M.Sc. — Software and Industrial Engineering
Polytechnique de Montréal · 2024 — 2025
Research bridging software architecture and industrial engineering. Capstone experiment: an empirical performance evaluation of blockchain-based, tamper-evident security logging for Advanced Air Mobility (AAM) systems — benchmarking a hash-chained database, a permissioned blockchain, and a public blockchain on one workload.
Performance Evaluation of Blockchain-Based Security Logging for Advanced Air Mobility Systems — 157,501 real UAV cyberattack events replayed through three ledgers, timing every write.
Ledgers compared
- PostgreSQL 16Hash-chained DB (SHA-256)single admin1.39 msreal-time + audit
- Hyperledger Fabric 2.5Permissioned chain · Go chaincodeknown parties · endorsement2,182 ms · 22×audit trail only
- Solana (Anchor 0.30)Public chain · Ed25519public consensus15,157 ms · 152×too slow
The problem
AAM is multi-stakeholder — operators, regulators (FAA/EASA), vertiport managers, and insurers all need tamper-evident logs of security events (GPS spoofing/jamming, DoS, replay, MITM, evil-twin), but no single party should control the audit log. A blockchain solves that trust problem yet adds latency. The experiment quantifies that trade-off end-to-end against a real-time alerting budget of under 100 ms.
On-chain code & ledgers
Three ledgers under test. Hyperledger Fabric 2.5 — a permissioned blockchain with Go chaincode (AAMSecurityContract): LogSecurityEvent / LogBatchEvents write each SecurityEvent into world state (PutState/GetState) and emit chaincode events, across a network of 3 Raft orderers, 2 organizations, channels, and an endorsement policy. Solana (Anchor 0.30) — an on-chain program logging events with Ed25519 signatures and finality, driven by a Python client. PostgreSQL 16 — a SHA-256 hash-chained ledger where each row links the previous hash, making tampering detectable without distributed consensus.
Method
A Rust parser normalized 157,501 real UAV cyberattack events (Hassler et al. quadcopter testbed — DoS, replay, evil-twin — plus synthetic GPS-spoof/jam/MITM from CICIoV2024) into a common SecurityEvent; an async load tester then replayed them at target throughput. Measured: latency (P50–P99, with P95 as the AAM alerting SLO), max sustained throughput before degradation, and security properties — hash-chain integrity, tamper detection, endorsement/signature checks, and finality. Run on Apple M2 / Docker, Fabric 2.5.10 (Raft, LevelDB) and a Solana test-validator.
Finding & hybrid recommendation
No blockchain clears the under-100 ms real-time bar — Fabric is 22× over, Solana 152× — while the hash-chained database does, with headroom (5,000+ TPS at P95 under 12 ms). But a database can only prove tampering to its own admin; a blockchain proves it to every party. The recommended design is therefore hybrid: a hash-chained database for live alerting, with a periodic blockchain anchor for tamper-proof, multi-party-verifiable audit — the database for speed, the chain for distributed trust.