Blockchain vs Smartcard for Securing Odometers and Tachographs

Odometers and tachographs are vital measurement devices for vehicles. They have legal purposes and are vital to ensure the safety of the operation related to a car, a bus, or a truck.

An odometer measures the mileage of a car. It is a critical component that gives information about the history of a vehicle. Obviously a one-year-old Mercedes “Class S”  with 8,000 km on the odometer won’t be perceived the same as if it had 160,000 km.

In the case of a tachograph, it is even worse. The tachograph is an instrument that monitors the speed, mileage, and driver’s activity over time. It is used to make sure that the bus or truck drivers do not drive more than the maximum time allowed and take required breaks, so as to prevent accidents and for legal purposes.

There are many ways that odometers or tachographs can be altered and tampered with. For example, bus drivers can place a magnet to fool the vehicle and make it believe it’s stationary, thus possibly damaging other parts of the vehicle. These malpractices obviously allow some rogue companies to gain an unfair commercial advantage.

To prevent drivers, mechanics, or other people from fraudulently modifying the data in vehicles’ odometers or tachographs, there are two possible technologies:

  1. Smartcard technology, which provides smartcards of different types to the members of a car, bus, or truck when their vehicles are equipped with digital tachographs or digital odometers;
  2. Blockchain, which is a newer technology that provides immutable storage of the tachograph data which can also be merged with GPS.

Odometers and Tachographs Smartcards

Tachographs smartcards are older technology. There are usually four smartcards used:

  1. The driver’s tachograph card, the most important, allowing the driver to actually drive a vehicle;
  2. The company tachograph card, allows the transportation company to lock the tachograph data stores in its mass memory;
  3. The control tachograph card allows the reading of the tachograph data for control purposes. It is typically used by road and safety law enforcement agencies;
  4. The workshop tachograph card, allows service repair shops to access tachograph data.

The cards can communicate with the sensors of the vehicle’s units to store the relevant data, usually for a maximum of 28 days. The data are encrypted and authenticated using asymmetric cryptography (RSA) and symmetric cryptography (usually 3DES or AES).

The card stores certificates, including root certificates issued by a root authority managed by the relevant country regulation bodies.

The tachograph smartcard relies extensively on a PKI, similar to the smart cards.

In such a system, the vehicle data are stored in the smartcards. The security comes from the fact that the smartcards are secure cryptographic devices,  aka, “micro-HSMs,” and cannot be tampered. 

Blockchain-Based Odometers and Tachographs

Recently, blockchain technology has been introduced to secure odometers and tachographs. The principle is different and relies on the connectivity of the vehicle, e.g., considered as an IoT. 

The data emitted by the tachographs are considered as transaction blocks and are incorporated into a dedicated blockchain. The private key needed to sign the relevant data can be stored into the vehicle itself (using a SIM card, for example) or on the remote server (presumably stored in HSMs). 

The blockchain methodology is still starting. This is contrary to the smartcard systems that already have dozens of years of maturity behind them. In such a system, the control bodies could easily check odometers or tachographs by typing the vehicle’s hash into a connected computer. In such a case, one problem is that it would not show immediately which drivers were operating, to the difference with smartcards, which are different for each driver. The irrefragable data registered by the truck would have to be crossed with timetables for the drivers which in turn could be altered.

With that solution, the vehicle data are stored in the blockchain network, not inside a device. These data can be visualized by any member of the blockchain network using the relevant hash. 

Blockchain and Smartcards Working Together

Smartcards have been perceived more as complementary of blockchains, not necessarily competitors and opponents. In the present cases, one may think of a hybrid solution where each driver would be provided a tachograph card, and use it to store its personal private key for the blockchain. The blockchain does not have the cons of a smartcard system that relies on a complicated PKI, and which depends heavily on card readers for control. Any authority could, therefore, quickly and simply visualize the car, bus, or truck data using a simple browser.

Blockchain is doomed to fail without a proper cryptographic key management solution, like “a house without a roof.” The smartcards may, therefore, be judiciously used on one side, locally, while on the other side, remotely. HSMs should be in place to perform the relevant cryptographic operations.

In other terms, the solution of the future for securing odometers and tachometers could be Blockchain+Smartcard+HSM.

References and Further Reading

Blog post by Dr. Ulrich Scholten

To find more blog posts related with below topics, click on one of the keywords: