Many internet of things (IoT) products operate on standards-based protocols. These standards include a certification process, which verifies interoperability. Some low-cost device manufacturers skip this process. Others have even falsely applied the certification mark to their packaging. These bad actors devalue the compliance mark. Further, they create interoperability issues for consumers, and slow IoT adoption rates.
Blockchain technology provides the perfect mechanism to solve this problem. Using an open ledger, test houses can record compliance results. Compliance stamps can then be applied by the regulatory bodies. Ecosystem operators may then use the ledger to validate compliance during network formation, and warn users when non-compliant devices are detected. This will create consumer awareness, and driving up the value of compliance, and compliant products.
Compliance tracking could also be used to maintain product market segmentation. For example, many companies produce professional and consumer grade product. However, the consumer-grade product may be sold as professional grade as it passes through the distribution and installer networks. Manufacturers may use the compliance method previously described to apply market segmentation stamps to the individual devices in the ledger, and warn end consumers when lower quality devices enter premium networks.
Actors and Actions
For authenticity and rights management, participants are: a Resource, one or more Owners, and one or more Clients. The Owner claims a Resource, in which trust is extended to Clients. The Owner may also transfer (or extend) ownership to other Owners. A manufacturer may register the initial ownership of a resource to provide device authenticity. Any change of ownership or client additions are controlled by the owner.
In order to support compliance tracking and market segmentation, the smart contract is extended to add a Certifier. The Certifier may apply their stamp (signature) to any resource, without needing permission from the Owner. Further, only the Certifier may revoke their stamp to the Resource. In some instances, the stamp may also include metadata, which allows the Certifier to provide further information.
Protocol Alliances may use the certifier stamp to indicate that a device has achieved protocol compliance. Whenever a device is added to an Owner’s network, the gateway would authenticate the Resource’s identity with the trust ledger. The gateway would then be able to identify if the Resource has been certified by the protocol alliance. Lack of Protocol Compliance could lead to several actions. A simple warning to the Owner that the Resource may not fully interoperate could be displayed on the network provisioning tool. The non-compliant Resource could be limited in interactions with other Resources. For example, a non-compliant Resource may be blocked from life safety operations. Finally, the Resource may be completely removed from the network.
The identification is performed on a device level and all devices can be registered, such that copying or multiplication of certifications (if they can be performed at all), could be identified.
The certifier stamp may also be used to track regulatory compliance of either the Resource, or the installed ecosystem. For example, a FCC compliance stamp could be applied at production time for the Resource. However, building inspections on the installed system could be applied to all Resources in the building. A building owner would not only be able to determine when the system was inspected, but could also monitor for non-compliant Resources being added to the system after the inspection was completed.
In some industries, proof of regulatory compliance may be used to reduce insurance premiums, or secure tax credits.
Many manufacturers produce both a low-cost consumer product, and a premium professional variant. However, enforcing that consumer products are not sold into the professional channel is often difficult. Using the certifier stamp, a manufacturer may apply a professional grade stamp to the premium devices, and then alert owners when the stamp is missing in professional deployments.
For more detailed information on our Authenticity, Compliance, and Rights Management IoT Trust ledger, please read our paper.