Developing a Secure Cyberphysical System for Altitude Chambers

Abstract

Altitude chambers are used to train crews of the military and civil aviation by creating a high‐altitude environment in which the vital signs of the people in the chamber are monitored to assess their health and identify symptoms that indicate there may be a physical condition that needs to be managed. Human observers monitor the process and react when required to avoid health damage to the people in the altitude chamber. However, considering that human observers may miss some effects and are slower to react than an automated device, this work proposes designing and implementing a cyberphysical system to automate the monitoring process while protecting the collected data. The system includes an Internet of Things (IoT)‐based glove with a sensor that measures pulse rate and oxygen saturation and sends data, via MQTT, to a gateway that activates an alert if a crew member inside the chamber experiences hypoxia symptoms. The system also includes servers to store and process the collected data. Since the system collects sensitive health‐related data, its design must follow architectural principles for building secure IoT‐based healthcare applications. Most papers on IoT‐based healthcare application security only identify design principles without applying them to specific implementations, or work with isolated components of a larger end‐to‐end system. This work, in contrast, addresses the design and implementation of a system that considers the complete end‐to‐end architecture of an IoT‐based healthcare application. Furthermore, considering computational and storage limitations of IoT devices, our prototype runs ASCON, a lightweight encryption algorithm, to provide encryption and hashing functions that secure data exchange between IoT devices and processing servers. Our design meets the functional and security requirements and can be used as a use case to enhance developers’ understanding of the design and implementation principles to build secure IoT‐based healthcare applications.