Blockchain-based decentralized trust management in IoT: systems, requirements and challenges

Internet of Things (IoT) vision has astoundingly transcended environmental sensing with integrated computing systems and smart devices, providing seamless connectivity among humans, machines, and their environment to cooperate for convenience and economical benefits. Apart from all the tremendous benefits of IoT, this paradigm still suffers from challenges of security and privacy vulnerabilities and demands a secure system for effective utilization of services in real-world IoT scenarios relying on which the IoT consumers expect secure and trustworthy communications. Trust Management (TM), which is a crucial aspect of security, plays a vital role in ensuring the exchange of information in a secure manner and maintaining the reliability of a system by measuring the degree of trust on IoT devices, reducing the uncertainties and risks involved in the systems. Thus, in recent years, Blockchain technology has been utilized for developing security innovations in TM field for different classes of IoT applications. It can provide tamper-proof data by enabling more reliable trust information and integrity verification, ultimately enhancing its availability and privacy when storing and sharing information. This paper provides a comprehensive survey that aims at analyzing and assessing Blockchain-based decentralized trust management systems (BCDTMS) for IoT. The contributions of this study are threefold; first, we provide the comprehensive and comparative analysis of state-of-the-art BCDTMS devised for different IoT classes such as Internet of Medical of Things (IoMT), Internet of Vehicles (IoV), Industrial IoT (IIoT), and Social IoT (SIoT). To make it an extensive study, we perform a detailed assessment of the existing BCDTMS in the literature in the aspects of Blockchain and TM. Second, we present requirements for developing Blockchain-based TM systems for IoT, and third we have highlighted the challenges in the context of using Blockchain for TM in various IoT applications.


Introduction
Internet of Things (IoT) has gained momentum and attracted industries and researchers by providing an enormous range of applications since it was first coined in 1999.IoT has the capability of connecting and integrating a massive number of smart devices (digital and physical entities), embedded with decision-making capacity and intelligence that assist machine-to-machine and machine-to-human communications by operating through ubiquitous connectivity.Initially, many IoT applications were designed for specific use with the boom in wireless technologies and advancements in both software and hardware.Applications of IoT have become more pervasive and IoT technologies have been migrated to be adapted for public use, thus, becoming indispensable in today's society as well as an integral part of our lives [1].In 2018, more than 8.4 billion connected devices were estimated to be in use worldwide and the number was predicted to exceed 20.8 billion by 2020, expecting the exponential growth of IoT devices to continue and take a huge leap by 2025 [2,3].IoT has numerous applications [4][5][6][7][8][9][10], that can be found in various fields for different purposes including healthcare (IoMT) [11], transportation (IoV) [12], Social Internet of Vehicles (SIoV) [13], industries, smart collaboration using social relationships (SIoT), maritime industry (Internet of Ships (IoS)) [14,15], smart farming (Internet of Agriculture Things (IoAT)) [16], and smart cities. Figure 1 presents applications in four different classes of IoT.
Although IoT paradigm is a fabulous technology providing tremendous services to its consumers, it still suffers from a number of noteworthy challenges that need to be addressed and thus have received increasing attention from the research community.A huge number of events generated by IoT objects, resource constraints of IoT devices, heterogeneous technologies of IoT, centralized IoT network architecture, and multiple attack surfaces are some of the intrinsic features of IoT.These features are making ubiquitous computing even more difficult while leading to a number of challenges including poor interoperability, scalability, energy efficiency, security, and privacy vulnerabilities.Moreover, time-critical IoT applications cannot be run on cloud-based architectures due to their limited security support which leads to unpredictable delays or insufficient bandwidth.For the implementation and realization of IoT scenarios in the abovementioned classes of IoT applications, privacy preservation, secure and reliable deployment of IoT, and trust establishment among things and services are essential.Traditional security mechanisms (also called hard security solutions) like access control and cryptography are used to address security and privacy in IoT by measuring the robustness of the system when external attacks are launched, privacy is breached, and inconsistent data is present.However, they fail to ensure the reliability of a system when the system's functionality is disrupted by insiders or malicious adversaries.Thus, to handle such a problem, TM (also known as software security solution) which can analyze the fluctuating behavior of nodes/entities in the system with the interaction instances is required.The notion of TM was initially introduced by Blaze [17].TM system is responsible for gathering all the information related to trust relationships and is also pledged to determine the reputation of an entity by using direct or indirect observations of the interactions that occurred in the past.Moreover, TM assists in securing and monitoring all the activities related to communications among IoT devices [18].
Trust is an attitude of a service beneficiary (Trustor) that has a measurable belief upon the service provider (Trustee), relying on the services provided by the service provider in a specific period of time without being agnostic about the deceitful activity.The concept of TM in IoT is essential in three cases [19]: -When participants (devices) are intended to collaborate with each other without previous interactions but rather in the presence of trust relationships of acceptable level among themselves.-When data is collected, stored, exchanged, and shared for the achievement of trustworthy data especially when large amounts of gathered data contain important information for critical decision-making.-Then it is essential to secure the sharing and storage of trust information (containing sensitive information about both parties) for its privacy, integrity, and confidentiality.
Some of the major benefits of TM mentioned in [18] which motivate the researchers to develop TM systems and protocols are as follows; First; compared to classical encryption and access control mechanisms, TM systems are more expressive and scalable.Second, TM creates a trust chain by using credentials and enables access control to services and resources so that access rights are propagated.Third, trust in TM is established in one particular device between two parties only as it is not a global concept.Fourth, to accomplish decision-making tasks, TM can be leveraged in many IoT applications for reliable secure routing, service composition, access control, and device authentication where TM is involved in reducing risk and uncertainty when different services are executed.
Over the past few years, research in the field of TM has been undertaken in several network environments including peer to peers (P2P), ad-hoc networks, social networks, clouds, edge computing, and IoT (scope of this paper).To overcome the challenges of heterogeneity and flexibility in IoT scenarios, researchers attempted to develop centralized TM mechanisms [20][21][22][23][24][25] in which a physical cloud or a participating IoT device is the centralized entity (authority), responsible for keeping the records of trust information about all the participating IoT devices.For example, to obtain the reputation score of the to-be-trusted node (TBTN), the trusted node (TN) has to interact with a trusted entity only.Moreover, TN can test the score obtained from the central authority against a self-calculated score, and upon the divergence of these two scores, the TN may decide to pass the reputation score to the central authority.The central authority (i.e., trusted entity) then decides to update its own calculated score [26].In contrast to centralized approaches, distributed TM systems [27][28][29][30] do not involve a central trusted authority but rather each IoT device is capable of performing the process of TM and trust computation is performed by relying on the information that is received either directly by the devices or received as the recommendations from the other devices in the system.For example, to get trust evidence about TBTN, the TN interacts with other nodes in the network, computing the trust value for TBTN using a certain formula on the basis of direct interactions with TBTN.In the semi-distributed TM systems [31,32], the process of TM is carried out by some selected set of devices that become the in-charge of processing the information (i.e., evidence) received for trust computation and dissemination.Table 1 demonstrates the critical advantages and disadvantages of centralized, distributed, and Blockchain-based TM systems.Blockchain-based TM systems overcome the critical flaws of centralized and distributed TM systems by offering several benefits such as the elimination of a single point of failure and the avoidance of data leakage.The trust behavior evidence and identity are traceable and interpretable.Moreover, the results of trust evaluation are convincing while preventing the malicious use of data, and thus, IoT trust relationships can be easily constructed.
Blockchain technologies have appeared to be overwhelming in bringing opportunities by providing a practical solution to overcome the challenges of IoT and to address many of the limitations of traditional IoT.Blockchain is a distributed database (ledger) that was introduced by Satoshi Nakamoto in 2008 for supporting a well-known crypto-currency called Bitcoin [33].Blockchain is comprised of transactions that are digitally signed, a cryptographic hash of the previous block, and a timestamp stored in a distributed and decentralized network [34].Conceptually, in Blockchain, data (transactions data or trust-related data) is first stored in a shared or distributed ledger and then, after performing computations (reading and appending data to and from the ledger), Blockchain reaches its consensus using various consensus algorithms (Proof of Work (PoW), Proof of Concept (PoC), etc.) and changes its internal state to new state.Blockchain is a technology that maintains a permanent and tamperproof record of transaction data which can be public, private, or consortium.There are two major benefits of leveraging Blockchain technologies in IoT [1].First, in order to ensure information security and data integrity in IoT-based scenarios, Blockchains use a hashing algorithm such as SHA-256, and thus immutability is assured by leveraging hash functions to chain blocks.Moreover, cryptography in Blockchain primarily focuses on ensuring the security of participants, transactions, and safeguards against double-spending.Second, the Validation of transactions is achieved by Blockchain in a decentralized manner without a third party which results in cost and bandwidth savings, negligible computational power, and ensured non-repudiation of transactions.Moreover, a single point of failure is prevented by maintaining a copy of the ledger (replicated histories of data) by each node of the network and simultaneous updating and validation of these copies, thus, also improving the system security and trustworthiness [35].Blockchain technology has several inherent features that make it well-suited for use in IoT.The features include decentralization, immutability, transparency and interoperability.Blockchain also offers some services and benefits for IoT such as smart contracts.Blockchain is based on a decentralized, peer-to-peer network, which allows for the secure and transparent exchange of information and assets without the need for a central authority.When data is recorded on a Blockchain, it cannot be altered, which provides a high level of security and transparency for IoT devices.Transparency increases corporate convenience (for certain cases) and ensures an audit record and a confidential workflow.Smart contracts, which are self-executing codes with the details of the agreement between the buyer and seller being directly put into lines of code, are made possible by Blockchain technology.Blockchain technology enables communication and data sharing between various IoT networks and devices securely and transparently.Blockchain technology permits encrypted data transmission between devices, ensuring the safe connection between them and allowing IoT devices to communicate and transact with one another within a trustless environment where the objects are connected to a network and communicate with one another in an unknown setting [40,41].
By providing a tamper-proof and decentralized method for storing and transmitting data, Blockchain technology can be utilized to improve the security and trustworthiness of IoT applications.To control access to the information and make sure that only authorized individuals can see or edit it, trust management can also be included.Furthermore, Blockchain and trust management can improve the overall security and dependability of IoT systems by preventing illegal access to and manipulation of IoT data.
There are few related surveys [36][37][38] that have investigated TM systems in IoT but there is a lack of profound work and analysis in the field of BCDTMS which directed us to incline our survey towards this field.In [36], the authors have reviewed existing research efforts of using Blockchain in vehicular IoT environments for different purposes including positioning, security, privacy, incentives, decentralization, and audit at different IoT layers.However, the detailed review and comparison of Blockchain-based TM systems for different classes of IoT are missing.In [37], the authors have conducted a survey considering centralized, distributed, and semi-distributed schemes for TM in IoT and performed a comparative study of these schemes on the basis of different applications of TM.Still, a detailed comparison of the most recent Blockchain-based TM systems is inadequate in this survey.Another survey [38] has provided a comprehensive comparative analysis of Blockchain-based trust and reputation systems in different fields of applications and business domains including E-commerce, crowd-sourcing, peer-to-peer networks, vehicular ad-hoc networks, generic multi-agents, autonomous systems, and education.However, this survey lacks a detailed review and in-depth analysis of Blockchain-based TM systems for IoT classes.In [39], the authors have conducted a comprehensive and comparative analysis of TM systems focusing only on the domain of SIoT.However, a thorough study and comparison of

BCDTMS for different IoT classes
In this section, we classify the BCDTMS into four classes of IoT including IoMT, IIoT, IoV, and SIoT based on their application in various IoT domains.In these four classes of IoT, TM is a necessary element and should be a part of the different IoT architectures.We have provided a comparative analysis of these systems by performing a detailed assessment and summarizing them in tabular format based on Blockchainbased and trust-based aspects.

BCDTMS for IoMT
IoMT is also referred to as Internet of Healthcare Things (IoHT) is an emerging technology that enables personalized e-health services by improving the patient's quality of life to achieve a healthier lifestyle without limitations on time and location.In IoMT, medical devices e.g., medical wearable and implantable sensors are interconnected through the Internet to provide real-time connectivity between medical staff and patients.A medical cloud is used to store a huge amount of medical-related data which is then distributed to enhance e-health systems.Also, the data collected by these devices is sent to the cloud (with medical professionals, e.g., doctors and nurses) for further analysis which includes diagnostic analysis and identifying and making appropriate treatments [48].Due to certain challenges such as extremely large attack surface, lack of encryption, and absence of trusted execution environment, however, IoMT networks are vulnerable to various types of security threats, posing vital risks to patients' safety and privacy.Since the data transmission between the patient and hospital contains sensitive information, it is mandatory to ensure security by deploying TM systems that can perform trust computations and monitor malicious nodes.Many attempts have been made to develop TM systems for IoMT using machine learning [24,49], Artificial Neural Network (ANN) [21], fuzzy approaches [50], game theory [51,52].Tables 3 and 4 show the Blockchain-based and Trustbased assessment for IoMT, respectively.
Weizhi Meng et al. [42] have proposed and designed a Blockchain-based TM scheme and leveraged Bayesian inference to protect healthcare organizations against insider attacks.In this scheme, Medical Smartphone Network (MSN) nodes are responsible for checking the events in the Blockchain as well as building a verified chain of malicious events.It is comprised of two layers; an MSN layer and a Chain layer.At the MSN layer interactions are performed among MSN nodes and the central server.At the Chain layer, a consortium Blockchain is constructed which enables each node to access the chain, check, and upload unwanted packet features.To evaluate the performance, the authors have conducted two experiments in collaboration with two different healthcare organizations.Their experiments have shown that the proposed Blockchain approach has efficient detection performance in comparison with other similar approaches with a reasonable workload.
Abou Nassar et al. [43] have proposed a Decentralised Interoperable Trust (DIT) model which is a Blockchainbased framework for IoHT systems.The general architecture of the DIT framework is comprised of different layers including the device sense layer, network layer, middleware layer, and application layer.The device sense layer is comprised of sensors and actuators capable of collecting and processing the information as well as performing other functions like querying location, temperature, motion, weight, humidity, blood pressure, etc using plug-and-play mechanisms.The network layer is comprised of gateways and network paths capable of collecting and securely transmitting the IoT data.The middleware layer is comprised of interposed sublayers including data analytics, Blockchain decision units, and databases.and service and application support layers.At the application layer, all the system's functionalities are exported to the end users.DIT framework follows three steps creating trusted virtual zones, executing the proposed framework, and aggregation and association relationships.In the first step, any newly joining device called a primary object, having a public-private key pair, can join the trusted zone by executing a secure transaction validated by Blockchain and using an identifier (i.e., group ID).In the second step, trusted primary zones are created by the Blockchain, the veracity of the primary and group IDs is verified, and the validity of the transaction is established.After zone creation, transactions sent by the members are verified by the Blockchain.The third step contains two types of relationships association relationship and aggregation relationship.The association relationship is the relationship between members in the same trusted zone whereas the aggregation relationship is the relation between the members in different trusted groups.The proposed model is validated by considering a case study of a smart healthcare scenario.
Bi et al [53] have proposed a decentralized medical trust management system using Blockchain-based federated learning for large-scale IoT systems so that scalable trustbased service management can be achieved for distributed IoMT devices.The proposed system can be used by health institutions for sharing data without revealing the privacy of data owners.Coalitions are formed by health institutions and the proposed proof-of-trust collaboration (PoTC) consensus protocol is used to elect the leader of each coalition.Weight difference game is used in the PoTC consensus protocol nodes are evaluated in the Blockchain using factors like trust consistency value, trust scores, and trust deviation.direct trust or recommended trust evaluations are used to obtain the trust of a node.An aggregator is elected by each leader elects who has the most credibility to manage the proposed federated learning system.The aggregator is the federated server whereas the leaders become the federated clients as well as validators.a consortium Blockchain is used in this proposed system so that the decentralization of nodes can be ensured.

BCDTMS for IIoT
IIoT brings billions of brilliant industrial devices that are capable of providing extremely detailed data in real-time through sensors that gather and share data, thus, enabling intelligent industrial operations with enhanced industrial safety and timely attention to maintenance issues through predictive maintenance, making processes more efficient, and opening up new revenue streams [54].IIoT enables digital communication between field assets and the enterprise by making machine data accessible to IT systems [54][55][56].IIoT has been applied in various industries including logistics, manufacturing, mining, shipping for efficient production lines, asset tracking, predictive maintenance, fleet management, warehousing, and customized manufacturing [57].Connected industrial devices make IIoT a desirable target for adversaries who seek to cause operational disruption and environmental contamination.Since data privacy is important in IIoT scenarios, trustworthiness remains an important challenge.The research attempts [58] have been made for securing IIoT by developing TM systems.Tables 5 and 6 show the Blockchain-based and Trust-based assessment for IIoT, respectively.Only a few attempts have been made in developing Blockchain-based TM systems for supply chain and IIoT which are described below: Lahbib et al. [19] have proposed and implemented a trust architecture based on Blockchain in which trust evidence is collected for each device and is stored securely by embedding them into Blockchain.These trust scores are shared with other devices in the network.It is composed of a number of manufacturing zones and each zone is comprised of a set of physical resources including IoT devices, ordinary sensors, etc., along with an authentication manager.It has three layers, such as a device layer, system manager layer, and application  [44] have proposed a three-layered TM framework called TrustChain, which operates on both agent and resource levels.A consortium Blockchain is used for tracking interactions among supply chain participants.It dynamically assigns trust and reputation scores on the basis of these interactions.TrustChain has leveraged the reputation model for the evaluation of the trustworthiness of entities and the quality of commodities by observing multiple supply chain events.TrustChain is composed of three layers including a data layer, Blockchain layer, and application layer.At the data layer, sensor devices are capable of producing supply chain data, trade events between regulatory endorsements and entities are recorded and message digests of data are sent in the form of transactions to the Blockchain layer where it is stored on the ledger.The Blockchain layer is responsible for the maintenance of the digital profiles for all supply chain entities and commodities.When transactions regarding supply chain events are recorded on Blockchain, Smart contracts are used in TrustChain to calculate the ratings for entities and commodities securely, efficiently, and transparently.A reward and penalty mechanism is also used at the application layer so that only trustworthy data is entered into the network.The application layer and Blockchain layer interact with each other for querying the trust and quality scores of entities and commodities respectively.A qualitative security analysis and performance analysis are performed which has shown TrustChain has produced minimal overhead.
Ghovanlooy Ghajar et al. [59] have proposed a fully distributed Blockchain-based architecture for industrial IoT for the enhancement of the trustworthiness of Fatemeh nodes by relying on trust management and reputation.A theoretical system architecture is introduced by using dynamic authorization management for users to secure network access but there are no numerical results.In this architecture, a private Blockchain is constructed by manufacturing devices to cooperate and share their data and resources in a fully distributed fashion.The trust node's consensus is used to make decisions that are fully distributed.In the proposed architecture, the significance and authority of nodes are determined by their behavior in the network, and depending on their PoW and PoS, the influence of the node's power is lowered.

BCDTMS for IoV
IoV and SIoV are two emerging technologies in intelligent transportation systems that are evolved from the integration of vehicular ad-hoc networks (VANET) and IoT.In IoV, vehicles, roadside units (RSUs), base stations, and pedestrians are connected to the Internet, enabling three types of communications; Vehicle to Vehicle (V2V), Vehicle to Infrastructure (V2I) and Vehicle to Everything (V2X) [60].Critical event messages are disseminated to the neighboring vehicles and RSUs with high accuracy and lesser time.Three types of life-threatening messages are transmitted including normal notification messages (e.g., driver status), safety notification messages (e.g., accident messages and environmental hazards messages) and exposure messages (e.g., messages broadcasted when attackers or adversaries try to attack) [61].
The event messages collected by RSUs are stored on the cloud server.Since sensitive information is broadcasted in the IoV network, message authenticity is crucial in both IoV and SIoV, and thus, effective authentication and authorization of nodes (i.e., IoV entities) can be achieved by using TM systems.A modern trend towards IoV is SIoV in which entities including vehicles, drivers, passengers, and infrastructure share information of common interests such as road situations, traffic information, vacant car parking slots, weather conditions, toll gates, and media sharing by developing social relationships with each other [62][63][64][65].Tables 7 and 8 show the Blockchain-based and Trust-based assessment for IoV, respectively.Some efforts have been made by the researchers in developing TM systems for IoV and SIov [66,67].Only a few attempts have been made for developing Blockchainbased TM systems for IoV.Chen et al. [45] have proposed a Blockchain-based system called DTMS, a decentralized TM system that is based on three models; trust evaluation model, Incentive Model (IM), and Blockchain-based Consensus Model (CM).Trust Evaluation Model (TEM) is comprised of rules for the calculation of the reputation values of each entity by observing and assessing their behavior.It works in four steps; In the first step called message classification, a base station is responsible for the collection of messages and grouping them on the basis of some attributes and they are broadcasted to other base stations for message evaluator selection.In the second step called evaluator selection, a number of evaluation candidates are selected through the calculation of attribute similarity of the message group and the vehicle node on the basis of each message group's index list, which was generated in the first step.In the third step called message quality rating, each message is rated according to each message group and its corresponding evaluator.A global rating result of the message is calculated by using Bayesian inference.The fourth step is trust calculation in which the trust credit of each vehicle is calculated on the basis of the rating activities of each node.In the incentive model, an IM is designed to reward a node.It consists of two steps, incentives for trust evaluators are conducted on the basis of trust credits and incentives for transaction validators are calculated as rewards on the basis of transaction-validating missions that are accomplished by the validators.In the CM updating the trust credit or incentive reward is considered to be a transaction and a group of transactions forms a block.The CM block generation and validation are carried out during the consensus process before appending to Blockchain.The authors have performed security analysis and performance evaluation of their proposed systems which has shown that its consensus design is efficient, throughput is high, and latency is low which makes it suitable for transportation environments.
Kouicem et al. [46] have proposed a hierarchical and scalable Blockchain-based TM protocol called BC-Trust which enables highly mobile IoT devices to assess and share trust recommendations about other devices accurately.Powerful fog nodes maintain the Blockchain.Heavy trust computations and storage of trust information are the responsibility of fog nodes.The architecture consists of five components including IoT service requesters, service providers, fog nodes layer, and Blockchain layer.IoT service requesters request services from other devices and service providers provide services to other devices.At the fog layer, the fog nodes are responsible for storing the trust values of service providers and managing the trustworthiness of these nodes in a reliable manner.The Blockchain layer which is maintained between fog nodes and service providers manages the trustworthiness of data that is reported by IoT devices.The proposed trust model calculates the trustworthiness of service providers by using recommendations and direct observations.The proposed BC-Trust follows 6 phases.In the first phase of identification, IoT devices are identified by using public and private key pair for each IoT device and fog node in the architecture which is generated by Public Key Infrastructure (PKI) authority and are stored in the Blockchain.The second phase is trust dissemination in which recommendations about the service providers are reported to the closest fog nodes periodically.The third phase is the trust assessment process in which Distributed Hash Table (DHT) is queried and the trustworthiness of each potential service provider is computed and updated at a particular time.The fourth phase is the computation of direct observation in which satisfaction level is measured.The fifth phase is the computation of recommendations in which recommendations are calculated using the trust values stored in the Blockchain.The sixth phase is block generation and consensus protocol in which validators are selected after the blocks are formed, Then transactions are checked by the validator and the validator sends pre-vote messages to the other validators if the block is correct.Upon receiving pre-vote messages from the other validator nodes, a pre-commit message is broadcasted to all the Blockchain participants.Singh et al. [47] have proposed a Blockchain-based decentralized TM scheme using smart contracts in IoV and have increased the transaction throughput and load on the main Blockchain by introducing the idea of Blockchain sharing.The proposed architecture has five components, such as RSUs, Vehicles, Traffic Authority (TA), Certificate Authority (CA), and Regional Authority (RA).The systems model works in the following steps: The system is first initialized by the TA by deploying a CA and assigning a number of RAs in IoV.In the second step, a vehicle passing through different regions is provided a set of short-term key pairs on the basis of information given by the public Blockchain and it is valid for that region.the trust values are collected by the regional authority and are stored on the local Blockchain against the temporary allocated address of the vehicle.
Wang et al. [68] have proposed a trust management system for IoV based on Blockchain technology and deep learning.First surrounding information is collected by vehicles and valid information is uploaded to nearby RSUs.The proposed distributed trust management system is used to motivate the vehicles to upload authentic and useful traffic-related messages so that their credibility scores can be increased and after completing them in the mining process they will be rewarded.Malicious vehicles are penalized by decreasing their credibility scores upon uploading false messages.Vehicles with credibility scores less than a threshold are not allowed to send any message in the network.The proposed Blockchain-based TM mechanism allows only those vehicles to participate in the mining process who meet certain criteria.Whenever a traffic-related message is uploaded, it is verified by an RSU and the vehicle's credibility score is updated.The authors have designed a Proof-of-Trust (PoT) algorithm based on the Proof-of-Stake (PoS) consensus algorithm to help vehicles with high credibility scores win in the mining process.To record this transaction, the winning vehicle then generates a block and then broadcasted to all vehicles in the IoV.Fast and reliable authenticity verification for uploaded messages is achieved by using deep learning technology to the overall mechanism.The deep learning model is pre-trained and deployed on RSUs.When a message is received, the trustworthiness of that message is verified and validity is determined by RSU based on various attributes including speed, vehicle type, location, and the reporting vehicle's historical behavior.

BCDTMS for SIoT
The idea of socialization between objects was first introduced by Holmquist et al [69] in 2001 and the concept of SIoT was announced.In SIoT, smart physical objects become socially conscious and autonomously establish relationships with other objects on the basis of their common interests, communities, and social circles.Trust is vital in SIoT, since the concept of SIoT has adopted features from human social networks.and thus, social objects are capable of handling social relationships by replicating the human innate behavior and forming communities by making relationships more stronger using intensive interactions [39].In SIoT environment, trust is evaluated on the basis of social parameters and social relationships like Parental Object Relationship (POR), Co-Location Object Relationship (CLOR), Co Work Object Relationship (CWOR) as defined in [70,71].Researchers have attempted to propose some TM systems/schemes for SIoT [72][73][74][75].However, there are only two Blockchain-based TM systems which are described below: Tang et al. [76] have proposed a Blockchain-based decentralized trust framework, called IoT Passport, for crossplatform collaborations in which the concept of a modern passport is adopted.The proposed framework is comprised of three layers; the perception layer, the network layer, and the application layer.At the bottom, the perception layer has three components including authentication, authorization, and trust.The authentication component is responsible for giving a unique identity to each device across all the participating platforms over the Blockchain.The authentication component is responsible for the management and enforcement of policies by using smart contracts over the Blockchain.The trust component with the aid of Blockchain gives the guarantee that an IoT device is reliable and secure by establishing trust relationships among IoT devices during collaborations.In the middle, the network layer has two modules, trust-based collaboration, and hierarchical trust synchronization.Trust-based collaboration module is responsible for providing automatic collaborations among IoT devices.The hierarchical trust synchronization module has three components, trust relationship, trust domain, and hierarchical synchronization.The trust relationship component represents the trust degree between two entities by including direct and indirect trust.The trust domain represents an area for collaborators to trust each other and share data, containing different datasets.the component of Hierarchical synchronization consists of Local Blockchain (LB) and Global Blockchain (GB).At the top, the application layer has a collaborative IoT services component which is a collection of essential services.IoT passport has three kinds of Incentive policies including service-based incentive policies, capability-based incentive policies, and ecosystembased incentive policies.
Amiri Zarandi et al. [77] have proposed LBTM for Social IoT which is a lightweight Blockchain-based trust management system in which social information regarding IoT entities from the network is utilized.A Blockchain technology is used to provide an automated decentralized framework for trust evaluation process.In the proposed framework, a trust database is maintained on the basis of the past behavior of a system and IoT nodes work together.The trustworthiness of another node is evaluated by a trustor node whereas, the node that has been evaluated is called the trustee.In the proposed system, any client can register as an owner who can also add devices to the system.The Social Analysis component follows some steps to evaluate trust.First, a request is sent by the trustee to the Blockchain which validates the identity of the trustee.Then trust value is assessed by the smart contract using a trust evaluation algorithm.Finally, a result is sent to the trustor and trustee based on the trust threshold.The feasibility of the proposed framework is shown by implementing a proof of concept demonstration on Ethereum-based private Blockchain, and the results have shown high performance in the success rate metric for detecting untrustable nodes.Accuracy and cost efficiency are the metrics used to evaluate the performance of the proposed solution, and they are also compared with the existing frameworks.

Requirements for Blockchain-based TM systems in IoT
In this section, we highlight the requirements essential in adopting Blockchain technology for TM in different IoT domains.

Scalability
The scalability of a TM system refers to its capability to expand and adapt easily to the increasing number of IoT devices or participating nodes in the IoT network without affecting its performance.The growing number of connected devices and sensors require the TM system capacity to be able to adapt to growing amounts of trust data [78].Since the number of interacting connected devices in an IoT ecosystem is growing rapidly, a Blockchain-based TM system should be highly scalable by design to accommodate a large number of participants.Moreover, it should be scalable in terms of computing and storing trust values, which in turn demands the high performance of the system while minimizing the communication overhead and computational complexity for TM.

Adaptability
The adaptability of a TM refers to its ability to adapt to changes in a dynamic environment.A Blockchain-based TM system should be adaptive and Flexible in IoT environments.To accommodate dynamic trust relationships and evolutionary policies, TM systems are required to frequently update themselves.TM systems should be adaptable so that newly joining IoT devices can quickly build their trust relationship towards other devices with desired convergence behavior and accuracy.

Accuracy
The accuracy of TM system refers to the validity of the trust information.A Blockchain-based TM system should accurately identify malicious and malfunctioning objects, predict the quality and behavior of objects, and then calculate the trustworthiness of objects accurately.Accurate detection of selfish and misbehaving objects will result in their revocation or punishment that ultimately increases the performance of the TM system.

Context awareness
The context awareness of TM systems refers to the ability to gather situational and environmental information at any given time and adapt behaviors accordingly.Context-aware TM systems utilize different contexts (time, location, residual energy, etc) to calculate the trustworthiness of an IoT object.TM systems should consider the multi-service characteristics of IoT objects and the current context and resource capabilities of these objects while evaluating the trust level of an IoT object.This is because the trust relationship among IoT objects is greatly influenced by context data dependent upon the object, network, and application.TM system They should be dynamic, event-driven, and continuously updated [79].Considering context data for trust calculation will make it more accurate and the trust value will be more relevant and realistic [79].TM systems should also contain incentivization strategies to motivate and encourage the participating IoT objects to provide reliable trust feedbacks and punish the selfish behavior of some participating objects.

Security and privacy
The security of TM systems refers to the protection of trust-related information from malicious manipulation and corruption while allowing it to be accessible and productive for the other participating IoT objects.Although Blockchain technology can guarantee the integrity of data when IoT is integrated with Blockchain, a serious issue arises related to data reliability from IoT devices in cases where malicious data is received from IoT devices.Data can be corrupted due to the failure of IoT devices, such as fake devices or hacked IoT networks and devices.Hence, there is a need to ensure data integrity while sharing and storing trust information in a secure manner in Blockchain-based TM systems by finding a secure way of integrating Blockchain with IoT systems.Furthermore, non-repudiation of data should be ensured in Blockchain-based TM systems to handle bogus message attacks and replay attacks, and there is a need to detect false information by evaluating the trustworthiness of nodes and data.In case of false information attack in VANETS, for example, traffic jams or severe road accidents can happen if a malicious vehicle reports false information about vehicle position or the traffic condition.Blockchain-based TM systems should be secure enough so that they cannot be attacked by possible bugs and malicious and selfish devices which can cause security breaches.
The privacy of TM systems refers to the maintenance and protection of sensitive trust information, e.g., trust feedback and recommendations, trust scores, or credits, as well as the identity and sensitive credentials of the sender.Although Blockchain successfully addressed the privacy of data issue over its network, privacy issues may occur when Blockchain technology is integrated with IoT.It becomes problematic when a consistent relationship is needed to be maintained between IoT devices due to the dynamism of the system.This inconsistent relationship or interaction may result in inaccurate trust evaluation.In Blockchain, moreover, every block shares the same information, which is beneficial for the immutability of data, but it creates user anonymity issues.Hence, there is a need to protect the privacy and confidentiality of information in Blockchain-based TM systems by storing trust-related data and other credentials in a private manner so as to avoid any privacy breaches.

Efficiency
The efficiency of TM systems refers to Blockchain-based TM systems should calculate the trust values in an efficient manner without delay, especially in IoT scenarios where low latency is critically required.It should also determine the trustworthiness of a warning message in both congested and sparse conditions in an efficient manner [80].To make a TM system more efficient, it should be decentralized i.e. do not rely on a central authority for countering trust-related attacks and malicious manipulations.It should be self-healing selfpolicing and self-configuring TM system

Robustness
The robustness of TM systems refers to the ability to function properly under all circumstances and to detect, fix or recover and deal with vulnerabilities and unexpected inputs.
Trust systems are more robust when they are less vulnerable to attacks.Blockchain-based TM system should be robust and resistant against trust-related attacks, such as ballot stuffing, slandering, or bad-mouthing, whitewashing, and self-promoting, and Blockchain-related attacks that can disable the trust model, deceive the trustworthiness evaluation, and ultimately hijack the availability of TM services.Thus, the TM system should guarantee the availability of TM service by handling a wide variety of attacks.

Reliability
The reliability of TM systems refers to the continuous functional availability of trust scores and trust feedback.Blockchain-based TM systems should be highly reliable and resilient to attacks.A TM system should be able to calculate reliable trust values and store trust information regarding IoT objects while ensuring that it is not corrupt with reduced security overhead.It should also be resilient in calculating local and global trust computations against dishonest feedback and malicious manipulations.It should contain a reliable system to register and revoke IoT objects Table 9.

Open challenges for TM in IoT
In this section, we identify open research challenges that need to be addressed while developing block-chain based TM systems for IoT applications.We have also identified some research questions for each challenge (see Table 5).

Trust calculation of multi-service IoT objects
In different IoT scenarios, IoT objects/devices/nodes can have dynamic interactions with other objects in the network involving different cooperative services.To provide cooperative services, IoT objects consume their resources with varying costs.The IoT objects behave differently in different contexts, and they might be discriminative in cooperation with other objects in the network [29].Thus, the trust of any IoT device in any of the three classes of IoT (IoMT, IoV, SIoT) is influenced by the context either positively or negatively.Moreover, the social concept of trust is also context-dependent in SIoV and SIoT environments where IoT objects are socially aware and can handle social relationships.Most of the existing TM systems/schemes and Trust models assume that in all circumstances objects have the same behavior in providing services, though it is not true in real-time situations.For highly heterogeneous IoT environments, it is thus, very challenging to evaluate the object's trustworthiness in the same trust model where objects are providing different types of services.Consequently, to avoid the degradation in trust estimation accuracy, a context-aware and a multi-service approach should be considered by TM systems [31] where trust is evaluated by assessing the behavior of IoT objects in providing services in a specific context (time, location, residual energy level, etc.).

Availability of TM service
In IoT scenarios, where there are a vast number of service providers, IoT objects (service requesters or clients) are seriously concerned about the identification of the most proper service providers.In dynamic environments of IoT, it is vital for enabling consumers to select trustworthy resources since confidences for users are not enough for recognizing trustworthy service providers and dishonest service suppliers are capable of tricking the unaware clients or service requesters [81].In such a situation, TM plays a significant role in evaluating and managing the trustworthiness of services.For the trust assessment or trustworthiness calculation of an IoT object, effective TM is provided by TM service in which the past behavior of an object is utilized.

Collaborative service protection
In IoT or SIoT environments, smart social objects collaborate with each other to achieve a common goal [70] where the diversity of services is offered and shared.Collaborative communications among the participants can happen for resource sharing where only a few are known to each other and the others might be unknown.For the sake of collaboration, however, they need to trust each other, and the objects need to evaluate the reliability of each other before assigning them access rights to their services and resources.There are also malicious objects within the collaborative network that can threaten the shared resources and services offered by other objects [82].There may be a transactions repudiation by resource payers who can refuse to pay the reward or resource payees may provide the resources according to their promises by behaving dishonestly during the trading process [83].Even more, it is a possibility of experiencing internal attacks from partners who can act maliciously by either providing multiple misleading feedbacks when the collaboration happens or by behaving good and bad in an alternative manner (i.e., on-off attacks).Thus, it is very challenging to protect the collaborative service due to the joining of new objects and leaving of the old objects from the collaborative network.This mobility of objects such as in IoV scenarios, and alternative behavior of objects make it a significant challenge for TM systems to distinguish between malfunctioning objects and on-Off attacking malicious objects.The revocation of attacked/compromised objects is an essential aspect, but it is very challenging to efficiently revoke the hacked objects and disable their data access and authentication.

Establishing trust in a scalable manner
The number of interacting IoT devices in an IoT ecosystem or its other classes like IoV is growing widely.TM systems aim to establish trust among the participating IoT objects.The existing TM systems or trust models are usually centralized and are prone to scalability and security problems.A Blockchain-based TM system can handle a large volume of transactions while supporting a wide range of applications.However, the scalability in a Blockchain-based TM system is a challenge with a four-way trade-off [84].Many of the existing Blockchain-based systems only achieve part of the four properties including decentralization, latency, secu-rity, and scalability while compromising on the others.For example, TM systems utilizing the permissionless design of Blockchain with PoW consensus algorithms suffer from poor scalability but can provide good decentralization with highsecurity fidelity.An oversized chain negatively affects the performance by increasing synchronization time for newly joining devices [85].Thus, it is a significant challenge to develop TM systems or model that provides a secure mechanism for storing, updating, and distributing trust information between IoT devices in a reliable and scalable manner.

Incentive based TM system
In different IoT scenarios, certain assigned tasks, such as delivering messages, uploading data, forwarding files, etc, are accomplished through the cooperation and selforganization of IoT devices or objects.Moreover, in some IoV scenarios, connected vehicles are sometimes strangers and need to interact for the sake of robust data transmission.Nevertheless, some of the IoT objects are self-interesting and selfish in nature and strategize to pursue their own welfare, refusing to cooperate due to their own concerns on bandwidth and energy consumption which ultimately results in losing the system goals like robustness.So, to motivate and encourage honest objects instead of being selfish and compelling malicious objects to cooperate as far as possible, a concept of incentives or rewards has been introduced by the researchers.Incentive mechanisms are becoming an important tool to incentive IoT objects to do the right thing, or for behaving well and contributing to the network in a positive manner.To handle internal security problems by detecting the objects which do not behave well in various scenarios of IoT like IoMT, SIoT, IIoT, and IoV, TM plays a vital role and thus many TM systems/schemes have been put forward for different IoT applications.However, most of them have focused on trust calculation and usually neglect the selfishness of objects while assuming that the objects will always cooperate.A trusted incentive mechanism based on reputation involves reputation as an incentive pattern where the trust value of an object is reduced upon behaving badly or selfishly.To guarantee that the network resources are utilized effectively and to create a secure network environment, incentive-based trust mechanisms are required.However, it is very challenging to develop fair incentive TM mechanisms for IoT due to heterogeneity in device resources, scale, lack of central control, multiple attack surfaces, context-aware and situational nature of risks [86].When adopting Blockchain technology for TM in IoT, developing incentive mechanisms becomes more challenging due to selfish mining attacks [87] and Machine learning-based attacks [88].Firstly, the majority of IoT objects are resource constrained and it thus becomes challenging as mining is particularly computationally intensive and time-consuming whereas most IoT applications require low latency.Secondly, since miners are in competition to earn the associated reward with each block, they can behave selfishly such as attacking in an unfair way and keeping (hiding) the mined block for a certain period of time, which helps the selfish miners to achieve more than they are nominally entitled to and which is more than their expected and fair reward.

Security and privacy preservation in Blockchain-based TM system
The integration of IoT and Blockchain technology for TM ensures that the trust-related data in the chain are immutable, however, when trust data (such as feedback, recommendations, trust scores, or credits) arrives already in corrupted form, it will stay corrupt.Apart from malicious and selfish IoT objects, many factors like environments, vandalism, participants, and failure of IoT devices can affect the data, and thus the corrupted data can arise from many different situations.Sometimes, sensors and actuators fail to work properly from the start or sometimes it changes their behavior after working properly for sometimes and this situation can only be detected when the device is properly tested [85].In addition, IoT devices are more likely to be hacked due to the lack of firmware updates.Moreover, Blockchain is still vulnerable to a massive range of attacks including finney attack, vector 76 attack, 51% attack, selfish mining attack, Sybil attack, etc [34].Blockchain security can also be broken by quantum computers that give an opportunity to adversaries and hackers (equipped with quantum computers) to forge signatures and sabotage transactions [89].Thus, it is challenging to ensure the reliability of Blockchain-based TM systems.
Most of the data in many IoT applications is confidential data where it is linked to a person for instance in an e-health scenario.In such scenarios, the privacy of the owner should be preserved and it is essential to secure sharing and storage of trust information.When Blockchain technology is adopted in sensitive IoT applications, however, the inherent transparency of Blockchain naturally poses a challenge, and then Blockchain scenarios are still facing diverse privacy challenges [90].Therefore, it is challenging to develop Blockchain-based TM systems that can also preserve the privacy of the objects who have provided recommendations or reputation values/scores regarding other objects.Even though some solutions, such as zero-knowledge proofs, state channels, side chains, etc, are proposed in the literature [91], developing TM systems with such solutions is still not investigated.

Conclusion
The IoT paradigm with its vast intelligence and services has significantly improved our daily lives by managing our homes, cities, transportation, healthcare, and industries.IoT is still facing a number of challenges and Blockchain technology is found to be promising in addressing many of the limitations of traditional IoT.TM in IoT aims to identify and counter the selfish behavior of nodes that traditional security measures fail to detect.The weaknesses of centralized TM like a single point of failure, creating a bottleneck, and jeopardizing scalability, however, make the researchers move to the idea of Distributed TM.Blockchain technology with its characteristics of decentralization, security, immutability, and traceability is highly endorsed and appraised for TM in IoT.Developing effective and efficient TM systems for IoT is still a challenging issue because attackers always try to compromise the correct assessment of the IoT devices, making it crucial to handle malicious manipulations in a secure and robust manner.Moreover, exchanging a large number of messages in managing trust information requires higher energy consumption which makes TM process a challenging issue.In this paper, we provided a comprehensive comparative analysis of state-of-the-art BCDTMS devised for different IoT classes including IoMT, IoV, IIoT, and SIoT.We also identified and presented essential requirements and critical challenges in the context of using Blockchain for TM in IoT.This research study will be beneficial for researchers in the TM field to better understand the requirements for integrating Blockchain and IoT to devise and develop efficient and robust TM solutions.Challenge questions highlighted in this study will also give the research community new directions in developing robust TM schemes and systems in a decentralized manner.right holder.To view a copy of this licence, visit http://creativecomm ons.org/licenses/by/4.0/.

Table 1
Critical flaws and potential benefits of centralized, distributed and Blockchain-based TM systems

Table 2
Summary of related surveys on TM in IoT

Table 3
Blockchain-based assessment of BCDTMS for IoMT

Table 5
Blockchain-based assessment of BCDTMS for IIoT At the device layer, IoT devices are capable of collecting and processing information.They are also capable of performing different tasks including querying and gathering data etc.Systems manager layer is responsible for performing computations, verifications, and analysis of the trust-related information.It has three entities; trust manager, authenticator, and miner.The trust manager is responsible to establish a trusted and reliable environment to prevent any trust-related risks.IoT devices can interact in such a trusted environment.Thus, data is obtained in a reliable manner, and decisions are made according to the calculated trust scores.The authenticator authenticates the smart IoT devices by using their credentials.Processing and verifying the authenticity, validation, and integrity of trust records and details related to transactions are the responsibilities of the miner.Simulation results show that the proposed systems are deployable, suited, and feasible for different IoT environments.Malik et al.

Table 6
Trust-based assessment of BCDTMS for IIoT

Table 7
Blockchain-based assessment of BCDTMS for IoV

Table 9
Future directions How to maintain the stability of the network and efficiency and functionality of the systems with the increasing number of IoT devices and how to automate the trust establishment in a highly scalable manner?-How to calculate the reputation of newly joining devices and avoid miscalculation reputation scores in the case of the sudden surge of devices joining and leaving the network?
The classic TM tactics, involving Service Level Agreement (SLA), are not adequate for trust establishment between service consumers and service providers.Most of the literature has focused on the definition and evaluation of trust relationships among IoT objects.However, a robust trust model that ensures the availability of TM service is still missing.It is thus, a significant challenge to develop a TM system that guarantees the availability of TM service because heterogeneous IoT objects are vulnerable to a wide variety of attacks.When such attacks are launched, IoT objects stop providing reliable trust feed-backs and malicious objects start giving misleading feed-backs intentionally.Moreover, it is also very challenging to determine the credibility of trust feedback where the interactions between service providers, service requesters, and cloud providers are overlapping.