Author
Listed:
- Jay Bojič Burgos
(Faculty of Electrical Engineering, University of Ljubljana, 1000 Ljubljana, Slovenia)
- Urban Sedlar
(Faculty of Electrical Engineering, University of Ljubljana, 1000 Ljubljana, Slovenia)
- Matevž Pustišek
(Faculty of Electrical Engineering, University of Ljubljana, 1000 Ljubljana, Slovenia)
Abstract
Integrating third-party Machine Learning (ML) models into industrial Operational Technology (OT) creates a procurement deadlock: operators cannot verify vendor performance claims without sharing representative evaluation data with vendors, while vendors refuse to reveal proprietary model weights before purchase, rendering traditional safeguards such as Non-Disclosure Agreements technically unenforceable. This paper introduces a framework combining Zero-Knowledge Proofs (ZKPs) with smart contracts to enable trust-minimized, cryptographically verifiable competitive model procurement in Industrial Cyber-Physical Systems (ICPS). Vendors cryptographically prove that their model outperforms a legacy baseline without disclosing proprietary weights, a process we term cryptographic performance attestation, while the on-chain workflow automates escrow, proof verification, and best-vendor selection with arbiter-based dispute resolution. ZKP privacy is scoped to vendor model weights; operator-side evaluation-data confidentiality is managed separately via synthetic, de-identified, or public benchmark data. We analyze three ZKP workflow variations and evaluate them on consumer-grade hardware, achieving proving times of approximately three seconds and sub-dollar on-chain verification costs under Layer-2 fee assumptions for the recommended single-proof variation, while identifying computational trade-offs of recursive proof aggregation. The entire verification phase operates offline with no impact on real-time OT control paths, bridging the IT/OT pre-transaction trust gap while deferring artifact deployment to existing OT tooling.
Suggested Citation
Jay Bojič Burgos & Urban Sedlar & Matevž Pustišek, 2026.
"Model Procurement for Industrial Cyber-Physical Systems Using Cryptographic Performance Attestation,"
Future Internet, MDPI, vol. 18(3), pages 1-31, March.
Handle:
RePEc:gam:jftint:v:18:y:2026:i:3:p:146-:d:1892523
Download full text from publisher
Corrections
All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:gam:jftint:v:18:y:2026:i:3:p:146-:d:1892523. See general information about how to correct material in RePEc.
If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.
We have no bibliographic references for this item. You can help adding them by using this form .
If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.
For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: MDPI Indexing Manager (email available below). General contact details of provider: https://www.mdpi.com .
Please note that corrections may take a couple of weeks to filter through
the various RePEc services.
Printed from https://ideas.repec.org/a/gam/jftint/v18y2026i3p146-d1892523.html