Smart cities have emerged as a hub of intelligent applications (e.g., intelligent transportation systems, smart parking, smart homes, and e-healthcare) to provide ambient-assisted living and quality of experience to wide communities of users. The smooth execution of these applications depends on reliable data transmission between various smart devices and machines. However, the exponential increase in data traffic due to the growing dependency of end users on smart city applications has created various bottlenecks (e.g., channel congestion, manual flow configurations, limited scalability, and low flexibility) on the conventional network backbone, which can degrade the performance of any designed solution in this environment. To mitigate these challenges, SDN emerges as a powerful new technology that provides global visibility of the network by decoupling the control logic from the forwarding devices. The abstraction of network services in SDN architecture provides more flexibility for network administrators to execute various applications. In SDN architecture, the decision making process is handled by a logically centralized controller, which may have a single point of failure. An adversary/ attacker can compromise the controller using different types of attacks (e.g., eavesdropping, man-in-the middle attack, and distributed denial of service) in order to gain total control of the network by updating the flow table entries at the data plane or hindering control plane operations. Therefore, to cope with the aforementioned challenges, new strategies and solutions are required for securing the SDN-enabled network architecture at different planes and their associated interconnections. In this article, various security issues and different attack vectors are discussed along with possible solutions. To mitigate various attacks, BlockSDN, a blockchain as a service framework, for SDN is proposed. The architecture of permissioned blockchain is presented followed by two attack scenarios, 1) a malware compromised switch at the data plane and 2) distributed denial of service attack at the control plane, to demonstrate the applicability of the BlockSDN framework for various future applications. Finally, the open issues and challenges with respect to the design of blockchain solutions for SDN in smart city applications are also discussed.

中文翻译：

---

BlockSDN：智慧城市应用中的软件定义网络的区块链即服务

智慧城市已经成为智能应用程序（例如，智能交通系统，智能停车场，智能家居和电子医疗保健）的枢纽，为广泛的用户社区提供环境辅助的生活和优质的体验。这些应用程序的顺利执行取决于各种智能设备和机器之间可靠的数据传输。但是，由于最终用户对智能城市应用的依赖性越来越大，导致数据流量呈指数增长，这在常规网络主干网上造成了各种瓶颈（例如，信道拥塞，手动流配置，有限的可扩展性和低灵活性），这可能会降低在这种环境下任何设计解决方案的性能。为了缓解这些挑战，SDN是一种强大的新技术，它通过将控制逻辑与转发设备解耦来提供网络的全局可见性。SDN架构中网络服务的抽象为网络管理员执行各种应用程序提供了更大的灵活性。在SDN体系结构中，决策过程由逻辑上集中的控制器处理，该控制器可能具有单点故障。攻击者/攻击者可以使用不同类型的攻击（例如，窃听，中间人攻击和分布式拒绝服务）来破坏控制器，以便通过更新数据流表条目来获得对网络的完全控制平面或妨碍控制平面的操作。因此，为了应对上述挑战，需要新的策略和解决方案，以确保在不同平面及其关联的互连中启用SDN的网络体系结构的安全。在本文中，将讨论各种安全问题和不同的攻击媒介以及可能的解决方案。为了缓解各种攻击，提出了用于SDN的区块链即服务框架BlockSDN。提出了许可区块链的架构，然后介绍了两种攻击情形：1）数据平面上的恶意软件入侵交换机，以及2）控制平面上的分布式拒绝服务攻击，以展示BlockSDN框架在各种未来应用中的适用性。最后，还讨论了在智慧城市应用中针对SDN的区块链解决方案设计方面的未解决问题和挑战。