Achieving Data Integrity – Critical infrastructure and the IOTA MAM
The full article was originally published by Simon Jegelka on Medium. Read the full article here.
IoT is transforming every aspect of society. The increase of sensor data gives the opportunity to improve the way we are living. Data of traffic situations for example is used to help everyone to navigate their car more efficiently by finding the best route. IoT is not only integrated in the private sector it is also integrated in the public sector. Infrastructure is a good example for the increased use of IoT.
Critical Infrastructure & IoT
Public infrastructure is considered as roadways, bridges, airports and airway facilities, mass transportation systems, water supply, waste treatment plants, energy facilities, hospitals, public buildings and communication facilities (Moteff and Parfomak 2004). In water supply systems valves, the water treatment system and further elements are controlled and operated by a number of devices which collect data and adjust processes. Important bridges are monitored with innovative fiber optical systems to assess the condition of the structure in order to enhance the durability and to identify risks (Casas and Cruz 2003). Another example are dikes (levees), where early warning systems monitor dike conditions and prevent floodings (Krebs et al. 2016).
The collected data offer the chance to improve the system and at the same time increases the vulnerability. We have become more and more depended on the reliability and integrity of the system. Simon (2017) describes the case of the “Kemuri Water Company”, where hackers managed to manipulate the system to the point that the entire process became impaired. When we look at IoT systems several components can be attacked. There is sensory hardware which is embedded into the system. Data can be obtained or manipulated on the device itself. Afterwards the data is sent into the network. Again, several weaknesses occur. Databases can be corrupted or the interpretation of the data can be manipulated.
In the past it was invaluable for cyber criminals to obtain the data directly. In regards to critical infrastructures the focus can shift to manipulating data. This would misguide the user who is dependent on the information. A bridge that is at risk for failure could be falsely considered as being safe. Doctors in hospitals might initiate the wrong treatment based on false information. The more IoT is integrated in our critical infrastructure the need for temper-proof systems increases drastically.
Dikes (also: levees, embankments etc.) play an important role to preserve river banks and coast lines from uncontrolled flooding. They serve as a flood barrier in times of high water levels and costal surge. Therefor they are a good example of a critical infrastructure.
The implementation of dike monitoring systems to detect deterioration and damages before dam failures occur can be of great value. Unfortunately, these systems are still not fully developed and implemented. However, the necessity for dike monitoring systems is widely accepted and there are presently numerous systems under development (e.g. Krebs et al. 2016).
Dikes are primarily endangered by erosion, seepage, overtopping and slipping of the landside slope. Different intrusive dike sensors are suggested to monitor the situations such as temperature, pore water pressure, inclination (Thiele et al. 2008), moisture and textile deformation sensors (Krebs et al. 2016). External sensors, as in water level detection, are added to set the inner dike condition in relation to the external force.
The dike presented in figure 1 is built with a body out of sand filled geotextile tubes. These tubes are used to increase dike stability and thus create safety. The described dike structure with geotextile tubes was used to test several flood conditions. Film 1 shows the construction and test of the dike. The water level was increased incrementally to the point of overtopping.
The test undertaken were continuously monitored by several embedded sensor system. Film 2 shows the monitored seepage of water through the embankment. This data and additional information can help to detect critical conditions within the dike structure when they are monitored constantly.
IOTA Masked Authenticated Messaging
As stated above the more IoT is integrated into critical infrastructure, the need for temper-proof systems increases. The procured data is utilized in different applications. They all rely on accurate and integer information. In the case of dike monitoring the applications can be e.g. for dike maintenance, flood control or weather forecast.
The distributed ledger technology IOTA focuses on making data flow more secure and ubiquitous. It can help to build up a trusted data broadcasting structure to support the identified needs of critical infrastructure IoT. The applied feature of IOTA is the Masked Authenticated Messaging (MAM).
MAM is a communication protocol which allows to emit and access an encrypted data stream. It uses the core of IOTA, which is to send and verify transactions in a network by using a consensus mechanism (Handy 2017). While the transactions can carry a value or data, the consensus mechanism ensures integrity within the data flow (see part 3 in the following link).