Secure Sensor Prototype Using Hardware Security Modules and Trusted Execution Environments in a Blockchain Application: Wine Logistic Use Case

Abstract

The security of Industrial Internet of Things (IIoT) systems is a challenge that needs to be addressed immediately, as the increasing use of new communication paradigms and the abundant use of sensors opens up new opportunities to compromise these types of systems. In this sense, technologies such as Trusted Execution Environments (TEEs) and Hardware Security Modules (HSMs) become crucial for adding new layers of security to IIoT systems, especially to edge nodes that incorporate sensors and perform continuous measurements. These technologies, coupled with new communication paradigms such as Blockchain, offer a high reliability, robustness and good interoperability between them. This paper proposes the design of a secure sensor incorporating the above mentioned technologies—HSMs and a TEE—in a hardware device based on a dual-core architecture. Through this combination of technologies, one of the cores collects the data extracted by the sensors and implements the security mechanisms to guarantee the integrity of these data, while the remaining core is responsible for sending these data through the appropriate communication protocol. This proposed approach fits into the Blockchain networks, which act as an Oracle. Finally, to illustrate the application of this concept, a use case applied to wine logistics is described, where this secure sensor is integrated into a Blockchain that collects data from the storage and transport of barrels, and a performance evaluation of the implemented prototype is provided