Protecting the integrity of measurement data acquired by a sensor device

What is claimed is: 1. A method for protecting the integrity of measurement data acquired by a sensor, the method comprising: in response to the measurement data being acquired, determining, by the sensor, whether an aggregate value has already been generated, and: if the aggregate value has not yet been obtained, mapping, using a predetermined aggregation function that takes the measurement data as a mandatory argument and a previously generated aggregate value as an optional argument, the measurement data to the aggregate value; whereas if the aggregate value has already been obtained, mapping, using the predetermined aggregation function, the combination of the aggregate value and the measurement data to a new aggregate value; and in response to a predetermined condition being met, computing, using a secret key of the sensor, a signature of the aggregate value; and outputting the signature via a communication interface of the sensor, and/or storing the signature in a memory, wherein the predetermined condition is made dependent on a utilization of at least one processing resource of the sensor that is needed for the computing of a signature. 2. The method of claim 1 , wherein the aggregating function is a hash function that maps the measurement data, or a combination of the measurement data with one or more further arguments, to a hash value of fixed size as the aggregate value. 3. The method of claim 1 , wherein the aggregating function further takes configuration information of the sensor as a further argument, wherein said configuration information controls a behavior of the sensor, and/or the acquiring of the measurement data by the sensor. 4. The method of claim 3 , wherein the configuration information comprises one or more of: a measurement range of the sensor; a measurement unit used by the sensor; a schedule according to which the sensor acquires the measurement data; one or more processing steps that the sensor applies to at least one sensor signal, and/or to the measurement data; and at least part of a firmware of the sensor, and/or a hash value computed thereon. 5. The method of claim 1 , wherein the predetermined condition comprises: a predetermined time period has expired; and/or a new aggregate value has been generated for a predetermined number of times; and/or the sensor has received a request for a signature from another device; and/or a previous computation of a signature has finished. 6. The method of claim 1 , wherein the aggregation function takes an epoch index as a further argument, and wherein the method further comprises, in response to the predetermined condition being met: incrementing the epoch index. 7. A method for protecting the integrity of measurement data acquired by a sensor, the method comprising: in response to the measurement data being acquired, determining, by the sensor, whether an aggregate value has already been generated, and: if the aggregate value has not yet been obtained, mapping, using a predetermined aggregation function that takes the measurement data as a mandatory argument and a previously generated aggregate value as an optional argument, the measurement data to the aggregate value; whereas if the aggregate value has already been obtained, mapping, using the predetermined aggregation function, the combination of the aggregate value and the measurement data to a new aggregate value; and in response to a predetermined condition being met, computing, using a secret key of the sensor, a signature of the aggregate value; and outputting the signature via a communication interface of the sensor, and/or storing the signature in a memory, wherein the communication interface of the sensor that is used for outputting the signature is configured to output data from the sensor, but not configured to accept the inputting of data to the sensor. 8. The method of claim 7 , wherein the communication interface encodes data that is outputted from the sensor in a value of the current that the communication interface, and/or the sensor, draws from a current loop. 9. The method of claim 1 , further comprising outputting, through the communication interface, at least part of the data from which the sensor computes aggregate values. 10. A method for authenticating acquired measurement data comprising: acquiring, by a sensor, measurement data; protecting the integrity of the acquired measurement data by: responding to the measurement data being acquired by determining, by the sensor, whether an aggregate value has already been generated, and: if the aggregate value has not yet been obtained, mapping, using a predetermined aggregation function that takes the measurement data as a mandatory argument and a previously generated aggregate value as an optional argument, the measurement data to the aggregate value; whereas if the aggregate value has already been obtained, mapping, using the predetermined aggregation function, the combination of the aggregate value and the measurement data to a new aggregate value; and in response to a predetermined condition being met, computing, using a secret key of the sensor, a signature of the aggregate value; and outputting the signature via a communication interface of the sensor, and/or storing the signature in a memory; obtaining the measurement data and at least one signature of an aggregate value that depends on the measurement data; reconstructing, based at least in part on the measurement data, the aggregate value; verifying the signature against the reconstructed aggregate value; and if the verification is successful, determining that the measurement data is authentic, wherein the reconstructing is based at least in part on candidate values for the measurement data and/or for further arguments from which the aggregate value is derived, and wherein the method further comprises: if the verification is not successful, determining new candidate values and reconstructing a new aggregate value based at least in part on the new candidate values.