Secure Calibration for High-Assurance IoT: Traceability for Safety Resilience
Traceable sensor calibration constitutes a foundational step that underpins operational safety in the Industrial Internet of Things. Traceability is the property that ensures reliability of sensed data by ensuring sensor accuracy is within a small error margin of a highly-accurate reference sensor. This is typically achieved via a calibration infrastructure involving a long chain of reference-calibration devices between the master reference and the IoT sensor. While much attention has been given to IoT security such as the use of TLS to secure sensed data, little thought has been given to securing the calibration infrastructure itself. Currently traceability is achieved via manual verification using paper-based datasheets which is both time consuming and insecure. For instance, when the calibration status of parent devices is revoked as mistakes or mischance is detected, calibrated devices are not updated until the next calibration cycle, leaving much of the calibration parameters invalid. Aside from error, any party within the calibration infrastructure can maliciously introduce errors since the current paper based system lacks authentication as well as non-repudiation. In this paper, we propose a novel resilient architecture for calibration infrastructure, where the calibration status of sensor elements can be verified on-the-fly to the root of trust preserving the properties of authentication and non-repudiation. We propose an implementation based on smart contracts on the Ethereum network. Our evaluation shows that Ethereum is likely to address the protection requirements of traceable measurements.
READ FULL TEXT