Blockchain: the distributed paradigm for secure metrology digitalization

Abstract

Digital transformation is causing products, production, and economic processes to change rapidly and dramatically. This new demand presents new challenges to the existing system of quality infrastructure. Industry 4.0 is a concept that describes the process of providing innovative products by using smart methods and procedures. This enables seamless asset lifecycle information, from plant concept to decommissioning, and digitally integrates value chains. It introduces many ideas that are relevant to taking advantage of these opportunities. These include machine-to-machine communication (M2M), cyber-physical system (CPSs), and the Internet of Things (IoT). M2M communication is the ability of industrial components to communicate. CPSs can monitor physical processes and create virtual copies of the world. They can also make decentralized decisions. Surrogate models, metamodels, and parameterized models could create virtual documents. These models are approximations of experimental or simulation data that can answer questions when direct measurement of the outcome of interest is not possible. With the further development of telecommunication, such a system has been embedded in the IoT field, which has become a concrete reality of everyday life. IoT is a lightweight network of "objects" such as devices, sensors, and actuators that can be connected to the Internet and communicate wirelessly. This structure aggregates and manages the data produced by the sensor devices on a head node that acts as the central administrator, e.g., a server. In such a network, physical and virtual entities share attributes and communicate. Due to their versatility, IoT systems have been used in many applications such as car accident remote monitoring, control of crops for smart farms, supervision of smart cities, home automation, and optimization in the energy market through smart metering. Different trust

concerns limit the widespread adoption of the IoT systems, related both to the specific capabilities of the devices and to the high grade of connectivity supported by the system. In the case of manufacturing and Industry 4.0, under the term Distributed Sensor Services, the authors describe such systems in terms of any physical measure that digitize real-world quantities as a sensor operation, also including complex instruments that combine multiple measurements, along with the (network-) interfaces to historical and current data, and the computational resources required for data processing. The interoperability of heterogeneous distributed systems is essential for automation purposes. Functional modeling of sensors and processing modules that provide a concise added value separate from proprietary implementations is required. Moreover, to ensure the system’s proper function, the devices and produced data must be considered reliable from the legislative and regulatory points of view. The widespread adoption in a unified European Market of such technologies is sharply limited by Trust concerns for IoT devices regarding reliability, traceability, integrity, the privacy of the data, and cybersecurity of software and hardware components. In a hyperconnected society, the need for improved quality and security of interconnected devices is crucial, especially if there is a strong interdependence with human activity. Interdependence so affects the different levels of machine and system development. It is utopian to think that a final product results from a single effort in a modern market. Often, complex products result from the cooperation of different suppliers (e.g., raw materials, hardware development, software development, development, and support of the ITC infrastructure). Each development phase is subject to review by the authorities in charge of market surveillance (e.g., National Accreditation Body, National Cybersecurity Authority, etc.). Although this procedure is necessary, manufacturers often perceive it as a strong brake on the competitiveness of their products by significantly increasing the time to market. The National Institute of Standard Technologies (NIST) identifies 17 technical trust-related- concerns for IoT adoption both in people's lives and in the enterprise’s environments. Trust in IoT includes four main specifications related to cybersecurity issues and data trust: Control and ownership, IoT certification criteria, Data integrity, and Security. All quality assurance processes such as certification, accreditation, and market surveillance must be digitalized to meet these challenges. All parties involved must be digitally connected and interoperable, and the network data flow needs to be traceable. One hindrance, in this case, is due to the fragmentation of legislation in the legal field. A procedure for the assessment of products and services is still being developed, the components of which are produced in different regions of the European community (e.g., a measuring device whose hardware is designed and certified in Italy, the firmware is developed and verified in Germany, the linked application is produced in Finland). While there is a strong need for a legislative effort at the community level to standardize and standardize the legislation relating to the safety and quality certifications of the products transiting the European market, on the other hand, a key aspect to consider is the means and technological infrastructures necessary to streamline and optimize the traceability and verifiability procedures of systems and products. In such a system, it should be considered that the stakeholders involved do not necessarily trust each other. The national authorities constitute a trusted third party for the individual states, but this assumption cannot hold in a community system.

Therefore, the development of an infrastructure based on a consortium of parties is required in which each information flow is available in a decentralized manner, i.e., not under the control of a single entity but of a community of well-known and trusted parties (e.g., Authorities and Governments) and accessible to the various market stakeholders. Product information must be tracked securely. A traditional database has some limitations in this sense suffering from a single point of failure, subject to date tempering. The approach based on distributed ledger technology (aka blockchain) solves a good part of these fundamental problems while presenting other significant challenges from a technical point of view. This thesis considers this technology's capabilities and challenges to achieve both data trust and traceability with digital certification as the point of trust. [edited by Author]