Data Veriﬁcation in the Agent, Combining Blockchain and Quantum Keys by Means of Multiple-Valued Logic

: Network control of autonomous robotic devices involves a vast number of secured data coding, veriﬁcation, and identiﬁcation procedures to provide reliable work of distant agents. Blockchain scheme provides here the model of the extended linked list for the veriﬁcation of critical data, approved by quasi-random hash values assigned by external network nodes. And quantum lines are the source of high-quality quasi-random keys used as hash values. Discrete multiple-valued logic in such procedures is a simple and ﬂexible tool to form the logic linked list, combining critical internal parameters of agents with data taken from external nodes. Such combination enlarges the set of possible schemes for data protection from illegal modiﬁcations and for data restoration.


Introduction
Modern concepts of communication networks include such collective robotic components as autonomous vehicles (or Internet of Vehicles, IoV) [1,2], logistics [3], industrial machinery [4], and Internet of Things (IoT) [5,6]. As autonomous agents are based on traditional microprocessors and embedded platforms [7], then attacks of eavesdroppers are quite possible and efficient distant monitoring plays critical role. Discussions of possible methods for distant data verification has included special network protocols for mobile agents [8][9][10], quantum cryptography [11,12], schemes of distributed computing [13], blockchain (BC) methods [14][15][16], position-based cryptography [17], and non-binary k-valued discrete logic [18]. Interest to blockchain technologies for network agents can be attributed to the problem of low availability of trusted network nodes for mass robotics, as trusted systems for communication networks discussed e.g., in [19] need special equipment, personnel, and intensive monitoring procedures. At the same time, the integration of fiber-optics and wireless quantum key distribution (QKD) lines [12,20] in communication networks provides new possibilities to raise security, although QKD is a complicated and expensive tool, which has its specific vulnerabilities and can be suppressed by intensive optical noise. QKD schemes and quantum random number generators (QRNG) [21] are the high quality sources of one-time quasi-random keys, which provide the base for various data protection schemes. That is why they are also expected to raise the security level of autonomous robotic systems based on artificial intellect (AI) methods [22], which are strongly associated with the concept of collectives of intellectual agents or multi-agent systems (MAS) [23]. In Figure 1 a local network of hardware agents 0, 1, . . . is a part of nodes of the communication network, and can include mobile and static agents. As autonomous agents should be able to work without permanent personnel control due to the imitation of human abilities by means of AI algorithms [19], various verification procedures are quite actual for them, including schemes based on BC [24][25][26]. However, data protection of internal subsystems in autonomous agents is a separate problem, as an agent, see Figure 1 to the left, may include subsystems with different throughput, software and hardware complexity [27]. As a result, hardware platform for autonomous agents can be very complicated [27,28], and model debugging and data verification is the difficult problem. Communication network includes usual stationary nodes and autonomous mobile robotic agents 0, 1,…, which are the participants of a multi-agent system (MAS) and can follow some given route like agent 1. Nodes called checkpoints are to approve identity of the mobile agent and to give access to a requested service. Such nodes optionally may be participants of the trusted local network.
For the position-based cryptography task [17] and agents following the given route, verification procedures [29] should combine authentication, identification and secret coding. It is necessary to check identity and access rights of the mobile agent by verification of parols, pin-codes, licenses, digital images, and prehistory of carried out agent's tasks, what involves either the design of trusted check-points [29] or needs the estimation of trust models [30,31]. Besides this, schemes based on BC principles [32][33][34] were already designed for the collective verification of data in energy power networks, as static network agents of dishonest users can declare false data.

Modern Platforms for Robotics Positioning and Communications
Localization or positioning was considered in reviews [35,36] as a process to obtain tracked objects information concerning multiple reference points within a predetermined area, i.e., it is a procedure to identify the position of mobile/fixed devices, including smartphones, drones, watch, beacons, and vehicles using some fixed nodes and mobile computing devices. Global navigation satellite system (GNSS) in such tasks can use signals produced by global positioning system (GPS), global navigation satellite system (GLONASS), Galileo and Beidou. As the GPS device loses substantial power in an indoor setting due to signal attenuation, such systems cannot be used for indoor localization of devices. Alternative possibilities refer to ZigBee, Bluetooth, Radio Frequency Identification (RFID), cellular networks (including LTE and 5G), ultrawideband (UWB), frequency modulation (FM), inertial sensors and Wi-Fi. Some hybrid approaches are also possible. Most common techniques for localization include time-of-flight (TOF) measurements and received signal strength indicator (RSSI) signal measurements, utilizing the distance between known fixed stations and the target device, or fingerprint-based location estimation.
Vehicular ad-hoc network (VANET) [37] was based on the link-layer communication (IEEE 802.11p) and has included the data exchange between the high-speed vehicles in the licensed band of 5.9 GHz (5.850-5.925 GHz). VANET differs from other ad-hoc networks by high mobility, dynamic topology, frequent data exchange, unbounded network size, Figure 1. Communication network includes usual stationary nodes and autonomous mobile robotic agents 0, 1, . . . , which are the participants of a multi-agent system (MAS) and can follow some given route like agent 1. Nodes called checkpoints are to approve identity of the mobile agent and to give access to a requested service. Such nodes optionally may be participants of the trusted local network.
For the position-based cryptography task [17] and agents following the given route, verification procedures [29] should combine authentication, identification and secret coding. It is necessary to check identity and access rights of the mobile agent by verification of parols, pin-codes, licenses, digital images, and prehistory of carried out agent's tasks, what involves either the design of trusted check-points [29] or needs the estimation of trust models [30,31]. Besides this, schemes based on BC principles [32][33][34] were already designed for the collective verification of data in energy power networks, as static network agents of dishonest users can declare false data.
Blockchain-based software for UAV is expected to provide flexibility, dynamics, and onthe-fly decision capabilities. UAVs can be integrated potentially into the Internet network, providing access to cloud computing and web technologies for the realization of smart IoT systems.

Blockchain-Based Verification Schemes for Network Agents
Principally, methods of data verification for agents and MAS can include various traditional technologies [12], including parity bits checking, cryptography algorithms and biometrics, as well as exhausted methods of model checking [45], temporal logic and Kripke diagrams [46,47]. Unfortunately, known BC schemes [14,16,32] designed for crypto currencies mining scarcely can be directly used for data protection of robotic agents and their internal subsystems, mainly due to energy expenses, high cost, limited throughput of microprocessors, and incompatibility of specialized technical tasks of robots with basic Proof-of-Work and less expensive Proof-of-Sake schemes [48,49]. Respectively, the design of secured and reliable agent's devices for mass robotics, IoT, and IoV stimulates the search of more simple and flexible verification schemes for distant monitoring of static and mobile agent's behavior. It is substantial, that BC-based schemes for trust parameters estimation of stationary agents in power grid networks [32][33][34] has already demonstrated the effectiveness of collective detection of dishonest user's nodes by means of polling of neighboring nodes and evaluation of the trust parameters by collaborating network nodes.

Multiple-Valued Logic for Data Verification Based on Blockchain Scheme
Multiple-valued logic (MVL) version of the linked list [19] has used partially the BC scheme [14][15][16][32][33][34]48,49] and was aimed at data verification in case of faults. Such method bases on original property of k-valued Allen-Givone algebra (AGA) [50] to aggregate correctly arbitrary variables into logic functions, to form logic linked lists of entries, and to obtain protective logic expressions, preventing from illegal modification of logic product terms. It is substantial, that MVL-based linked list (MVLL) [19] can also model quantum verification protocol of position-based cryptography [51], thus demonstrating the possibility to combine quantum and classic verification procedures. Further research of AGA model [19,29] was also motivated by some earlier papers like [52,53] and e.g., by MVL scheme [54] based on lattice models and the theory of sets.
MVLL [19] is the model for distributed or collective data storage of entries e = e 1 , . . . , e p , containing sets of p critical parameters of the mobile or the stationary agent, verified by collaborating agents and network nodes, participating in the collective protocol. Here the difference between collaborating agents and nodes mainly refers to levels of trust assigned to interacting devices. e.g., for route verification task trusted check points always should be assigned the highest trust and priority level, as other collaborating network nodes are motivated to take part in the joint protocol by mutual service or fee, and should be appreciated by lower trust values. But before the detailed design of trust estimation schemes for mobile robots one should work out adequate verification procedures involving all possible resources of agents and network nodes.

Internal and External Data Verification Procedures of the Network Agent
Distant control of autonomous robotic agents involves at least two types of tasks greatly differing by the time response. Such basic AI tasks as e.g., logistics, building work, following the route, interaction with check-points, takes long time intervals (days, weeks, months etc.) and the time moment for the end of task can't always be predicted precisely. Also verification procedures for digital licenses and documents may be requested optionally by other participants of the network. In contrast to this, the second type of control processes refers to internal systems of the agent, which typically use rigid short time work cycles (µs, ms, s) [55] for control of numerous sensors and actuators. Thus, complex data verification procedure of the autonomous agent should include both types of time processes. In order to make verification data unpredictable for possible eavesdroppers, verified parameters should be masked or even secretly coded by one-time quasi-random keys, traditionally used in the most reliable one-time cipher pad method of secret coding [56], which is the final aim of any QKD line realization [12]. For internal systems such quasi-random codes also can be done one-time and actual only for short time intervals, i.e., they should be renewed for a selected or every new work cycle. Then quasi-random keys are preferably to be generated by either a QKD line [20], or by a quantum random number generator (QRNG) [21] and random oracle [57] for simplified and less protected variants. Used for verification hash values from external and internal components of the agent are to be mixed with technical parameters written in the distributed linked list. But in contrast to blockchain schemes in cryptocurrency mining [25,26,48,49] and software bots for stock trading [58], autonomous hardware robots can provide very limited resources for additional verification as they are initially intended to carry out highly specialized work. Thus, the possibility of data verification inside the agent strongly depends on its internal structure of subsystems, whose most typical examples are listed in Figure 1 to the left. Here the simple way to unite various internal and external verification schemes in one agent seems to be based on the earlier proposed MVLL model of the distributed ledger or the linked list [19], which is to be additionally approved by some internal and external technical parameters besides externally assigned hash values.

Possible Sources of Quasi-Random Keys for Hashing Procedures
As any computerized device the distant autonomous agent can be damaged by a physical impact on its embedded computer, or can be infected by a computer virus [12]; possible attacks [59,60] can be also aimed at internal data buses, memory and service devices. These hardships makes actual involvement of QKD lines, as the interest to quantum keys for wireless network robotics bases on the principles of modern cryptography, according to which the well-known Vernam code or close to it one-time cipher pad method [56] with random one-time keys is the most reliable cryptography scheme. Due to the non-cloning theorem [61] QKD lines are in fact the way to exclude long-range distant storage of secret keys by means of their quick enough generation for every new communication session. But as the throughput of quantum lines is not enough for massive stream secret coding, and its length is limited by~100 km [12], this method has now mainly nice applications, its drawbacks are the high cost and the possibility of suppression by intensive noise, what is especially actual for wireless robotics communications. Also QKD line itself can be vulnerable to some specific types of quantum and classical attacks [12], and the access of non-loyal personnel to agent's equipment can cause data leakages. Besides this, attempts to design purely quantum verification schemes for position-based cryptography in mobile systems [17,62] has given only partial improvement and unconditional security was not still obtained, as well as quantum bit commitment schemes still were not realized. Also it is the too expensive and complicated tool to be used in internal data buses in the agent. However, the research of QKD lines [20] has drawn conjugated investigations of quantum random number generators (QRNG) [21] and the position-based cryptography (PBC) scheme [57], involving random oracle model [17] based on memory device and MVL function learned by a QRNG. Such method was adapted for the verification of visits of mobile agents to check-points, conjugated with the quantum protocol by D. Unruh [51] using entangled photon pairs. The principal possibility to apply random oracle as a more simple alternative source of quasi-random keys for MVLL is a way to design new verification procedures and to avoid partially the use of trusted checkpoints. However, before the design of future schemes to estimate the trust level of mobile agents and static check-points, one should work out effective non-quantum methods to keep reliably critical data in distant agents and consequently to verify data written in them, as well as to check prehistory of agent's work activity and passed routes.

Heterogeneous Logic Models in Modern Controllers
The motive to apply heterogeneous logic models in the agent [18,19] and to combine Boolean and MVL logic in it is determined by the fact, that verification procedures in a robotic agent refers not only to PC's microprocessors, but also to controller devices based on the closed loop control and equipped with own microprocessors [55] with lower throughput. Traditional types of such devices are mostly represented by proportional-integraldifferential (PID) [63] and fuzzy logic controllers [64][65][66]. However, modern investigations reveal the stable trend to further integration of PID and fuzzy logic in controllers, see e.g., [64]; respectively, this paper has demonstrated the actuality of heterogeneous logic models not only for agents level [18], but also for the level of internal controllers. The socalled fuzzy-fractional order-proportional-integral-differential controller (FFOPID) in [64] has provided improved non-linear characteristics modelled by non-linear polynomials. Fuzzy logic in this FFOPID scheme has provided fast approximate computing and simple learning of the system, but has needed correct emulation of specific operators of the fuzzy logic.

The Goal of the Paper
The final goal of the proposed further extended version of the MVLL [19] is to combine more complicated and intellectual robotic data procession procedures with BC-based schemes, secured from illegal modifications and capable for self-checks and self-restoration in case of fails and faults. The scheme disclosed in this paper is the step to approve critical task parameters and control signals of internal subsystems of the agent by external network nodes. Such distributed storage of verification data is necessary in cases, when data taken from different sources contradict each other and need detailed verification. Then the sequential matching of data copies extracted from external and internal backups can help to restore reliable work and avoid blocking of the robot.
The aim of the proposed paper is to design the new data verification scheme for mobile agents, complementing earlier proposed version of the MVLL by the documented data exchange between external nodes and internal data storages. The expected advantage here is the diversity of verification methods in case of faults and errors.

Methods: MVL Linked List as the Data Protection Model
MVLL method [19] bases on discrete -valued logic and partially uses the idea of mixing data blocks in BC schemes by combining quasi-random hash values with real values of variables in the last and in one of previously formed entries.

Logic Functions of the Multiple-Valued Allen-Givone Algebra
Detailed description of basic calculations within discrete k-valued Allen-Givone algebra (AGA) [50] was given in, e.g., [18,19]. The choice of this version of logic calculus was determined by the simplicity of its basic operators and the flexibility of design of multiparametrical functions. In contrast to binary Boolean logic, AGA function y = f (x 1 , . . . , x n ) can be given by n input variables x 1 , . . . , x n and one output variable y, which may be assigned k discrete truth levels, i.e., x 1 , x 2 , . . . , x n , y L = {0, 1, . . . , k − 1}. The complete set of its logic operators [50] < 0, 1, . . . , k − 1, X(a, b), , + > (1) guarantees the possibility to represent arbitrary function y = f (x 1 , . . . , x n ) as some combination of logic constants 0, 1, . . . , k − 1, binary operators Min(x i , x j ) marked by ( ) and Max(x i , x j ) marked by (+); also unary operator X(a, b) is being used, which is called Literal. Operators Min and Max, respectively, choose either the minimal value in the pair x i and x j , or the maximal one. Literal is defined as Exp. (2) where for any X(a, b) always b ≥ a, and a, b ∈ L = {0, 1, . . . , k − 1}. For verification procedures the advantage of AGA [18,19] is namely the guaranteed possibility to obtain correct logic expression for arbitrarily given data, where the only possible algorithm for calculation of MVL functions excludes alternative illegal procedures for eavesdroppers. The drawback of such functions is some unpredictability of calculation time for unknown sets of data, as the minimization for MVL is very wasteful [50].
MVL truth table [50], see Table 1, partially resembles the Boolean ones, but contains much more rows whose number attains k n −1, where k-is the number of discrete logic levels, and n is the number of input variables. If one has composed MVL truth table, then every its row has equivalent logic expression written to the right of Table 1. The column for output variable F(x 1 , . . . , x n ) should be arbitrarily filled in by logic constants from the set C = {0, 1, . . . , k − 1}. Respectively, if constant F is 0, then the product term of this row is also equal to 0. Note that Literal operators to the right to Table 1 includes equal values a and b.
If one use equivalent matrix representation of MVL function [29], which was formed by data taken from the truth table (Table 1), then matrix C in exp. (4) will have only one-column, and exp. (3) can be written as arrays where b ij ≥ a ij , n-the number of input variables, k-the number of truth levels. Matrixes A u and B u in Exp. (4) define parameters a and b in Literals X j (a, b). Due to very large possible number of rows in the MVL truth table [50], the real system scarcely can use all possible k n rows. As MVL minimization by consensus method [50] for composed MVL function can shorten the number of product terms and change parameters in matrixes A,B,C, it can hide illegal modifications done in memory. In any way, all possible transformations of AGA expressions are based on the subsuming property of MVL product terms [50].

Possible Attacks Aimed at MVL Product Terms and the Role of Subsuming
As cheaters potentially can modify AGA formalisms written in the memory of the agent, then all possible illegal modifications of MVL function are grouped in Table 2. Adding of one new PT with fake logic constant C * and previously used real parameters a, b.
Result: Subsuming of the real PT by the fake one and incorrect logic values for real data of variables x 1 , x 2 , x 3 . Protection: Monitoring of the set of logic constants C for all PTs.
Adding of one new product term (PT) with real constant C and fake parameters a * , b * . 36). Result: Subsuming of the real PT by the fake one, logic value 12 will be incorrectly assigned to the widened set of values for variables x 1 , x 2 , x 3 , but not only to real ones. Protection:

1.
Method of blocking logic terms [19] for a * , b * beyond the real band.

2.
Monitoring of a set of of real parameters a, b.

3.
Adding of one new product term with fake logic constant C and fake values a * , b * .
Method of blocking logic terms for a * , b * beyond the real band.

2.
Monitoring of sets of real logic constants C and parameters a,b.

4.
Deleting of the PT, i.e., replacement of the logic constant C by C * = 0 in PT.
Result: Deleting of the whole PT will cause the change in the overall number N pt of PTs in the MVL function. Protection: Monitoring of numbers: m of product terms, real logic constants C, and parameters a, b.

5.
Replacement of the logic constant C by fake C * = 0 in some PT, parameters a, b are real.
Result: Values of fake C* are assigned to correct values of a,b: 34). Protection: Monitoring of sets of real constants C and parameters a, b.

6.
Replacement of real a, b by fake ones a * , b * in Literals X i (a, b) of one PT.
Result: Incorrect values of C are assigned to fake values. Possible protection: Method of blocking logic terms for a * , b * beyond the real band. Product terms, subsumed after possible attacks are shown crossed out in Table 2. The analysis of given schemes of attacks aimed at MVL formal expressions shows the necessity to combine at least two basic schemes for data protection. Three types of attacks (NNs 2,3,6 in the Table 2) can be protected by the earlier proposed method of blocking product terms [19], describing all possible intermediate rows of the truth table located between two given rows. However, other types of attacks 1,4,5 need methods to monitor integrity of parameters of MVL functions. But here MVL version of BC-based schemes gives the method to form the protected from modifications linked list with confirmation by distributed external and internal parameters. Advantage of AGA functions calculations is that they are based on logic primitives and always use the only possible algorithm, thus they has no specific vulnerabilities for traditional attacks [12,18,19].

MVL Scheme of the Linked List
Principally, initial MVLL scheme [19] includes two protective tools: (1) duplicating notation of the same message in the last and in the previous entries like in BC schemes [25,26], and (2) the approval of data by quasi-random values of the hash function, assigned by the set of external distant nodes. Any attempt to modify data in the MVLL will need to modify at least two rows in the truth table of the linked list, approved before by two sets of externally assigned hash values. That is why the first way to use MVLL is to detect attacks 1,4,5 in Table 2 by comparison of entries, written in internal and different external parts of the linked list. The second way is to use blocking terms [19] preventing from 2,3,6, types of attacks.
In order to write the new entry e to MVLL [19], the mobile agent (called the prover in route verification tasks [41]) declares the new entry to Q collaborating nodes (or verifiers) by sequential mailing according to the list of participants of the protocol. First of them assigns the time stamp t, and each of verifiers should assign its quasi-random hash value h to the received entry e. These hash values are to be preliminary generated by QKD lines and accumulated in nodes in order to provide maximal unpredictability of data.
One of assigned hash values should be used as the output value of the MVLL function, confirming every entry in the MVLL. After the acquisition of external hash values, mobile agent sends the complete set of data m, t, e m = {e 1,m , . . . , e n,m }, and h = h 1 , . . . , h Q to external participants (i.e., "witnesses") for their backup storage copies, formed individually according to known common rules. The absence of the verifier's reply due to faults and switched-off mode is to be fixed by zero.
In general case one can form the linked list function F ll [19] by product terms, containing pairs of entries obtained at different time moments t m and t m−s , where m is the number of the last entry; s is the shift of the number for the previous entry. Function F ll responds to Definition 1 and Exp. (5). [19]. Logic ledger function or a linked list of logic entries is given within AGA as a hash function  [19] MVLL has used only the shift s = 1. Respectively, the truth table for MVLL can be given by Table 3.

Method of Additional Blocking Product Terms in the Linked List
This method [19] can prevent from attacks 2,3,6, based on adding of fake constants and excessive Literal parameters, given in Table 2. It uses the scheme to generate blocking product terms PT − , providing subsuming of all illegally added product terms located in the truth table between any two given rows e.g., between entries e m and e m−1 . In order to apply it, the participants of the protocol should by default use constant k − 1 only as the selected parameter for minimization procedures [18], which will always subsume all added product terms with any lower constants. For practice it is more comfort to represent steps 4 and 6, which were used in Algorithm 2 in the paper [19], as an Exp. (7) for i-th Literal, where indexed parameters a, b are written as x i , = x i for both entries: As it is not correct to mix operators of AGA and Boolean logic [18], here operations MIN and MAX are considered as Boolean emulations of exp. (2) combined with adding or subtraction of 1. Then basing on definitions and Algorithm 2 [19] one can write logic expression, which combines two real product terms PT + m−1 and PT + m , responding to entries with logic constants equal to numbers m and m − 1, and the blocking term PT − m−1,m with the logic constant k − 1. Final exp. (8) obtained e.g., for 3 variables will be where any X i x i , = x is given by Exp. (7).
As additional blocking segment PT − m−1,m will enlarge the overall number of product terms and the computing time for~50%, it may be reasonable to use it as a separate page (or a part) of the MVLL.

Results: Combined Hashing Scheme for MVL Linked List
In contrast to the paper [19], the modified MVLL scheme additionally uses: (1) data, calculated by internal susbsystems of the agent, (2) binary XOR hashing of data of internal subsystems, and (3) selected parameters of external nodes.

Modified MVLL with Mixing Data from Internal Subsystems and External Nodes
The proposed scheme of data transfer for the network mobile agent is given in Figures 2 and 3, it involves partner agents A 0 and A 1 and Q collaborating network nodes V q , considered as verifiers V like in [29,51]. It suppose three basic procedures I, II, and III marked by red, blue and green arrows. Steps I and II are shown in Figure 2, and step III is given in Figure 3.
The main task of step I in Figure 2 is to provide agent A 1 by the set of quasi-random keys by means QKD line, and to transform the finally processed quantum key into the subset of fragmented quasi-random keys written in subsystems S 2 , . . . , S N . Thus, data flow I (red) supposes periodic loading of the mobile agent by quasi-random keys, received via the wireless QKD line [67,68], connecting agent A 0 with mobile agent A 1 in the trusted service zone providing appropriate level of security. The generated key is to be further fragmented to the set of 8-bit one-time quasi-random keys in order to adapt the system for 8-bit microcontrollers. These keys are to be accumulated and used for internal verification procedures, the needed throughput of quasi-random numbers source may be even less than ∼ 1 Kbit/s. In the considered verification scheme the source of so-called entangled photons from route verification scheme [29] is not obligatory, and can be changed for any lowthroughput QKD line, providing generation of quasi random one-time keys. For simplicity internal subsystem S 1 is shown as one supervisor module to control data exchange between external and internal devices. Appl. Syst. Innov. 2023, 6, x FOR PEER REVIEW 12 of 35

Figure 2.
Steps I and II of the procedure to obtain the set of verification data for the joint linked list in the agent 1 , combining data of internal subsystems 1 ( ) , . . . , ( ) and quasi-random keys ( ) y means of hashing functions (2) , … , ( ) .
When the set of shortened fragmentary quasi-random keys is formed, then the supervisor module 1 chooses the time moment to generate the new entry for MVLL according to the agent's task. This moment may e.g., respond to the visit to the next checkpoint. Then module 1 activates the step II (tagged by blue arrows) to form the new entry, which includes the sequential polling of internal subsystems 2 , … , to receive preliminary selected parameters for the external backup. Further internal hashing procedure should approve these data. Here for simplicity we do not consider any routine communications between the agent and external nodes which may interrupt the process.
Step III of the procedure is shown in Figure 3 and refers to the external distributed storage formation [19], which partially use blockchain scheme [25,26] with network protocols like e.g., [69,70]. In contrast to MVLL version proposed in [19], the new one may use more verification data from external nodes. E.g., space coordinates ( , , ) of the mobile checkpoint node can be useful to approve the passed route of the mobile agent. Polling of free collaborating nodes (first green arrow) is to be done according to the initially given list of participants, and the reply transfer (backward oriented green arrow in middle) returns assigned quasi-random hash values and possible additional technical parameters. After the polling procedure the agent 1 should resend the completed new entry to all involved participants (third green arrow). Data extraction from distributed external storages is supposed to be especially requested.  Step III of the procedure to obtain the set of verification data for the joint link discloses the interaction of agent 1 with external verifiers 1 , 2 , … , , combining data o subsystems and external verifiers.

Possible Sources of Short Fragmented Keys
As QKD line can be blocked by intensive optical noize of any nature, al sources of quasi-random keys principally can be included into the scheme. These with lower level of privacy principally can be realized by the MVL-based schem random oracle [57] or by a quantum random number generator [21]. Such alte Step III of the procedure to obtain the set of verification data for the joint linked list. It discloses the interaction of agent A 1 with external verifiers V 1 , V 2 , . . . , V Q , combining data of internal subsystems and external verifiers.
When the set of shortened fragmentary quasi-random keys is formed, then the supervisor module S 1 chooses the time moment to generate the new entry for MVLL according to the agent's task. This moment may e.g., respond to the visit to the next check-point. Then module S 1 activates the step II (tagged by blue arrows) to form the new entry, which includes the sequential polling of internal subsystems S 2 , . . . , S N to receive preliminary selected parameters for the external backup. Further internal hashing procedure should approve these data. Here for simplicity we do not consider any routine communications between the agent and external nodes which may interrupt the process.
Step III of the procedure is shown in Figure 3 and refers to the external distributed storage formation [19], which partially use blockchain scheme [25,26] with network protocols like e.g., [69,70]. In contrast to MVLL version proposed in [19], the new one may use more verification data from external nodes. E.g., space coordinates (x, y, z) of the mobile checkpoint node can be useful to approve the passed route of the mobile agent. Polling of Q free collaborating nodes (first green arrow) is to be done according to the initially given list of participants, and the reply transfer (backward oriented green arrow in middle) returns assigned quasi-random hash values and possible additional technical parameters. After the polling procedure the agent A 1 should resend the completed new entry to all involved participants (third green arrow). Data extraction from distributed external storages is supposed to be especially requested.

Possible Sources of Short Fragmented Keys
As QKD line can be blocked by intensive optical noize of any nature, alternative sources of quasi-random keys principally can be included into the scheme. These variants with lower level of privacy principally can be realized by the MVL-based scheme of the random oracle [57] or by a quantum random number generator [21]. Such alternatives does not disturb MVLL procedures.
Step I (red arrows) in Figure 2 basically suppose the periodical work of the wireless QKD line, providing quantum keys distribution for agents A 0 and A 1 . The most secured level of QKD line is due to quantum mechanics and non-cloning theorem [61], which guarantees that if all basic protocols were carried out exactly, the generated key is known only to a pair of interacting abonents Alice and Bob with small enough probability of errors (see, e.g., review [12]). Modules Alice and Bob, see Figure 4a, use the conjugated pair of quantum and classical data lines and exploit specialized procedures, reglamented by cryptography standards by NIST [71], what limits the possibility to get inside and to add any additional verification procedures. Alice's and Bob's modules are to be integrated into internal subsystems of interacting agents, but MVLL procedures scarcely can be added into Bob module, and the separate verification subsystem S 1 is needed. As all certificated QKD lines provide at least NIST tests for randomness [71,72], the "block" test passing is guaranteed including 8-bit variant. Then the procedure for fragmenting of quantum data array into 8-bit fragmented keys can be choosen arbitrarily. Less protected versions, shown in Figure 4b, refer to alternative sources of quasi-random numbers like AGA-based random oracle [57] and QRNG [21].

Acquisition of Internal Parameters of the Agent and Their Hashing
Algorithm for acquisition of internal verification data is proposed in Algorithm 1. Every of subsystems modules S 2 , . . . , S N shown earlier in Figure 2 receives randomly given fragmented keys and uses them in calculation of hashing function H (n) (r,p), where p includes current values of output variables of the subsystem n, and r is a fragmented key. Components of p are preferably to be written in internal SRAM of a subsystem during the verification procedure, in order to be extracted in case of the detailed check. Coded by hashing procedure output variables are to be returned back from S 2 , . . . , S N to the verification module S 1 , this process is shown by the blue arrows in Figure 2. Such mapping is to prevent direct illegal data reading from digital buses and is to check the operability of the subsystem in the coded form.

Acquisition of Internal Parameters of the Agent and Their Hashing
Algorithm for acquisition of internal verification data is propo Every of subsystems modules 2 , … , shown earlier in Figure 2 rece fragmented keys and uses them in calculation of hashing function cludes current values of output variables of the subsystem , and Components of are preferably to be written in internal SRAM of the verification procedure, in order to be extracted in case of the detai hashing procedure output variables are to be returned back from 2 , … tion module 1 , this process is shown by the blue arrows in Figure 2 prevent direct illegal data reading from digital buses and is to check t subsystem in the coded form.  with much greater rate than external messages are received. Here for simplicity we suppose that all variables are calculated sequentially, where the sequence of operation responds to values n = 1, 2 . . . , N, although the real time grid of their outputs can be more complex.

Two-Steps XOR Hashing in Agent's Subsystems
It seems more appropriate to use in internal subsystems (where possible!) simple and well-known binary logic hash functions in order to apply commercial modules and to shorten calculations. Principally, for hashing procedures one can design some MVL functions, but this seems to give advantages only in combination with specially planned AI procedures for subsystems, which are not discussed here. As it is being widely used in classic and quantum cryptography procedures [51], the well-known binary operator XOR (⊕) [73,74] can be the first recommended variant for internal hashing, combining one-time quasi-random fragmented key r (n) d and the set of w n output parameters p (n) w n of the subsystem S n . Operator XOR is typically included into specifications of microcontrollers [74] and needs only 1 work cycle; it is oftenly tagged as XRL in microassembler specifications. Such two-stage hashing procedure is shown in the Table 4. The first step is to be calculated in internal subsystems S 2 , . . . , S N . of the agent A 1 . The second step of hashing is to be done in the supervisor module S 1 in order to minimize additional calculations in S 2 , . . . , S N . Subsystem S 1 assigns counter n = 2; As S 1 is the service subsystem!

2.
Subsystem S 1 sets clocking signal ("write") to S n ; transfer r (n) d n to subsystem S n ; 3.
Subsystem S n writes transferred r Exit.
Output: H (n) → The set of data for the second step of hashing As it was shown in Section 2.2, several types of attacks aimed at MVL model can be based on modification of parameters of logic functions, written in the general format exp. (2) as arrays A, B,C describing subsystems of the agent. That is why XOR hashing can be directly used for data protection of such arrays. This procedure is more visually shown in Figure 5, where quasi-random key s r (n) d n may be either given as additional matrix elements in rows, or processed as additional separate column. Calculation of XOR hash values is firstly to be done for rows and then for column, it is the most simple and universal procedure to verify illegal modifications of the MVL function. Table 4. Two steps of the internal hashing procedure of the agent A 1 .

I
Step  (r, p) . . . H (N) (r, p) calculated in S 1 ments in rows, or processed as additional separate column. Calculatio ues is firstly to be done for rows and then for column, it is the most si procedure to verify illegal modifications of the MVL function.

Formation of Modified MVLL with Internal and External Parameters
According to Figure 2  Note that data for external ledger should respond to 32-64 bit format of data, as internal microcontrollers or FPGA for IoT devices can mainly use 8-bit or sometimes 16-bit formats [75]. In any way, proposed formal procedures leave enough freedom of choice either to complement data by 0s for the necessary number of elder bits, or to sequentially unite bytes of several variables into one variable, or to combine both variants. h (out) = h (1,1) X m (1, 1) X t (t 1 , t 1 ) X e,1,1 (e 11 , e 11 ) . . . X e,p,1 e p,1 , e p,1 X e (e) ,1,1 e (e) 11 , e

Results: MVLL Scheme for Route Verification Task
As position verification methods may combine GPS, lidar, and computer vision systems, the route planning and the tracking estimation for mobile agents involves the problem of precision of data [76], influenced by the speed of mobile agents and satellites disposition. The controlled range for space coordinates can vary from centimeters up to thousands of km, and it is necessary to provide enough accuracy for all possible distances. First variant here is to apply correlated variables in the discrete k-valued logic model of AGA [18,19], where one can represent space coordinate x e.g., as 1560 m = 1 km + 500 m + 60 m+.... by the summation However, for the MVLL in route verification task there is the second possible scheme to apply purely formal representation excluding summation as in Exp. (13). It is based on the fact, that the distributed backup storage of MVLL should only measure and approve the correctness of data, as the value of coordinates discrepancy is required further at the stage of decision-making. Thus, verification or comparison of data from different storages mainly includes formal checks equal/non-equal, and further procedures are the another task. So that if unique GPS coordinates are represented [77] by a popular format, say, 57"45,4682, one can write it e.g., as the set of numbers {57}, {45}, {4682} = #{00111001}b, #{00101101}b, #{00010010; 01001010}b, fixing by default the position of separating tags. Advantage of formal AGA model is that for any bit format of space coordinates they can be quickly represented by several bytes in logic expressions with known by default rules for reverse reconstruction of geographical degrees, minutes, and seconds. For the route vefification task the difference between the given and the real route should be finally described by the deviation function F eval , which should estimate the difference between space coordinates x, y for the planned route and measured coordinates x (e) , y (e) : F eval = F(N agent , N license , x, y, x (e) , y (e) ). Close case here is the comparison of coordinates obtained by different GPS receivers, installed in navigation systems of the check-point and the mobile agent. Then the simplest way is to use MVLL with formal representation of coordinates. Realistic version of 8-bit MVLL seems to be represented by the entry described by Exp. (11) where m is the entry number in the ledger, t-time of registration by the first of external verifying nodes, ID agent -digital identifier of the agent (for simplicity we suppose it to be 1 byte), N lic -license number (also 1 byte), x (1) , x (2) , x (3) , x (4) describe 4 bytes of space coordinates, and data marked by ( e ) refer to another source of data, e.g., to the check-point.
Respectively, the resulting MVLL will be the set of m. product terms using pairs m/m-1 of entries given by Exp. (12) and combined by operators MAX from exp. (1). Principally, if a real system uses too many variables, it is possible to form one large scale MVLL as a common table of parameters, where several linked volumes or linked pages can be formed by some samplings of its variables in order to shorten the computing time for different procedures. Respectively, we has already mentioned above the possibility to use the set of blocking terms as a separate page of MVLL. Then such MVLL is to use several basic parameters m, t, ID agent , N license for linking of pages. Another potential application for multi-page versions of MVLL is the detailed description of the history of routes by means of hash functions h (m,m−s) [19], where s > 1. But such versions of MVLL are out of the discussion here.

Results: MVLL in Microcontroller Module
As data verification in the hardware agent involves the local set of embedded microcontrollers [27], microassembler software is the priority tool for the design and debugging of such procedures. However, many popular platforms e.g., Arduino [79] are aimed at separate tasks with limited complexity and have too few parallel&serial ports for distributed schemes with AI procedures and flexible interaction of agent's subsystems. In contrast to them classical 8-bit microcontroller MCS-51 [74] is slow enough (up to 24-33 MHz), but provides greater fan-out due to its 4 independent parallel 8-bit banks including two serial ports. That is why MVLL software illustrations are shown further for the special dual-chip circuit board used in [19], which was proposed earlier for modelling of agent's AI functions and fuzzy logic, but which is also appropriate for modelling of MVLL. Such scheme is the way to design more complicated algorithms, as internal memory of MCS-51 can include only 500-600 microassembler instructions. As the set of embedded inctructions in MCS-51 typically provides very limited (64 kB) capacity of external SRAM, external trigger registers were used for the adressing of 1 MB external SRAM, what reduces time response but provides more flexibility.
Test programs for microcontrollers MCI and MCII were emulated by microassembler for MCS-51, simulator AVSIM and chip programmers KROT-MK and MASTER.
If the dual-chip module shown in Figure 6 is used as the model supervisor subsystem S 1 , then signals coming from S 2 , . . . , S N can be loaded via input 8-bit bus connected to banks (or ports) P0 in both microcontrollers MCI and MCII. Respectively, output 8-bit bus can be involved for the transfer of data to subsystems S 2 , . . . , S N via MCIII and trigger registers Rg 4-7. In the dual-chip scheme microcontroller MCI is specialized for clocking of input signals, their procession, and read/write procedures; the second microcontroller MCII is mainly used for output signals control. Such dual-chip modules can be cascaded via digital buses.
Basic parameters were chosen as follows: Values of last two parameters were chosen to shorten the principal scheme. The dual-chip scheme in Figure 6 contains a pair of 24 MHz ATMEL microcontrollers MCS-51 and has 512 KB ROM and 1 MB SRAM chips commutated to common 8 bit buses. ROM is principally necessary here to keep the backup data structure for data restoration in SRAM, ID identificator of the agent, license number, and the initial list of loyal network nodes. Trigger registers Rg1, 2, and 3 are used for addressing of SRAM, and CE, OE, WE are to control read/write procedures. Data from SRAM and ROM are to be loaded via banks P0 of MCI and MCII. Microcontroller MC1 has free pins in the port P3 for interaction with external decision-making module, which is out of discussion here. Port P3 in MCII is involved in clocking, e.g., pins P3.0-P3.4 control read/write procedures for S 2 , . . . , S 4 . Inverse signal P3.0 initiates S 2 , . . . , S 4 to read the next fragmented 8-bit key, and P3.1 sends them instruction to write the next hash value H (int) . For larger N one can use MCIII and additional registers. Values of last two parameters were chosen to shorten the principal scheme. The dual-chip scheme in Figure 6 contains a pair of 24 MHz ATMEL microcontrollers MCS-51 and has 512 KB ROM and 1 MB SRAM chips commutated to common 8 bit buses. ROM is principally necessary here to keep the backup data structure for data restoration in SRAM, ID identificator of the agent, license number, and the initial list of loyal network nodes. Trigger registers Rg1, 2, and 3 are used for addressing of SRAM, and , ̅̅̅̅̅ ̅̅̅̅ , ̅̅̅̅̅ are to control read/write procedures. Data from SRAM and ROM are to be loaded via banks P0 of MCI and MCII. Microcontroller MC1 has free pins in the port P3 for interaction with external decision-making module, which is out of discussion here. Port P3 in MCII is involved in clocking, e.g., pins P3.0-P3.4 control read/write procedures for S2,…,S4. Inverse signal 3.0 ̅̅̅̅̅̅ initiates S2,…,S4 to read the next fragmented 8-bit key, and 3.1 ̅̅̅̅̅̅ sends them instruction to write the next hash value ( ) . For larger one can use MCIII Figure 6. Version of two-chip circuit board [19] used for modelling of MVLL and interaction between subsystems S 1 and S 2 , . . . , Sn in the agent.
As an agent should process sensor data and transfer messages to external computers, chip MCIII in Figure 6 is to control peripheral modules, sensors, buffer SRAM, ADCs, DACs, step motors, and actuators. The circuit board shown in Figure 7 was used as the test subsystem with the serial link to PC.
Microcontroller MCS-51 can form and transfer data arrays with the length of 256 bytes accumulated in the buffer SRAM. Dual-chip scheme in Figure 6 is to be connected to the port P0 in MCS-51 in Figure 7 via MCIII, free ports P1-P2 commutated by the 8-bit data bus, and free pins. The model MVLL function was chosen as Exp. (13) h (out) =  Microcontroller MCS-51 can form and transfer data arrays with the length of 25 bytes accumulated in the buffer SRAM. Dual-chip scheme in Figure 6 is to be connecte to the port P0 in MCS-51 in Figure 7 via MCIII, free ports P1-P2 commutated by the 8-b data bus, and free pins. The model MVLL function was chosen as exp. (13) , (2) , (3) , (4) , ( ) , ( 1) , ( 2) , ( 3) , ( 4) , where space coordinates were considered as formal non-correlated logic variables. In o der to adapt the circuit boards to such MVLL, special SRAM structure should be used which is briefly shown in Table 5 and is disclosed in details by Table 6.     Table 5 contains four equal parts. The first one refers to the internal version of entry e m and contains Literal's parameter. During initial formation of the MVLL from the given truth table (Table 1) namely equal values a = b for Literals X(a, b) are to be written in the MVLL. However, for practical applications the minimization may be used in order to shorten the calculation time. The efficiency of this procedure will depend on the specificity of data, and in the general case the number of entries m may differ from the real number of product terms in MVLL. That is why one should obligatory reserve the second identical part of SRAM for Literal's parameters b, which can be activated by the increment of addresses #A18-A16 from 000 to 001. All other addresses will be the same. The third and the fourth parts of the SRAM refer to parameters a and b taken from the external request or verification task; they may be activated by #A18-A16=#100b and #101b. If one should approve only the presence of an external entry in the MVLL, this external entry is to be written to #A18-A16=#100b, but if one should approve the identity of external MVLL, both addresses #100b and #101b will be needed for parameters a (e) and b (e) . Other free addresses can be involved for other external copies of MVLL. Parts of MVLL (with #A18-A16=#{000b, 001b, 100b, 101b} has the structure, shown in Table 6. For every of entries e m besides its number m, m ≤ M = 256, and the time stamp t m , its SRAM segment contains the store of fragmented quasi-random keys r The proposed MVLL structure saves enough unused cells and can be further optimized. One should especially note that as the register Rg1 in Figure 6 is used only partially, it potentially can address SRAM with 32 MB capacity for further AI modelling.
For software debugging it is more comfort to use the shortened and the regrouped fragment of SRAM shown as Table 7. Variable Verification of data with the help of MVLL includes first of all: (1) processing of the data in the external node reply, sent to help the agent 1, and (2) reply of the subsystem S 1 to the external agent, requesting approval data for a third party.
The first case needs the simplest procedure if all the agents and nodes use by default the common format of MVLL. In fact it does not need any calculation of MVL functions and is the formal comparison of entry parameters, evaluated by one or the majority of data received from external nodes. The received data sequence refers to some entry e m−k , where k = 0, . . . , M − 1. As all addresses used in MVLL are fixed, the comparison of suspicious data and the received copy can be easily done by the cycle taken for variables from Table 7 and realized by the calculation of microassembler instruction CJNE A, P0, rel, where accumulator A is to be loaded by numbers received from external node, value of port P0 should be loaded from the internal copy of MVLL, and rel is the instruction to follow, if values of A and P0 are not equal. Given further in Algorithm 2 software fragment CMPRE demonstrates this procedure. Cuts "iv" and "ev" tag internal and external variables. The number of external verifiers (loyal nodes) is 8 ones.
Application of this and given further subroutines suppose, that they are inserted after the instruction START into the microassembler set of instructions: ORG 0H AJMP START ORG 30H START: . . . . . . . . . END. The second procedure mentioned above is to reply external request received from some other agent to approve entry e * i for a third party. This case implies that S 1 in agent A 1 can process collective data within the ranks of collective collaboration of nodes. Then it is necessary to calculate MVLL function for the received external data and to check, if the external version is true. The task to calculate MVLL function h (out) = F ll (e ( * ) i ) is disclosed in Algorithm 3, which is to use address data from Table 7. MVLL function is written via operators.
Literals (X(a, b), MINs (*) and MAXs (+) given in Section 2, where any Literal X(a, b) and product term pt can be equal either 0 or k − 1 only.
The first involved procedure is called SHPRTMS and is given by the subroutine in Algorithm 4. It calculates the set of shortened product terms {pt 1 , . . . , pt m } according to Algorithm 3 and procedures described in [50], using emulation of operators Literal and MIN given in [19]. Second subroutine MINHMPT is given in Algorithm 5 and calculates the set of "full" product terms including logic constants h (i,1) , it exploits only operators MIN.  The first of necessary subroutines is the third MVLL procedure MAXPT uses operator MAX for the set of obtained above product terms PTs and is given in Algorithm 6.
The obtained value h (out) is to be compared with the declared external version h ( * out) ; this should approve (or not) data of the third party.
Given above result has used internal hash values H (int) , which can be calculated by means of two simple hashing procedures for binary XOR given above in Section 3.4. This method of hashing is represented by subroutines HASHN (I step) and HASHINT (II step). They directly respond to procedures from Algorithm 3 and are shown in Algorithms 7 and 8. The first of them estimates the hash value for quasi-random fragmented key and internal parameters. The used for hashing binary XOR operator responds in the specification list of 49  For brevity the procedure TRKEYS for distribution of fragmented keys by S 1 to subsystems S 2 , . . . , S 4 is not shown as it does not contain MVL specificity.
Imitation of subsystems S 2 , . . . , S 4 by the module given in Figure 6 was modelled by earlier designed module for data acquisition by ADC and transfer of obtained data array from buffer SRAM KR537RU8 to external PC. This procedure can be used for slow enough MVLL transfer to external nodes by groups of bytes. Parts of MVLL or results of ADC measurements with the length of 256 bytes can be transferred to external computer via embedded MCS-51's and interface RS232C for serial port with ADM202E chip [80]. Certainly, special conjugated C++ program was used in the receiving PC. The microassembler program for control of data acquisition and RS232C transfer module (in Figure 7) is shown in Supplement to demonstrate that given above MVLL procedures have the same level of complexity as routine ADC and RS232C software. It includes two subroutines for laboratory data acquisition from one of 4 possible sensors and forms data array in the small capacity buffer SRAM. The transfer scheme uses standard transceiver SCON and buffer register SBUF. This software illustrates quite flexible resources of MCS-51, capable e.g., to adapt 10 bits ADC to 8 bit microcontroller by forming double sequence, composed separately of senior bytes and lower bytes, containing only 2 bits. Essentially, modeling of MVL functions and MVLL schemes does not create any specific hardships for microassembler programming. The length of given above procedures is mainly determined by addressing of external SRAM by trigger registers.
However, final commutation of schemes in Figures 6 and 7 needs not only to optimize commutation of control pins, but demands modelling of decision-making module and is out of discussion here.
Microassembler subroutines for calculation of AGA operators MINIMUM, MAXI-MUM, and Literal were also given earlier in [19], and MVL function calculation in C language was shown in Supplement in [18].
Brief comparative estimations of calculation time for MVL functions can be based on data given in [19], were for k = 256 truth levels и n = 12 variables the calculation needs ≈210,000 work cycles and 0.1 s at 24 MHz, where AGA operators minimally possible parameters are t MIN-MAX ≈ 4 µs and t Literal ≈ 9 µs.
Results of microassembler modeling. The distribution of fragmented keys, the acquisition of measurements data, and hashing procedures can be realized by routine microassembler programming. • Designed methods promise new applications of QKD lines, necessary only episodically in the trusted service zone. Interaction with quantum line will strongly depend on its specification.

•
In the used platform and model of MVLL the overall number of visited checkpoints in the route verification task may achieve at least 256 ones. • Designed schemes and algorithms with 8-bit data structure can be easily commutated with further AGA modelling of blocking terms and additional data protection methods.

•
It is substantial, that the structure of traditional controllers can successfully combine AGA and Boolean operators within the heterogeneous logic architecture of the agent [18]. • Detailed analysis of modern commercial wireless radiofrequency modules is needed further to choose reasonable data channels for communications with external nodes.

Discussion
The reason to propose modified version of MVLL is the desire to expand data exchange between external and internal components of the agent in order to provide more reliable data verification for prospective trust estimates and AI procedures. If the communication line of robot is not reliable or if one suspects activity of an eavesdropper, then it is quite natural to compare additionally data obtained from external storages with ones, extracted from the internal memory of the agent.
Proposed version of MVLL is represented by the rigidly given structure in SRAM, providing the design of software and the verification of correct interaction of supervisor S 1 with subsystems S 2 , . . . , S 4 in the agent. Given examples of microassembler subroutines demonstrate the possibility to realize short enough procedures by means of the small-scale hardware structure of well-known microcontrollers MCS-51. Certainly, such scheme is to be somewhat adapted to more productive controllers and FPGAs, as well as to USB controllers.
Such aspect, as interaction with modern modules for wireless communications in IoT and IoV should be investigated separately.
Another actual problem is to appreciate, if more levels (or layers) of data mixing in entries will be efficient, thus imitating more deep mixing of blocks in BC schemes.
Principally such procedure can be based just on used definition of MVLL, applied for selected variables from different entries.
Integration of protective blocking logic terms (see Section 2.4) needs to exclude logic constant k − 1 from active use and to reserve it for data protection service. First possible way here needs to use the shortened number of 255 truth levels instead of 256 ones, and to make necessary corrections in conjugated procedures and cycles. More original alternative here is to use heterogeneous logic architecture [18] and to apply enlarged number of truth levels in the supervisor subsystem. Here one can use e.g., 512 truth levels, described by the emulation of 16-bit calculations just in the 8-bit platform. But such method needs to choose some model of decision-making module and to design duplex mapping for subsystems with different truth levels k.
Separate item is the interaction and adaptation to real QKD line, and the realization of the random oracle scheme [18] with high enough capacity, adequate for practical use. Principally, in protocol [41] the random oracle is not the secret device and can serve all requests even coming from eavesdroppers! Some discussion is necessary for the possibility to use secured link to PC during service and verification sessions.
Much more dramatic and complex discussion refers to the design of decision-making module, which is critical for the choice of SRAM structure and agents communication language, which is not specific for narrow knowledge field. From one side, loyal network nodes are to use standard network tools, but from the other side, agents in MAS should imitate people and combine universal robotic language with additional secret coding. Namely the specifics of decision making module dictates the SRAM structure and the information capacity of communication module.
Interesting aspect for further research is the possible interaction of network robotics with business management processes [81] and industrial ones [82]. Although the distant admin or the user may be far away from the robotic system, his unmanned logistics or manufacturing of goods is still in the field of view of business analytics [81], whose services also can exploit automatic systems and agents. Such interaction is served by the large number of legal norms and rules, which should be monitored and approved by network devices. That is why the task is to propose new solutions, which are suitable not only for hardware agents, but may be extended for software agents. Respectively, such methods should be compatible with common network technologies like blockchain, but besides this they should be adapted to controllers level. Further research is to show, how business technologies with customer relationship management (CRM) [81] strategy can be combined with the proposed above blockchain-induced scheme. Possible interaction with hardware robotic platforms seems to be easier to begin with a agent's customer model, taking into account such basic parameters, as customer identification and attraction. Identification here can use verification and trust estimation procedures, and attraction should be the scheme to propose adequate services for approved routes and visited objects. Certainly, such business procedures will also require secured communications, where quantum technologies can propose unique solutions.
The proposed version of MVLL potentially may be used, when the agent following the route should approve visited or prohibited for visits zones of maps, or should fix bands of acceptable parameters for some time intervals or map zones. Such models may be actual for unmanned parking systems, dumping of garbage and sludge only in specially prepared places, for loading and handling devices, for cargo security, loading monitoring systems, and for the speed control within a residential zone.

Conclusions
The extended version of MVL linked list is proposed for mobile network agents, where BC-type distributed external data storage is adapted for joint work with internal low-throughput microcontroller platforms. Modified scheme of MVLL can integrate both internal parameters of agent's subsystems and external nodes. Proposed new version of MVLL is based on k-valued Allen-Givone algebra, comfort for high-dimensional data coding and verification procedures in multiparametric systems [18,19].
Parameters of internal subsystems of the mobile agent are to be approved by assigning the set of quasi-random hash values of fragmented keys, preliminary distributed by QKD line; also binary hashing XOR is to be applied. Traditional binary XOR function is chosen as the simplest hash function in microcontrollers for mixing of data of internal subsystems in the MVLL. The second step of the procedure calculates final XOR hash value for brevity of final data. Further obtained internal hash value is to be included into the MVLL, it may be complemented by parameters of external nodes, and is to be approved by the set of external quasi-random hash values according to earlier proposed MVLL scheme. These "fingerprints" of internal subsystems and external nodes are also can be accumulated in the memory of internal supervisor subsystem of the agent for verification in case of faults and errors, also some documented physical parameters can be kept in memory of other subsystems for check-up procedures. Such version of MVLL takes into account that free resources in internal subsystems are too limited to save large volumes of verification data.
Microassembler software examples for microcontroller platforms MCS-51 are given for basic MVLL adressing, hashing and conjugated measurements.
Specific features of route verification task are also analysed, what motivates to research further the ways to enlarge the number of logic variables in MVLL and to subdivide it into separate pages (or volumes).
The advantage of the proposed AGA based version of MVLL is that primitive logic procedures does not give the possibility to bypass any steps of data procession and to use traditional attacks; at the same time the structure of quasi-random hash values provides the unpredictability of data, necessary for verification without the disclosing of real values.
As a whole, the combination of externally approved mixed internal and external parameters is the next step to avoid trusted nodes for agents collective. Designed scheme is intended for protection of agents working distantly, when it is difficult to provide continious monitoring. MVLL storage for critical data of a robotic system is the way to approve identity of distant robots and IoT.