You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 7 Next »

Description / Scope

This section is intended for gathering Supply Chain scenarios and study the Use Cases that derive from these scenarios in order to interpret them in Smart Contracts and implement them in pseudocode or other forms of description. After finalizing the scenario we will try to implement them in different Hyperledger frameworks as PoC and study them from a research point of view (speed, security etc.) We intend to combine Hyperledger Indy to implement the identity parts of the scenario(s). 

Supply Chain Scenarios / Use Cases

Scenario 1 (source IBM):

Food suppliers in the U.S. must comply with U.S. Food and Drug Administration (FDA) Foreign Supplier Verification Program regulatory requirements before they can ship their products to market. Regulatory compliance is a high-focus area in which developers are looking to build applications that automate and standardize processes used to enforce and execute compliance. Blockchain presents an opportunity to do just that. For this use case, imagine that a supplier is transferring the food products to an importer who verifies that the supplier, country, and food type all match the correct identifiers. At the port of entry, the supplier is again checked against a list of known suppliers in a database (managed by the regulator). If the supplier is of type exempt, then the products are transferred to the retailer. If the supplier is non-exempt, the products are checked against a list of known food products in a database (managed by the regulator). If the food is an exempt product, then it is transferred to the retailer. If the food is non-exempt, the importer must conduct the hazard analysis (either independently or by using a third party). The supplier provides the hazard analysis report to the regulator. The regulator reviews compliance and transfers the products to the retailer. This pattern captures the regulatory compliance logic for the FDA Foreign Supplier Verification Program in a smart contract that’s deployed on a business network. (code and implementation https://github.com/IBM/PublicRegulationFabric-Food-IBPV20

  1. Scenario
  2. SCenario

Smart Contracts deriving from scenarios/use cases


SC for ...SC for ...SC for ...
Description


Parameters


Functionality


..etc


Research

  • Promote the secure and efficient movement of goods by o resolving threats early, improving verification and detection capabilities, and enhancing security of infrastructure and conveyances in order to protect the supply chain, and maximizing the flow of legitimate trade.
  • Foster a resilient supply chain by mitigating systemic vulnerability of supply chains and promoting trade resumption policies and practices.
  • How can stakeholders provide assurance that my product is safe without revealing intellectual property (e.g., source code)?
  • Is there a formal certification process and authority that can certify certain security properties exist in the product?
  • What would constitute a trusted third party (TTP) certification body (e.g., charter, COI, goals, membership, participants, industry)?
  • What would be the focus and benefits of the TTP (incentives, methods, technologies) and key outcomes (especially sponsors)?
  • How would the TTP get industry buy-in and be distinguished from other (e.g., TCB, OWASP, etc.) existing bodies?
  • Better precision in understanding existing and emerging vulnerabilities and threats.
  • Advances in insider threat detection, deterrence, mitigation and elimination.
  • Assuring security, survivability and dependability of our critical infrastructures.
  • Assuring the availability of time-critical scalable secure systems, information provenance and security with privacy.
  • Observable/ measurable/ certifiable security claims, rather than hypothesized causes.
  • Methods that enable us to specify security requirements, formulate security claims, and certify security properties.
  • Assurance against known and unknown (though perhaps pre-modeled) threats.
  • Mission fulfillment, whether or not security violations have taken place (rather than chasing all violations indiscriminately).

Sources

Scenario 1 source  https://github.com/IBM/PublicRegulationFabric-Food-IBPV20

Hyperledger Grid project   https://www.hyperledger.org/projects/grid

Research Topics source http://faculty.washington.edu/jscholl/hicss50/supply-chain.php

  • No labels