A decentralized IoT and blockchain-based architecture for general-purpose vehicle speed data collection: a case study of Tanzania’s highways

Njuu, Kevin T.; Dida, Mussa A.; Runyoro, Angela-Aida K.

Introduction

Speed detection in Tanzania is predominantly conducted manually, particularly using logbooks and handheld speed guns. This approach is time-consuming for both road users and enforcement officers, demands considerable human efforts, and incurs significant operational costs for authorities, often compromising its effectiveness due to environmental factors such as weather conditions [1]. Furthermore, the manual methods are vulnerable to corruption, favoritism, and data forgery due to the absence of transparency and accountability enforcement mechanisms [1]. A notable example involves the dismissal of four police officers by the traffic police (TP) after it was discovered that they had deliberately deleted image evidence from police speed gun cameras, which were being used to document speeding violations for their gain [2]. In addition to manual enforcement, the Land Transport Regulatory Authority (LATRA) has implemented an automatic vehicle tracking system (VTS). This system is vehicle-based and limited in scope to intercity and regional public buses [3]. It involves the deployment of onboard Global Positioning System (GPS)-based speed monitoring devices that transmit data on speed violations and other metrics to vehicle owners and regulatory authorities [4, 5]. However, LATRA VTS faces integrity challenges; the devices are frequently tampered with to either disable them entirely or manipulate the data, including transmitting false information to authorities, as reported in Refs [6,7,8,9]. Furthermore, this system and others in the literature [10,11,12,13] rely on centralized architectures where a single central server handles processing, storage, and sharing of all data. This centralized setup inherently lacks transparency and is susceptible to data manipulation and tampering. Conversely, current vehicle speed detection methods in Tanzania mainly focus on enforcing speed limits, neglecting the broader opportunities and benefits of speed data across various sectors. Interviews with multiple organizations highlighted diverse needs for vehicle speed information. For example, the TP primarily use speed data for enforcement. At the same time, the National Road Safety Council (NRSC) depends on it to monitor TP activities and advise the government on road safety policies. Similarly, the road safety ambassadors (RSA) leverage speed data to increase public awareness about road safety. Bus and truck owners utilize it to manage responsible vehicle operation, and the Tanzania National Roads Agency (TANROADS) identifies key applications such as designing safer roads, planning maintenance schedules, and prioritizing repairs. Additionally, unions for bus and truck drivers rely on speed records to resolve disputes involving TP officers. Academic and research organizations such as the National Institute of Transport (NIT), Non-Governmental Organizations (NGOs) like the Tanzania Roads Association (TARA), insurance regulators like the Tanzania Insurance Regulatory Authority (TIRA), and anti-corruption agencies like the Prevention and Combating of Corruption Bureau (PCCB) could also derive significant benefits from access to reliable vehicle speed data. Despite this broad and increasing demand, there appears to be a lack of literature addressing vehicle speed data collection for general-purpose use. Existing research is narrowly focused, primarily on speed limit enforcement [14,15,16] or traffic management applications [17,18,19,20,21,22].

Internet of things (IoT) and blockchain technologies offer promising solutions to overcome these limitations of current vehicle speed detection systems. The IoT refers to a network of physical objects equipped with sensors, actuators, controllers, and communication interfaces, enabling the monitoring and control of environmental and physical conditions [23]. Usually, cloud computing (CC) has been used to support data storage and processing in IoT systems. However, the centralized cloud structure poses risks to security and trust, which raise concerns about data integrity, privacy, and trustworthiness [24]. Therefore, decentralized methods for managing IoT data are increasingly sought to improve transparency and security [25, 26]. Blockchain technology has emerged as a promising answer to many of these challenges. Using distributed ledger technology (DLT), blockchain provides data immutability, transparency, and trust through cryptographic processes [27,28,29]. As a result, the integration of IoT and blockchain technologies has garnered significant research attention [30]. Still, merging these technologies is complex, primarily due to IoT devices’ limited resources, such as energy, storage, and computing power, compared with the demanding resource requirements of blockchain systems in computation, storage, and energy use [26, 31, 32]. These disparities create critical challenges related to scalability, latency, energy efficiency, interoperability, and cost [33]. Additionally, no universally accepted architecture currently exists for integrating IoT and blockchain technologies [34]. Most existing research focuses on specific applications such as the Marine Internet of Things (MIoT) [34], healthcare [35,36,37], microgrids [38], accounting [39], supply chains [40], and cybersecurity [41]. However, no studies have specifically addressed the integration of IoT and blockchain technologies within vehicle speed detection. This gap highlights the need for further research, particularly in light of ongoing concerns on efficiency, scalability, transparency, and data security in existing systems. The main objective of this study is to develop a new architecture for integrating IoT and blockchain technologies to create an automated, secure, and transparent vehicle speed detection system suitable for Tanzania. The originality of this study is shown through three main contributions: (1) a framework for collecting and sharing general purpose vehicle speed data, enabling secure access for multiple stakeholders based on their privileges; (2) a decentralized architecture designed to improve transparency and reduce current risks related to centralization; and (3) the first known implementation of IoT and blockchain integration specifically for vehicle speed detection domain. Table 1 illustrates how the research questions are aligned with these contributions.

Table 1:

Research questions and contributions

S. No.	Research questions	Research contributions
1	How can the inefficiency, transparency, and security challenges in the current Tanzania vehicle speed detection systems be addressed?	Demonstrated how IoT and blockchain technologies can be employed to implement an automated, transparent, and secure vehicle speed data collection system.
2	How can IoT and blockchain technologies be integrated for the vehicle speed data collection domain?	Pioneered the integration of IoT and blockchain technologies, representing the first known effort to develop such a combined architecture in the vehicle speed detection domain.
3	How can general-purpose vehicle speed data be collected in Tanzania’s highways?	i. Developed an architecture for collecting general-purpose vehicle speed data. ii. Demonstrated how the HLF channels feature can be used to ensure confidentiality and privacy within a blockchain network involving various organizations.
4	How can a low-cost, scalable, and rural-friendly system for collecting vehicle speed in Tanzania be implemented?	Proposed a cost-effective design that is physically and performance scalable, employing lightweight IoT nodes compatible with rural environments.

HLF, hyperledger fabric; IoT, Internet of things.

The rest of the paper is organized as follows: related works are presented in Section 2, the proposed methodology is presented in Section 3, the results are presented in Section 4, a discussion of the results is given in Section 5, and the conclusion of this study is given in Section 6.

II.

Related Works

Several IoT-blockchain integration architectures, ranging from generic frameworks to domain-specific solutions, have been proposed in the literature. Table 2 provides a comparative analysis of these architectures alongside the proposed model, evaluated based on key aspects such as architectural type, IoT device types, data processing and storage methods, application domains, blockchain parameters, and associated limitations. For example, Pavithran et al. [42] introduced a generic IoT and blockchain integration framework, highlighting essential factors for consideration, which laid the groundwork for many subsequent research efforts. However, despite this and similar efforts, there is currently no universally accepted architectural standard. Chacko et al. [33] presented a two-layer agricultural framework for multi-stakeholder interaction using blockchain across the agricultural supply chain. Yet, their framework encounters several deployment challenges: (i) full-node implementations are impractical in farm environments due to power constraints, limited connectivity, and security issues; (ii) the high cost of deploying numerous full-node devices makes the solution unsuitable for small-scale farmers; and (iii) the absence of an application layer leaves stakeholder interaction undefined. Aliyu and Liu [43] introduced a blockchain-based smart farm security framework with serverless services for processing event data and updating the Ethereum blockchain. While the three-layer architecture supports lightweight IoT devices, it also omits an application layer. A two-layer architecture for local energy trading is proposed by Condon et al. [44], but it relies on centralized storage, contradicts blockchain’s decentralization principles, and lacks a defined application interface for user interaction. A four-layer architecture utilizing hyperledger fabric (HLF) as a Blockchain-as-a-Service solution is presented by Eghmazi et al. [45] to address IoT security and privacy issues. Kumar and Sharma [46] introduced a three-layer model (IoT, off-chain, and blockchain), which integrates MongoDB for off-chain storage and HLF for ensuring data integrity in environmental monitoring applications. However, the application layer remains undefined. Deep et al. [24] introduced a two-layer architecture model, which enforces authentication and access control to enable secure environmental data sharing in a heterogeneous IoT setup, though its description lacks clarity, making interpretation of its structure and implementation difficult. The model introduced by Singal et al. [47] focuses on Ethereum-based IoT integration for secure supply chain traceability, but it does not include a comprehensive architectural design, instead providing only entity-relationship (ER) and flowchart diagrams. Similarly, Swati et al. [48] proposed a three-layer architecture for a blockchain-enabled IoT health monitoring system, utilizing both private and consortium blockchains for data confidentiality and collaboration among healthcare providers. A comparable study [35] introduced a three-layer architecture (IoT, data collector, and blockchain) for secure and privacy-preserving pharmaceutical data sharing in diabetes research, but it does not include a proof of concept (PoC) prototype. Furthermore, Dange and Nitnaware [49] suggested an IoT blockchain-based data-sharing model designed to guarantee the integrity of healthcare data exchanged among multiple stakeholders. Rather than storing all data on the blockchain, this model uses blockchain technology solely to verify data integrity. However, the approach appears complex and introduces significant overhead during the integrity verification process. These architectures cover multiple domains, including agriculture, energy, security, environment, supply chain, and healthcare. To our knowledge, no previous research specifically addresses the integration of IoT and blockchain technologies for vehicle speed monitoring systems. This study has effectively employed the HLF channels feature to create a consortium blockchain composed of organizations with different privileges. Moreover, a common limitation across most architectures is the lack of an application layer that defines user interaction. Additionally, evaluation efforts have mainly focused on performance metrics, with insufficient attention to other important aspects such as execution modes, functionality, and system integration.

Table 2:

Comparison with the existing systems

Reference	Architecture type	Application context	IoT device types	Data processing and storage	Blockchain parameters	Strengths/limitations
[42]	Generic	Generic	N/A	N/A	N/A	Served as the foundation for IoT-blockchain integration studies
[33]	Specific Two-layer	Agriculture	Full node	Blockchain and Off-Chain Storage IoT layer processing	Private Ethereum Consensus not specified	Full nodes are not well-suited for farm environments. The cost of deploying full nodes may not be affordable to smallholder farmers
[43]	Specific Three-layer	Agriculture	Light node	Cloud processing Blockchain Storage	Ethereum Consensus not specified	The application layer is not specified in the design
[44]	Specific Two-layer	Energy trading	Full node	Cloud storage and processing	Private Ethereum IBFT 2.0	Centralized storage contradicts blockchain’s decentralization goals and the absence of an application layer
[45]	Specific Four-layer	IoT security	Light node	Off-Chain (processing and storage), Blockchain (hash storage)	HLF as a service	Support a varied type of sensors depending on the requirement. Can be applied in more than one domain area
[46]	Specific Three-layer	Environmental monitoring	Full node	Off-Chain (processing and storage) and Blockchain storage	HLF 2.4, Golang Chaincode, CouchDB state database	The application layer is not specified in the design
[24]	Specific Two-layer	IoT security	Full node	Blockchain	Polygon-based blockchain network, PoS/PBFT consensus	Unclear architecture description, difficult to understand its structure and implementation
[47]	Not presented	Supply chain	Light node	Blockchain	Ethereum, PoW consensus	Model architecture is not presented; only ER and flowchart diagrams are presented
[48]	Specific Three-layer	Healthcare	Light node	Not specified	Private and consortium blockchain with unspecified platform	No PoC prototype to validate the proposed architecture
[35]	Specific Three-layer	Healthcare	Light node	Off chain	Unspecified blockchain technology	No PoC prototype to validate the proposed architecture
[49]	Specific Four-layer	Healthcare	Full node	Data stored in the cloud	Ethereum-based blockchain with type unspecified	Complex with lots of overhead, an integrity verification process
This work	Specific Four-layer	Vehicle speed detection	Light node	Cloud preprocessing, blockchain storage, application-specific processing	HLF-based consortium blockchain, Raft consensus, CouchDB state db	The first effort in vehicle speed detection used HLF channels to build a consortium network and introduced a versatile application layer for general-purpose speed data

ER, entity-relationship; HLF, hyperledger fabric; IBFT, Istanbul byzantine fault tolerance; IoT, Internet of things; PoC, proof of concept; PoS/PBFT, proof of stake/practical byzantine fault tolerance; PoW, proof of work.

III.

The Proposed Methodology

The design decision factors outlined by Pavithran et al. [42] and Chacko et al. [50] provided guidelines for integrating IoT and blockchain technologies. These factors were adopted because they offered a structured framework for supporting the design decision-making process to create an effective and efficient architecture for integrating IoT and blockchain technologies. Each factor relevant to the merging of IoT and blockchain technologies within the systems building block was carefully analyzed and evaluated in the context of vehicle speed detection, considering the environmental factors, and both functional and non-functional requirements as presented in Table 3.

Table 3:

Design decision factors for integrating IoT and blockchain technologies

S. No.	Building blocks	Design factors for consideration	Design decisions
1	Type of IoT devices	i. IoT node types: can either be light or full nodes. ii. Heterogeneity of devices: devices of the same or different types.	i. Light IoT nodes to ensure low cost and simplicity. ii. Devices from different manufacturers due to availability, functionality, and cost.
2	Application type and context	Depending on the specific application of vehicle speed detection across various organizations, blockchain implementation can be permissioned, permissionless, or hybrid, depending on security, transparency, and access requirements.	Since the application involves multiple governmental and nongovernmental organizations, a permissioned blockchain is utilized to establish a consortium blockchain network, ensuring controlled access, data integrity, and secure collaboration among authorized entities.
3	Data types, storage, and processing requirements	Data can be sensor data, device ID, or key management data as per requirements. Possible data storage locations include device, cloud, and blockchain storage. Data processing: can be light or heavy-duty processing. Where is the processing location (single or multiple): device, cloud, blockchain, or application?	i. Sensor data, vehicle speed, photo, timestamp, and device ID to identify location. ii. Temporary storage in the IoT node for backup. iii. Temporary storage in the cloud for backup and preprocessing. iv. Permanent storage on the blockchain for transparency and security. v. Multiple processing locations, lightweight processing in the IoT nodes, and heavy-duty processing by the cloud and application layers. vi. Image preprocessing at the cloud for vehicle number plate and type recognition. vii. Application-specific processing at the application layer. viii. Recording and querying processing at the blockchain.
4	Blockchain parameters	What devices will participate in the consensus? Type of consensus mechanism What platform is to be used and why? What are the transaction types, and on what data?	i. Preselected orderer nodes will participate in the consensus. ii. CFT-based Raft consensus mechanism. iii. HLF is an ideal permissioned blockchain platform, offering channel-based data confidentiality and compatibility with mainstream programming languages for chaincode development. iv. Record and query transactions on vehicle speed data.
5	Security requirements	What security services are needed?	Security services needed are confidentiality, integrity, authenticity, and key management.

CFT, craft fault tolerant; HLF, hyperledger fabric; IoT, Internet of things.

This study proposes a four-layer architecture design formed by the IoT, cloud, blockchain, and application layers, as illustrated in Figure 1. The IoT layer comprises lightweight sensor nodes. A typical node includes a radar sensor for measuring vehicle speed, a camera for capturing vehicle images, and a microcontroller (MCU) to process and transmit speed and image data to the cloud layer. To facilitate the transmission of data, the node utilizes a communication module such as a Wi-Fi module or a cellular modem. Additionally, an SD card may be incorporated to temporarily store data as a backup.

The cloud layer serves two primary functions: first, it handles data preprocessing tasks, which involve extracting number plate details from captured images using computer vision (CV) techniques, specifically automatic number plate recognition (ANPR), and categorizing vehicles based on their types through machine learning (ML) algorithms. Second, it facilitates the interconnection between the resource-constrained IoT nodes with the resource-intensive blockchain network. The blockchain layer is responsible for data storage across stakeholders. All data are securely recorded in a permissioned blockchain network, ensuring that only authorized organizations forming the consortium blockchain network have access. Additionally, because the proposed architecture is designed to be general-purpose, the HLF channel feature is used to separate organizations having different privileges on the data, while the application layer is responsible for handling application-specific data processing and sharing. Each organization within the blockchain network may deploy its application systems, such as web or mobile applications, tailored to its specific needs. As different blockchain channels serve distinct organizations, the data processing and visualization requirements are expected to vary according to the business objectives and operational demands of each entity. This approach ensures that each organization receives relevant, customized insights while maintaining secure, efficient, and transparent data sharing across the network.

IV.

Results

PoC implementation

The main objective of this section is to implement the PoC system prototype to validate the proposed architecture. We focused on integrating IoT and blockchain technologies instead of actual data collection and preprocessing. We simulated the functionalities of sensors (radar and camera) within the IoT subsystem and the preprocessing capabilities (ANPR and vehicle classification) of the cloud subsystem. Figure 2 illustrates the architecture configuration for the system prototype.

To emulate the functionalities of the radar sensor and camera for data collection, a C/C++ program was developed using the Arduino framework to generate random data. The generated data records contained vehicle speed, photo, location, and timestamp fields. The generated dataset was designed to realistically reflect Tanzanian highway conditions, particularly a highway from the Dar Es Salaam region to the Arusha region. Data records were serialized into JavaScript Object Notation (JSON) format and transmitted securely to the cloud server via hypertext transfer protocol secure (HTTPS). The implementation was deployed on an ESP32-based MCU featuring integrated microSD card storage and Wi-Fi connectivity. This configuration emulates the functionalities of an IoT subsystem responsible for vehicle speed data collection and transmission to a cloud server. In the cloud server, the received data were stored in the SQLite database. To implement the cloud-side preprocessing, we simulated ANPR and vehicle type classification functionalities by automatically generating number plate and vehicle type fields. A Python script generated vehicle number plates conforming to Tanzania’s formats. Similarly, vehicle type information was generated by matching the vehicle image received from the IoT device. The generated fields (vehicle number plate and vehicle type) were then appended to the original data fields from the IoT subsystem (vehicle speed, image, location, and timestamp). This process outputted the complete data record (vehicle speed, number plate, type, image uniform resource locator [URL], location, and timestamp). The full data records were stored in the SQLite database, while the associated vehicle images were saved in a special directory. Each image was linked to its corresponding data record via a URL stored in the database. Figure 3 illustrates a web interface for viewing vehicle speed records and associated images at the cloud layer.

Finally, the data records were transmitted to the HLF blockchain network via a RESTful-based fast application programming interface (API) and a web server. This network is implemented using the open-source HLF framework, which serves as an ideal platform for a permissioned blockchain solution [39]. In addition to being private and open-source, HLF offers several advantages, including support for standard programming languages such as Java, JavaScript, and Go for writing smart contracts. Moreover, it enables the creation of multiple channels (sub-networks) within the broader blockchain network, enhancing privacy and confidentiality in data sharing. We established a consortium of 14 organizations based on HLF version 2.5 to create a blockchain network using Docker containers. Setting up Docker containers was preferred for creating and managing our HLF blockchain network because it is quicker and more efficient in resource utilization compared with a virtual machine (VM). Separate containers were used to isolate the creation and management of fabric components. Each peer, binary, orderer, and CouchDB container was executed from its respective container. Instances for these containers were hosted in a shared VM environment. An HLF certificate authority (CA) was used to deploy enrollment certificates for identifying organizations, administrators, and users. Similarly, transport layer security (TLS) certificates were employed to ensure TLS for the network. Since our network operates as a consortium of known organizations, we utilized the default CFT consensus mechanism provided by HLF, the Raft consensus protocol, to secure inter-organizational interactions. Although the participating entities possess a certain degree of mutual trust, they do not fully trust one another. Therefore, CFT was suitable for maintaining ledger security and consistency without the need for resource-intensive mining. Since confidentiality and privacy are mandatory security requirements, we implemented channels to guarantee isolation between different groups of organizations. Figure 4 illustrates the topology diagram of the blockchain network.

Five channels (C1–C5) were implemented: C1 for speed limit law enforcers, C2 for passenger transporters, C3 for cargo transporters, C4 for regulatory and registration authorities, and C5 for road safety, development, research, and management organizations, as described in Table 4.

Table 4:

Channels implemented within the blockchain network

Channel name	Channel description	Organizations	Data shared
C1	Speed limit law enforcers	i. TP ii. NRSC iii. PCCB	i. Speed ii. Timestamp iii. All vehicle details iv. Photo v. Location
C2	Passengers transporters	i. TP ii. LATRA iii. TABOA iv. TBDU	i. Speed ii. Timestamp iii. Vehicle details for buses only iv. Photo v. Location
C3	Cargo transporters	i. TP ii. LATRA iii. TATOA iv. TTDWU	i. Speed ii. Timestamp iii. Vehicle details for trucks only iv. Photo v. Location
C4	Regulatory and registration authorities	i. TRA ii. TIRA iii. LATRA	i. Speed ii. Timestamp iii. Vehicle details iv. Location v. Vehicle type
C5	Road safety, research, development, and management organizations	i. RSA ii. TARA iii. TANROADS iv. Research and training institutions	i. Speed ii. Timestamp iii. Location iv. Vehicle type

LATRA, land transport regulatory authority; NRSC, national road safety council; PCCB, Prevention and Combating of Corruption Bureau; RSA, road safety ambassadors; TABOA, Tanzania Bus Owners Association; TANROADS, Tanzania National Roads Agency; TARA, Tanzania Roads Association; TATOA, Tanzania Truck Owner Association; TBDU, Tanzania Bus Driver Union; TIRA, Tanzania Insurance Regulatory Authority; TP, Tanzania Police; TRA, Tanzania Revenue Authority; TTDWU, Tanzania Track Drivers Workers Union.

CouchDB served as the world state database for the blockchain network, enabling efficient execution of JSON-based queries and facilitating seamless interaction between the chaincode and the underlying ledger. The chaincode, developed in JavaScript, was deployed across five channels and approved by all participating organizations within each channel. This updated version of the chaincode builds upon the implementation presented in our previous study [1], introducing two primary functions: one for creating speed enforcement data used by enforcement authorities, passenger transporters, and cargo operators, and another for generating general-purpose data, which is utilized by regulatory bodies, researchers, and training institutions. The speed enforcement function supports query operations and enables the identification of speeding vehicles based on parameters such as location, vehicle type, and timestamp. In Tanzania, the legal speed limit is set at 50 km/h, which serves as the threshold for enforcement.

To streamline the configuration and deployment of the HLF blockchain infrastructure, we developed a command-line application that automates the network setup and chaincode deployment process. This tool significantly enhances deployment consistency and operational efficiency, as illustrated in Figure 5.

Additionally, we implemented the Restful Fabric API to receive data from the cloud subsystem via a web server. The web server uses the Express. js framework to listen for incoming HTTPS POST requests. Upon receiving a request, the gateway triggers the chaincode (smart contract), which executes a function to store data in the blockchain. Furthermore, we configured five dedicated gateways, one for each channel and a central gateway for bridging the web server and the internal gateways. The main gateway receives complete JSON payloads from the cloud layer and routes them to the respective internal gateways based on channel-specific credentials. These internal gateways then invoke the appropriate chaincode function, either for enforcement or general-purpose data, thereby committing the structured information to the blockchain ledger. Fauxton, the web-based user interface for CouchDB, was utilized at the application layer to visualize the data stored in the blockchain. Figure 6A illustrates the Fauxton interface for channel C1, designated for speed limit law enforcement, while Figure 6B presents data associated with the passenger transporters channel. Figures 6A and 6B reflect records stored in CouchDB, the world state database utilized by the HLF blockchain network.

PoC evaluation

To evaluate the PoC prototype, integration and performance tests were employed as primary evaluation methods. These methods were selected due to the multi-layered nature of the architecture, which comprises IoT, CC, and blockchain subsystems. Integration testing aimed to verify that each subsystem performed its intended functionality and that all subsystems were integrated and could seamlessly exchange data. On the contrary, performance testing focuses on measuring end-to-end latency, that is, how long it takes to transmit data from the IoT to the blockchain subsystem. Additionally, performance testing focused on measuring throughput and error rate, that is, finding how many data records are successfully stored in the blockchain per second. Performance was measured under realistic conditions by deploying the IoT subsystem on the ESP32-CAM module (with a dual-core 32-bit Xtensa LX6 processor of up to 240 MHz clock speed, 520 KB of SRAM, and 4 MB of flash memory) connected to a network with a bandwidth of 5.4 Mbps (download) and 9.6 Mbps (upload), the cloud subsystem deployed in the Google Cloud e2-micro (2 vCPUs, 1 GB Memory), while the blockchain subsystem was deployed on the Digital Ocean Basic Droplet (2vCPU and 8 GB RAM).

b.i

Integration testing

The integration-based testing conducted was an end-to-end delivery process, ensuring that data transmitted from the IoT node was successfully delivered and persisted across the entire system. This included verifying that each subsystem performed its intended functions. Functionality testing was carried out on the IoT side to confirm that the sensor node reliably generated data records consisting of vehicle speed, photo, location, and timestamp, and successfully transmitted them to the Google Cloud server. Figure 7 presents the IoT node (ESP32) serial monitor output displaying the success status of transmitting the generated data to the cloud. This verifies that the IoT node is executing its functions; the IoT node successfully initializes, the image is correctly encoded in base64 format, and the proper JSON payload is sent to the correct Flask endpoint successfully.

Similarly, tests were carried out on the CC subsystem to verify that the Flask API responsible for handling incoming data performs its duties successfully. Specifically, to verify that the data were accurately received and stored in the SQLite database, images were properly saved in the specified directory and referenced in the database via the URL. Figure 8 shows sample vehicle images stored in the cloud directory.

Additionally, functionality tests ensured that number plates are well generated, vehicle type is well determined, and the two new fields are appended to create a complete data record containing vehicle speed, number plate, type, image URL, location, and timestamp, as illustrated in Figure 9.

Furthermore, it was verified that a new JSON object is constructed and subsequently forwarded to the Fabric REST API. As illustrated in Figure 10, the cloud API successfully receives the JSON payload from the IoT node, performs the required preprocessing, and transmits the refined data to the blockchain network.

On the blockchain side, it was confirmed that the blockchain subsystem, deployed on the Digital Ocean cloud platform, successfully received the incoming JSON payload, validated its contents, and routed it to the appropriate channels based on each channel’s access credentials. As illustrated in Figure 11A, the main Fabric gateway processed the payload and forwarded it to the channel C1 gateway (Figure 11B), which then invoked the relevant chaincode. The chaincode executed as expected, committing the data to the blockchain ledger, thus ensuring secure and tamper-resistant storage.

b.ii

Performance testing

End-to-end latency tests were conducted to measure the time for data records to reach the blockchain from the IoT subsystem. Error rate tests assessed failure rates, key to system reliability. Throughput tests measured how many data records were sent over time. These tests, latency, error rate, and throughput, were conducted in two configurations: (1) how the number of records (NR) affects performance, and (2) how the number of nodes (NN) influences performance? Table 5 shows the scenario setups for both configurations.

Table 5:

Experiment configuration setup

Configurations	NN values	NR values
Configuration 1 (varied NR, fixed NN)	Fixed 60	[1, 3, 5, 10, 20, 30, 40, 50]
Configuration 2 (varied NN, fixed NR)	[1, 6, 12, 18, 24, 36, 48, 60]	Fixed 50

NN, number of nodes; NR, number of records.

In each configuration, tests were conducted in three different execution modes: sequential, parallel, and asynchronous, to determine the most efficient execution approach. In the sequential approach, data are transmitted one record at a time. The sender waits for a response from the server before sending the next record, following a blocking method, which does not support concurrency and operates using a single thread. The implementation typically utilizes nested loops to enforce this strict request-response order. Parallelism, also known as the multi-threading approach, involves using multiple threads, typically at least two, to send data independently. Each thread is assigned a subset of nodes, such as even- and odd-indexed nodes, and operates concurrently. This mode takes advantage of multiple processor cores, enabling faster execution compared with the sequential approach due to simultaneous data transmission. In asynchronous mode, records are sent in a non-blocking manner, meaning the sender does not wait for a response before sending the next record. Each record is dispatched individually, and the execution continues automatically across nodes and records. This approach enables efficient utilization of resources by allowing other operations to progress while awaiting responses. A simulation approach was employed using a C/C++ ESP32-IoT simulator script with configuration and execution mode selection at the same time. The script simulated data transmission from IoT to the blockchain via the cloud, aided by the Flask-cloud server script (Python and SQLite) and the Fabric REST-API server script (Node.js and Fabric SDK), respectively. The algorithm for the IoT simulator script is presented in Algorithm 1.

Algorithm 1:

Algorithm for the IoT simulator

Initialization:
- Define arrays:
  - ○
    NR[]: set of values for the NR per node (for Configuration 1).
  - ○
    NN[]: set of values for the NN (for Configuration 2).
- Define configuration:
  - ○
    Configuration 1: Fix NN, vary NR.
  - ○
    Configuration 2: Fix NR, vary NN.
- Select:
  - ○
    Configuration_type: “Configuration1” or “Configuration2”.
  - ○
    Execution_mode: “sequential”, “parallel”, or “asynchronous”.
- Set:
  - ○
    fixedNN: (e.g., 60) – used in Configuration 1.
  - ○
    fixedNR: (e.g., 50) – used in Configuration 2.
Simulation Setup:
- Based on Configuration_type:
  - ○
    If Configuration1 → iterate over NR [].
  - ○
    If Configuration2 → iterate over NN [].
Execution Based on Mode
- Sequential Mode
  - For each node and each record:
    - ○
      Send one request at a time.
    - ○
      Wait for a response before the next request.
    - ○
      Record start and end times for latency.
- Parallel Mode
  - For each node and each record:
    - ○
      Launch multiple threads/tasks simultaneously
    - ○
      Each task handles a request.
    - ○
      Wait for all to finish before measuring metrics.
- Asynchronous Mode
  - Use asynchronous HTTP calls or a queue mechanism.
    - ○
      Non-blocking: send requests without waiting.
    - ○
      Track callbacks/responses as they return.
    - ○
      Time taken is tracked using timestamps when sent and when a response is received.
Configuration Execution
- Configuration 1: Fix NN, Vary NR
  - for each NR in NR []:
  - for each node in 0 to fixedNN:
  - for each record in 0 to NR:
  - Send a record based on execution_mode
  - Track success/failure, start/end time
- Configuration 2: Fix NR, Vary NN
  - for each NN in NN []:
  - for each node in 0 to NN:
  - for each record in 0 to fixedNR:
  - Send a record based on execution_mode
  - Track success/failure, start/end time
Metric Calculation
- ○
  For each NR (in Configuration 1) or NN (Configuration 2):
- ○
  Latency = Total successful request time / Number of successful requests
- ○
  Error Rate (%) = (Failed requests / Total attempts) × 100
- ○
  Throughput (records/s) = Successful requests / Total elapsed time
Output
- Output the results for each configuration via serial or console

Configuration 1: how the NR affects performance

To find out how the NR affects the performance, the NN was fixed to an assumed maximum of 60, and the NR was varied as shown in Table 5. NR value of 1 represents an ideal scenario, 5 an optimum scenario, 10 a situation with the shortest network outage, with 50 the longest network outage, and values between represent possible scenarios due to various factors. The average performance metrics per NR and the overall averages were computed as illustrated. The formulas for calculating latency, error rate, and throughput per NR are presented in Eqs (1)–(3): (1) $Average {Latency}_{NR} = \frac{Σ_{i = 1}^{NR} (T_{end i} - T_{start i})}{S_{NR}} (in m / s)$ {\rm{Average}}\;{\rm{Latenc}}{{\rm{y}}_{{\rm{NR}}}} = {{\Sigma _{i = 1}^{{\rm{NR}}}\left( {{{\rm{T}}_{{\rm{end}}i}} - {{\rm{T}}_{{\rm{start}}i}}} \right)} \over {{S_{{\rm{NR}}}}}}\left( {{\rm{in}}\;{\rm{m}}/{\rm{s}}} \right) (2) $Error {Rate}_{NR} = \frac{F_{NR}}{S_{NR} + F_{NR}} \times 100 %$ {\rm{Error}}\;{\rm{Rat}}{{\rm{e}}_{{\rm{NR}}}} = {{{F_{{\rm{NR}}}}} \over {{S_{{\rm{NR}}}} + {F_{{\rm{NR}}}}}} \times 100\% (3) ${Throughput}_{NR} = \frac{S_{NR}}{T_{NR}} \times 1000 (r / s)$ {\rm{Throughpu}}{{\rm{t}}_{{\rm{NR}}}} = {{{S_{{\rm{NR}}}}} \over {{T_{{\rm{NR}}}}}} \times 1000\left( {{\rm{r}}/{\rm{s}}} \right) where

T_endi = The end time for request i;
T_starti = The start time for request i;
NR = The number of records;
S_NR = The number of successful requests;
F_NR = The number of failed requests;
T_NR = Total time taken (in ms) for successful requests for NR.

The results of this experiment are presented in Figure 12A (sequential mode), Figure 12B (parallel mode), and Figure 12C (asynchronous mode). Figures 12A–C illustrate the average values of each performance metric, latency, throughput, and error rate, computed per NN configuration, along with their respective overall averages, while Figure 13 illustrates a plot of latency versus NR.

Configuration 2: how the NN affects performance

To evaluate the impact of the NN on performance, the NR was fixed at the worst-case scenario of 50. NN was varied as outlined in Table 4, based on an assumed maximum of 60 nodes distributed across six major highway sections, with each section containing an average of 10 nodes. The average performance metrics, latency, error rate, and throughput, were calculated for each NN configuration, along with the overall average across all configurations. The formulas used for these calculations are provided in Eqs. (4)–(6): (4) $Average {Latency}_{NN} = \frac{Σ_{i = 1}^{NN} (T_{end i} - T_{start i})}{S_{NN}} (in ms)$ {\rm{Average}}\;{\rm{Latenc}}{{\rm{y}}_{{\rm{NN}}}} = {{\Sigma _{i = 1}^{{\rm{NN}}}\left( {{{\rm{T}}_{{\rm{end}}i}} - {{\rm{T}}_{{\rm{start}}i}}} \right)} \over {{S_{{\rm{NN}}}}}}\left( {{\rm{in}}\;{\rm{ms}}} \right) (5) $Error {Rate}_{NN} = \frac{F_{NN}}{S_{NN} + F_{NN}} \times 100 %$ {\rm{Error}}\;{\rm{Rat}}{{\rm{e}}_{{\rm{NN}}}} = {{{F_{{\rm{NN}}}}} \over {{S_{{\rm{NN}}}} + {F_{{\rm{NN}}}}}} \times 100\% (6) ${Throughput}_{NN} = \frac{S_{NN}}{T_{NN}} \times 1000 (r / s)$ {\rm{Throughpu}}{{\rm{t}}_{{\rm{NN}}}} = {{{S_{{\rm{NN}}}}} \over {{T_{{\rm{NN}}}}}} \times 1000\left( {{\rm{r}}/{\rm{s}}} \right) Where

T_endi = The end time for request i;
T_starti = The start time for request i;
NN = The number of nodes;
S_NN = The number of successful requests;
F_NN The number of failed requests;
T_NR = Total time taken (in ms) for successful requests for NN.

The results of this experiment are presented in Figure 14A (sequential mode), Figure 14B (parallel mode), and Figure 14C (asynchronous mode). Figures 14A–C illustrate the average values of each performance metric: latency, throughput, and error rate computed per NN configuration, along with their respective overall averages.

Discussion

This study proposes an architecture design to demonstrate how IoT-blockchain integration can be leveraged to implement a smart, secure, and transparent system for improving vehicle speed data collection in Tanzania. The first distinguishing feature of the proposed architecture is that, to the authors’ understanding, it is the first of its kind to exploit such technological integration in the vehicle speed data collection domain. Existing works focus on other domains such as health [35,36,37, 48, 49], supply chain [40, 47], agriculture [33, 43], accounting [39], and microgrids [38]. It features an innovative distribution of data collection, processing, storage, and sharing functionalities across the four layers of the architecture. The design effectively leverages the capabilities of IoT, artificial intelligence (AI), and blockchain, enabling the achievement of critical factors such as efficiency, transparency, and security. Furthermore, it demonstrates a streamlined yet effective combination of CC and blockchain technologies. CC is a well-established and mature technology to be replaced by blockchain. While it may be feasible to implement the solution entirely using either blockchain or CC, their combination can enhance the overall quality of the final product. The proposed architecture effectively harnesses the strengths of each integrated technology. CC serves as a vital intermediary between the IoT and blockchain layers, performing essential preprocessing tasks that would be too resource-intensive for IoT devices and too complex or costly to execute directly on the blockchain. This cloud layer offers several strategic advantages. It reduces system complexity by centralizing data preprocessing, thereby offloading computational demands from blockchain and IoT nodes. This enables the use of lightweight IoT nodes (typically comprising a radar sensor and an ESP32, which integrates the camera, MCU, Wi-Fi, and SD card into one module) while ensuring efficient integration with the resource-intensive blockchain infrastructure. Also, it significantly lowers costs by eliminating the need to equip every IoT or blockchain node with advanced capabilities such as ML and CV for performing ANPR and vehicle classification. Additionally, it enhances performance and optimizes resource utilization by avoiding redundant execution of tasks across nodes, as each task is performed only once within the cloud layer. These factors collectively contribute to the physical scalability of the system, allowing the number of IoT nodes to be easily increased as needed without affecting the existing physical design. Moreover, this architecture design may use the already existing cloud infrastructure provided by the Tanzania national e-government agency (e-GA), further minimizing operational costs. Second, the proposed design is particularly suited for deployment in rural and low-connectivity areas. The ESP32 module used in the IoT node supports seamless integration with cellular IoT modules such as long term evolution for machines (LTE-M) and NB-IoT through standard interfaces such as universal asynchronous receiver/transmitter (UART) and serial peripheral interface (SPI). Unlike works like [33, 43] which uses Wi-Fi, cellular IoT is a low power wide area network (LPWAN) technology built on Global System for Mobile Communication (GSM) infrastructure, the most widely deployed wireless communication system globally. It offers extended coverage and reliable connectivity, making it ideal for remote areas. Alternatively, Long Range Wide Area Network (LoRaWAN) may also be considered as a viable option, provided that the application’s data rate requirements can be satisfied.

The third distinguishing factor is the capability of collecting general-purpose vehicle speed data, compared with existing studies that primarily focus on speed limit law enforcement and traffic management. To resolve this, the design employs HLF channels to ensure data confidentiality and privacy for different categories of organizations. Different channels are implemented for various organizational groups, thereby enforcing fine-grained access control and authorization. This approach has enabled the design of a transparent and yet secure solution that upholds the privacy and security of data, addressing weaknesses of the existing centralized LATRA VTS [4, 5] and other systems [16, 50,51,52,53,54] which are prone to data manipulation and tampering. Table 6 presents the spoofing, tampering, repudiation, information disclosure, denial of service, and elevation of privilege (STRIDE) threat model illustrating the architecture’s resilience to attacks, and this model is structured into four layers. This model is adopted because it is the most mature modeling method to be used to assess the architecture layers against the main security properties [55].

Table 6:

The STRIDE threat model of the proposed architecture

	IoT layer: lightweight sensor nodes	Cloud layer: data preprocessing and blockchain gateway	Blockchain layer: HLF data storage	Application layer: web/mobile apps
Asserts	Raw data, device identity, keys, local backup, and communication channel	User privileges, preprocessed data, vehicle classification models, keys, end-points, user and device logs, and communication channel	Immutable data, channels configuration, keys, gateway, chaincode, ledger state, audit logs, consensus, and communication channel	Application data, end-user privileges, and business logic
Threats	Device spoofing, eavesdropping, node compromise, man-in-the-middle, and SD card extraction	Data leakage, API abuse, user privilege escalation, data tampering, man-in-the-middle, eavesdropping, and model abuse	Malicious peer, chaincode bugs, channel, gateway abuse, misconfiguration, and consensus manipulation	XSS, session hijacking, authentication bypass, data leakage, and insecure endpoints
Mitigations strategies	Data encryption (TLS/SSL for transmission; AES for SD card), secure boot and firmware signing, tamper-resistant housing, use session keys, and limit physical ports	Role-based access control in cloud services, input validation, API authentication, model access control, and encrypt data	Used channel ACL, chaincode audit, enforced endorsement policies, monitored peer behavior, and transaction logs	Enforced MFA, strict session expiry, CSRF tokens, sanitized all user inputs, and rate-limited external API calls

ACL, access control list; AES, Advanced Encryption Standard; API, application programming interface; CSRF, cross-site request forgery; HLF, hyperledger fabric; IoT, Internet of things; MFA, multifactor authentication; STRIDE, spoofing, tampering, repudiation, information disclosure, denial of service, and elevation of privilege; SSL, secure sockets layer; TLS, transport layer security; XSS, cross-site scripting.

Another distinctive feature of the proposed architecture lies in its application layer, which allows for application-specific data processing tailored to the diverse needs of different organizations. The system’s capability to collect vehicle speed data that serves multiple purposes across various sectors makes it highly adaptable and scalable. Each stakeholder can independently implement their interface, whether as a mobile or web application, depending on their unique business requirements and operational environments, as compared with references [45, 49], which are application layer specific, while works like [33, 43, 44, 46] did not include the application layer in their design. For example, in the context of law enforcement, police officers can utilize mobile applications for field operations. These may be used by traffic officers, patrol units, or other enforcement personnel to access real-time speed data and take immediate action. Conversely, web-based applications are more suited for office environments, where higher-ranking officers, such as those from the NRSC, may analyze aggregated data to generate reports, monitor trends, investigate incidents, and support decision-making. These applications can also be used to inform policy development, raise public awareness, and promote road safety research. From the transport sector perspective, bus and truck owners can implement mobile or web-based platforms to monitor driver behavior and ensure compliance with safety regulations. Similarly, the national road agency can analyze speed data for a range of critical functions, including the design of safer roads, conducting road safety audits, optimizing the placement of traffic signs and speed limits, and collaborating with other entities during accident investigations.

Another unique aspect of this study is its extensive evaluation scope, which went beyond conventional performance testing to include integration testing. The purpose of the integration testing was to verify the functionality of individual subsystems and ensure their smooth interaction for reliable end-to-end data delivery. Regarding performance evaluation, this study not only measured core metrics such as latency, error rate, and throughput as done in references [46, 49] but also examined the effectiveness of different execution strategies: sequential, parallel (multi-threaded), and asynchronous modes. These approaches were assessed to identify which of them delivered the best performance under various conditions. Specifically, performance-based tests evaluated end-to-end latency and error rates, offering insights into the system’s scalability, responsiveness, reliability, accuracy, robustness, and fault tolerance. Throughput tests analyzed data transmission efficiency across the system. All assessments were performed under two different configurations to explore how changes in the NR and the NN affect overall system performance. The results based on NR are shown in Figure 12A for sequential mode, Figure 12B for parallel mode, and Figure 12C for asynchronous mode. In sequential execution, latency ranged from 2,090 ms to 2,169 ms, indicating that increasing NR has little effect on latency. However, the overall latency remains high, likely due to the blocking nature of sequential execution, where each task waits for the previous one to finish. By contrast, parallel execution demonstrated greater efficiency and stability, with latency from 1,020 ms to 1,070 ms and an average of around 1,043 ms. This is nearly a 50% reduction compared with the averages for sequential (2,155 ms) and asynchronous (2,220 ms) modes. Minor variations in parallel latency probably stem from small scheduling overheads or payload size fluctuations, rather than inherent algorithm inefficiencies. Interestingly, the asynchronous mode, which is usually expected to outperform sequential execution because of its non-blocking nature, showed higher and more variable latency. This unexpected result might be due to factors such as network overhead, event loop contention, or managing callbacks with many concurrent tasks. While asynchronous execution is ideal for I/O-bound workloads and parallelism is better for central processing unit (CPU)-bound tasks, this project’s workload appears to be a balanced mix of both. For example, on the IoT (ESP32) side, operations such as generating speed data, encoding images in base64, and sending HTTP requests are mainly I/O-bound. On the cloud (Flask server), incoming requests undergo lightweight preprocessing (e.g., vehicle type and license plate detection), database management, and data transmission to the blockchain, mixing I/O and CPU-bound processes. On the blockchain, data are received and committed through chaincode, involving validation, network consensus, and storage more CPU-intensive tasks. Given this mixed workload, the parallel execution mode offers the best performance, with the lowest average latency and the highest throughput, as shown in Figure 13. Furthermore, throughput results (Figure 12) show that parallel mode achieves 0.96 records/s (Figure 12B), more than double that of sequential (0.46 records/s, Figure 12A) and asynchronous (0.45 records/s, Figure 12C) modes. Regarding error rates, all three modes perform acceptably: sequential: 0.02%, parallel: 0.07%, and asynchronous: 0.21%. These findings confirm that parallel execution provides the best balance between latency and throughput. Regarding how the NN affects performance, the trend observed in the parallel execution mode in Figure 15 shows a significant drop in latency after the initial data point, decreasing from 4,768 ms to around 2,500 ms. This early spike may be caused by delays in thread scheduling or resource initialization overhead. The subsequent measurements show a consistent reduction of about 50% in latency compared with the other execution modes. The average latencies recorded were 2,929.37 ms for the parallel mode, 4,792.86 ms for the asynchronous mode, and 4,786.65 ms for the sequential mode. This notable improvement in the parallel mode likely results from using two dedicated threads that run simultaneously, effectively simulating independent sequential or asynchronous processes. In terms of throughput, the parallel mode achieved the highest overall average at 0.36 records/s, as shown in Figure 14B, surpassing both the sequential and asynchronous modes, which each averaged 0.21 records/s, according to Figures 14A and 14B. Regarding the error rate, the parallel approach had the highest average at 7.48% in Figure 14B, followed by sequential at 4.92% in Figure 14A, and asynchronous at 2.24% in Figure 14C. However, it is worth noting that the error rate is mainly influenced by network quality rather than the execution method. Overall, the parallel execution mode demonstrated the most efficient performance, effectively balancing latency and throughput. Sequential execution was the slowest, with a final latency of 5,263 ms, which probably indicates limited scalability as workload increases. Interestingly, the asynchronous mode did not outperform the parallel mode, possibly due to I/O bottlenecks or the overhead linked to non-blocking operations. Overall, the evaluation results are very promising across all execution modes. Performance measurements in a real-world environment, particularly in terms of latency, error rate, and throughput, show the architecture’s ability to handle increasing numbers of nodes without significant performance loss. These findings highlight the architecture’s scalability, reliability, and readiness for practical deployment. Table 7 provides the performance, scalability, purpose, transparency, privacy, and security comparison against the existing centralized designs for vehicle speed monitoring.

Table 7:

Comparison with the existing centralized solutions

Work	Performance	Scalability	Purpose	Transparency	Privacy and security
[16]	>90% accuracy	Need to be improved	Traffic law enforcement	Not transparent	Concerned due to centralization
[50]	Not available	Not addressed	Over-speeding detection	Not transparent	Not addressed
[51]	>90% performance	Scalable	Speed limit enforcement	Not transparent	Unclear how they are ensured
[52]	>90% performance	Moderately scalable	Traffic management	Not transparent	Concerns due to centralized design
[53]	89.3% performance	Not addressed	Over-speeding detection	Not transparent	Not addressed
[54]	Not available	Not addressed	Monitoring vehicle speed and traffic jams	Not transparent	Not addressed
This work	1 s latency, 1 record/s throughput, 0.07% error (varying NR)	Scalable (physical and performance)	General purpose	Transparency via DLT	Ensured via blockchain, HLF channels, and more (Table 6)

DLT, distributed ledger technology; HLF, hyperledger fabric; NR, number of records.

VI.

Conclusion

In Tanzania, speed detection is still mainly done manually, a method that is inefficient, labor-intensive, costly, and highly affected by environmental factors such as weather. These limitations make manual systems vulnerable to corruption, favoritism, and data forgery. Existing automated vehicle-based systems are limited in scope, mainly targeting intercity and regional public buses. Furthermore, these systems are often tampered with to alter speed data. They are mostly restricted to enforcing speed limits, overlooking the broader potential of speed data for transportation planning, road safety, insurance, and policy development. Additionally, current solutions depend on centralized architectures, making them vulnerable to data manipulation and single points of failure. To address these issues, this study introduces a novel four-layer decentralized architecture that combines IoT and blockchain technologies to develop an automated, transparent, and secure vehicle speed detection system suited to the Tanzanian context. The proposed system shows promising performance and scalability across various evaluation metrics. Key contributions and findings include as follows:

Demonstrating the feasibility of using IoT and blockchain technologies to create a transparent, secure, and automated vehicle speed data collection system.
Pioneering the integration of IoT and blockchain in the vehicle speed detection field, representing, to our knowledge, the first such effort.
Designing a versatile architecture for collecting vehicle speed data applicable across different domains.
Utilizing HLF channels to ensure confidentiality and privacy in a multi-organizational blockchain environment.
Developing a cost-effective and scalable design that uses lightweight IoT nodes suitable for rural and resource-limited settings.

Future works could explore leveraging the proposed architecture to implement transparent and secure vehicle speed data collection, as well as integrating 5G technology to enhance system performance.

A decentralized IoT and blockchain-based architecture for general-purpose vehicle speed data collection: a case study of Tanzania’s highways

Full Article

Paradigm

My account