication, data encryption and storage, evidence collection from blockchain, and mining of evidence information are the main modules of their proposed system. Wu et al. [80] proposed a blockchain-enabled task offloading mechanism by leveraging the concept of edge and cloud computing paradigm. e proposed mechanism addresses the limited computational capacity of IoT devices and high latency problems when the gathered data are sent to edge or cloud servers through the public channel (an online mechanism). e mobile edge computing paradigm solves the latency problems, whereas mobile cloud computing servers solve the computational problems of the traditional IoT-based system. Furthermore, to minimize the response time and energy consumption of devices, this mechanism uses the energy-efficient task offloading algorithm, where the edge or cloud servers execute this algorithm depending on the application scenario, and the Lyapunov optimization technique is applied to reduce the computational and communication cost incurred by the different applications.

Healthcare Sector.
e healthcare sector is one of the promising areas of IIoT application. Recently, we have experienced a health crisis due to the newly discovered COVID-19 disease. e disease not only affects human life but also affects the economy of the country and world [83]. Although the recent advancement in the field of IoT and artificial intelligence (AI) brings about opportunities to win the battle against this disease, currently, the internet-ofmedical-things (IoMT) devices provide medical facilities to different healthcare organizations because of the availability of various wearable devices, biosensors, and wireless communication technologies. However, the IoMT system also faces privacy and security vulnerabilities, and the blockchain brings the hope that it can solve these problems. Dai et al. [84] studied the integration of IoT technology in the medical sector and tried to provide a solution for the various challenges that arise due to the COVID-19 pandemic. e proposed solution captures the five different perspectives of this pandemic: the origin of the pandemic, social distancing and quarantine people, hospital equipped with the Internet of medical devices, patient data, and remote telemedicine system. e authors also discussed how the proposed methodology fights against this. However, the proposed solution is only in early stage, and its actual implementation still needs to be investigated. e authors in [85] proposed a solution for sharing the medical data based on the attributebased cryptosystem and blockchain technology. e medical data are stored in the cloud servers in this solution, whereas Security and Communication Networks blockchain stores the storage address and medical-related information to provide easy access. e attributed-based encryption and signature scheme provides the end-user's data privacy, access control, and authenticity. To reduce the computation overhead, the cloud service does the decryption on the partial medical data. As a result, the overhead on the user side decreases but simultaneously increases on the server side and dependency on the third party. e paper in [89] proposed a protocol named MEdge-Chain, which leverages the concept of edge computing and blockchain for medical data exchange. e automated patient monitoring scheme is deployed on the edge servers, which provides the remote monitoring of patients and efficient retrieval of medical data. However, the computational and communication overhead increased while sharing the medical data with the other health entities. To solve this issue, the authors suggested a blockchain-enabled optimization model. e priority assignment model for the various categories of medical data (i.e., emergency data, patient confidential message, biosignals features) is designed based on the queuing model to effectively manage the entire health framework. e healthcare data are complex and heterogeneous in nature. e authors in [86] presented the blockchain and cloud-based solution to manage the Medicare data. e domain experts, including the lab technician and doctors, patients, and health insurance providers, are the three main components of this system. All these components access and provide their data to the cloud servers, finally maintaining the blockchain. e various cryptographic primitives are used in the solution to validate the user. If an end-user or patient wants to access or provide data to the blockchain, the request is sent to the blockchain, maintained by the cloud servers. It verifies the user, and, after the verification, a new block is proposed based on the transaction of the end-user. Once validation of the block is successful, it is added to the blockchain and notifies the enduser accordingly.
To provide security, confidentiality, and integrity in the electronic health record (EHR) system, Shahnaz et al. [87] proposed a solution based on the blockchain. e role-based access policy scheme leverages that only the trusted entities of the system can access the medical records. Here, the authors utilize the off-chain storage mechanism IPFS for storing the records. e advantage of using IPFS is that the duplicated files are not allowed, and the users keep only the hash of the file if they want to retrieve the file. Furthermore, the smart contract for the patient record is used, which is written in the Solidity programming language. e proposed solution provides the content-addressable storage system, medical record confidentiality, and enhancing the system's scalability.
e experimental result shows that the throughput of the system increases as the users and load (request) increase in the system. erefore, the system can maintain a linear relationship. Garg et al. [88] proposed a blockchain-based authentication and key-agreement protocol BAKMP-IoMT to provide secure communication between the cloud and personal servers and between the personal servers and medical devices in the IoMT environment. Once secure communication is established, the user can access the required information from the cloud server that maintains the blockchain network, which is further based on the voting-based consensus mechanism. To reduce the computation cost, the solution only uses the cryptographic hash and X-OR functions. e AVISPA tool is used for the simulation of protocol, and its formal analysis verifies that the solution is robust against the ephemeral secret leakage attack, privileged-insider attack, and so forth. Table 7 shows the brief overview of existing IoT-enabled healthcare sectors.

Future Research Challenges
e integration of IoT and blockchain brings about a variety of opportunities for the upcoming Industry 4.0 [90]. But, still, there are a number of challenges that exist, which need to be resolved before releasing the full blockchain-enabled IoT or IIoT system. Here, we mentioned some of the important open research challenges.

Resource Constraint Devices.
e devices that are used in the IoT and IIoT systems are mostly resource-constraint. ese devices have limited capabilities such as limited processing power and storage space. As a result, they are not directly suitable to deploy over the blockchain network as huge computational power and storage space are required. In addition, consensus algorithm such as proof of work requires the huge amount of energy and electricity for the mining process [4]; therefore, the algorithm that is based on this category (longest chain rule) is not suitable for the resource-constrained system.

Suitable Incentive Mechanism for Blockchain-Enabled
IoT System. e incentive mechanism is the core functionality of blockchain technology. e incentive mechanism based on the proof-of-work mechanism is not adoptable by the IoT system because it requires much computational power to solve the puzzles. Also, the block reward is halved after the mining of 210, 000 blocks [91]. erefore, considering the incentive mechanism which is suitable to the IoT or IIoT system is an open research question for the researchers.

Big Data Analytics Scheme.
e IoT system is generally used for data-related applications, where the devices generate a huge amount of multimedia data [92]. e generated data are stored in the cloud server in which the machine learning algorithm does the data preprocessing, data extraction, and data analytics. e average time taken by the algorithm varies from days to months. Moreover, privacy leakages, access control mechanisms, and so forth are the major issues associated with this scheme.

Scalability of Blockchain-Enabled IoT System.
e scalability of the current blockchain mechanism also limits the applicability of IoT and IIoT systems. e bitcoin system has low transaction throughput (5 to 7 transactions per second where average block time is 10 minutes), whereas the average block time for Ethereum is 15 seconds [93]. On the other side of the coin, IoT devices-based applications (such as smart healthcare) generate data very quickly. erefore, the current platforms are not directly suitable for the IoT or IIoT system.

Dynamic Security
Framework. In the IoT system, heterogeneous devices are connected ranging from low-power devices to high-power servers. erefore, a uniform solution may not work for all blockchain-enabled IoT systems. Furthermore, the security solution should consider the nature of the resource-constrained IoT devices, and it also meets the minimum security solutions of the end customers (or users) [22]. Hence, the design of an adaptable and dynamic security framework for the blockchain-enabled IoT (or IIoT) system is a good research area.

Security Vulnerability and Privacy Leakage.
e adoption of blockchain technology in the field of IoT surely improves the security of IoTsystems through encryption and hashing, which is the inherent mechanism of blockchain. But the devices are connected via the wireless communication system (mostly), and, due to the open wireless medium, they are suffering from the security breaches such as replying attack, eavesdropping, and jamming. In addition to this, the transactions in the blockchain system are done via the account address (or IP address). erefore, a certain level of anonymity is also achieved. But this scheme does not provide enough protection because it is cracked via the machine learning algorithm [94].

Advance Smart Contract
System. e traditional IoT system uses the centralized architecture, where the IoTdevices send data to the cloud server for processing. In return, the cloud server does the task and sends it back to the IoT device. e limited scalability is the issue associated with the centralized system. is platform is not suitable for those scenarios (e.g., a smart hospitalization system with automated payment), where the devices want to initiate the payments with their interest to others. Application logic contracts perform better for these requirements which allow the device to function autonomously and securely and further achieve greater automation and cheaper transactions.

Federated
Learning for IoT. Due to distributed and private datasets, the classical learning algorithm cannot be used for the IIoT. Federated learning provides a solution where devices perform the local training and send the result to the cloud for the global model aggregation. e key to using federated learning is that migrating a massive amount of data from the IoT device to a cloud or edge server is not required. However, using federated learning for IoT-based systems itself has various challenges; for example, a secure encryption method is needed to send the learning model parameters to other devices or servers. Moreover, to achieve better learning, a set of IoT devices must connect with the aggregation server under the communication constraint. is is the new research direction, and deep analysis is required to integrate the blockchain-enabled federated learning for resource-constrained IoT devices [95].

Our Observations
e upcoming Industry 4.0 connects the latest technologies such as blockchain, machine learning, cloud computing, and IoT for enhancing the productivity and efficiency of their systems [96]. Among those, the incorporation of IoT and blockchain is the latest topic for researchers. In this section, we discuss our observation for the state-of-the-art research, and that can increase the security and trust in the IoT (or IIoT) system. Along with the incorporation of blockchain and IoT, researchers also use artificial intelligence and machine learning algorithm for enhancing the efficiency of the system. e machine learning algorithm processes and classifies the huge amount of data generated by the devices.
Although only a few of the research papers discuss the machine learning algorithm in the IoTsystem, it is also a new research direction that could increase the efficiency of the IoT-(or IIoT-) based system. e state-of-the-art research used simulators such as Solidity and Remix IDE for simulating the smart contracts, and a few of them also used IPFS for storing the data in a distributed manner. e hyperledger fabric [97] is also a simulator where the researcher could incorporate the blockchain and IoT. In addition to this, researchers are focusing on an incentive mechanism that is adaptable in nature for the resource-constrained IoTdevices, because the existing mechanisms (e.g., those based on the PoW) are not inherently suited for these devices.

Concluding Remarks
e current internet-of-things-(IoT-) enabled industrial sectors are facing many challenges (e.g., security and privacy vulnerability, etc.), and blockchain technology brings hope that it can resolve the aforementioned issues without the trusted third party (TTP). In this paper, we have investigated the need for blockchain in IoT and industrial IoT (IIoT) and provided state-of-the-art research.
e state-of-the-art research is broadly classified into four major categories: data storage and management technique, industrial sectors, big data, cloud computing, and network security technique, and healthcare sector. In addition to this, the paper presents a number of future research challenges with observations that can be useful for the research community to proceed in the right direction.
Data Availability e data are available upon request.

Conflicts of Interest
e authors declare that there are no conflicts of interest.