PSI - Issue 62

Fabio Severino et al. / Procedia Structural Integrity 62 (2024) 276–284 Severino et al. / Structural Integrity Procedia 00 (2019) 000–000

283

8

is tracked, made immutable, and non-repudiable. All the rules, permissions and constraints are encoded in a smart contract governing the processes, ensuring their enforcement. Through the mechanism of public notarization, the process is made externally auditable. In analogy with the previous use case, the classifications produced by the system are also tracked through the blockchain. The ledger stores: the version of the expert system used; the elements from the survey used as inputs to the expert system and that lead to a certain classification by the expert system; the result of the classification; and a compliance statement produced by an internal certifier. When the smart contract determines that a classification has been certified, a data lineage of the classification is generated from the data contained in the blockchain. Data lineage allows for the identification of the specific process execution that led to the production of the certified classification. Thanks to the mechanism of public notarization, it also becomes possible to conduct external auditing of the entire process without having to forsake the advantage of maintaining controlled access to the ledger data, which remains private. In other words, external agents can check that the process followed to obtain the classification is compliant with the appropriate guidelines, without necessarily having access to – possibly proprietary – detailed data. This further enhances the explainability, transparency, and trust in the outputs of the system, and consequently in the decision-making processes. 3.3. Trustworthy Structural Health Monitoring using Blockchain & IoT Structural Health Monitoring (SHM) plays a crucial role in safeguarding the integrity of critical infrastructure, providing essential insights into the degradation of structures over time. With the objective of preventing catastrophic failures, bridge health monitoring systems have become indispensable, enabling the early detection of potential failures and facilitating timely repair actions. Over the past decade, the integration of Internet of Things (IoT) sensor networks has improved SHM, offering a reliable and cost-effective way of collecting data for the automated monitoring of civil infrastructures (Hu et al. (2013)). Such sensor networks are installed on structures deemed worthy of in-depth monitoring, continuously sensing their physical condition to ensure operational safety and efficiency. The data collected from these sensors are often fed as input to AI models for time series analysis or other predictive approaches to assess the condition of the infrastructure and its evolution in the future. To ensure trustworthy results, it is crucial that both the AI models (the process) and the sensor data (the inputs) are themselves trustworthy. In our approach, this is obtained by using hybrid blockchain technology as a means to secure and validate the integrity of both the data collected by IoT sensors and the AI models used for SHM, thus providing a transparent, immutable and auditable record of the AI operations. In detail, the advantages obtained by this technique are as follows. The immutability of the blockchain ensures that once an evaluation of the infrastructure's condition is recorded, it cannot be modified or erased. This feature guarantees the data and analyses' integrity over time, providing a permanent record. Auditors can rely on this unalterable signed history to verify the authenticity of the data underpinning structural health assessments, thus bolstering the credibility of the monitoring process. Transparency is another significant advantage of this method. Selected evaluation data, reflecting the infrastructure's status as determined by the algorithms, can be made accessible for public scrutiny. This openness fosters a more transparent and accountable SHM process, instilling confidence among stakeholders in the assessments provided by the system. Moreover, the use of electronic signatures for the recording of data and evaluations ensures non-repudiation. Every piece of information logged is indisputably linked to its origin, facilitating automatic tracing of data authorship and evaluations generated by certified AI models. In the case of IoT devices, the signature is implemented in the data collection phase. Each IoT device performs a cryptographic signature of the data locally before it is transmitted avoiding the risk of man-in-the-middle attacks, where an unauthorized entity could alter the data in transit. The signing of the data is done using a private key securely embedded within the device at the point of manufacture. This private key is generated uniquely for each device. This signature serves as a verifiable digital fingerprint, unique to each piece of data and its originating device. When the data, along with its signature, is transmitted to the blockchain ledger, any recipient of the data can use the corresponding public key to verify that the signature matches the data. This verification process confirms that the data has not been tampered with since it was signed by the originating device and that it indeed comes from the claimed source. Variations of signature techniques are applied to data contributed by users (e.g., when overriding the decisions of AI systems). This clear