By Xinxin Fan and Raullen (Qi) Chai, IoTex
A typical multi-party asset tracking application involves shippers, receivers and a freight-carrier network with multiple stakeholders (e.g., manufacturer, distributor, provider, carrier) that have mutual obligations to deliver assets in time.
Unfortunately, the traditional asset-tracking solutions have posed a multitude of concerns due to the lack of trustworthy and transparent information across the supply chain.
The Covid-19 pandemic has further exposed the fragility of the current supply chains and highlighted the need for improving the existing supply chain infrastructure through digital transformation. To tackle the industry-wide challenges for global supply chains, we describe a trusted and transparent asset tracking framework called AuthTrail. The proposed framework establishes a trusted data-sharing fabric for streamlining workflow and increasing supply chain visibility among all the stakeholders.
As shown in the figure, AuthTrail leverages a consortium blockchain to store and exchange all the information related to freight contracts, real-time locations, climatic conditions, transportation and handling of physical assets, thereby creating a single source of truth available to all stakeholders in the system and eliminating potential issues like late reconciliation, improper handling of assets, etc.
Moreover, secure edge devices ensure trustworthiness of the data collection for the status of the attached physical assets. In particular, trusted real-time IoT data will be fed into smart contracts, which specify the service-level agreements (SLAs) negotiated among stakeholders, for evaluation periodically and the penalty settlement will be triggered automatically in the event that an SLA is breached.
Finally, to create the chain of custody when assets are moving in the supply chain, AuthTrail requires the stakeholders to record standardized EPCIS events on the blockchain whenever the status of assets changes.
Figure. A high-level system architecture for AuthTrail
The AuthTrail framework has these major steps:
- Asset tracking stakeholders onboarding. A consortium blockchain is provisioned and an administrator sends invitations to stakeholders of the freight-carrier network for joining the system. Upon creating an account and logging in the system, each stakeholder generates a decentralized identifier (DID) and stores the corresponding DID document on the blockchain.
- Freight contracts negotiation and archiving. All the freight contracts (e.g., broker carrier agreements, load tenders, rate conformations, bill of lading) are negotiated offline among stakeholders and the hashes of the digital versions of those freight contracts are committed to the blockchain for secure logging and auditing purposes. In particular, service-level agreements between stakeholders are written into smart contracts and deployed on the blockchain.
- Secure edge device onboarding. Once a secure edge device is powered on for the first time, it generates a private/public key pair within the secure hardware and registers the public key on the blockchain via a decentralized secure device onboarding process. The registered public key is then used to perform the on-chain sensor data verification by the smart contracts.
- Real-time asset tracking. When an asset is being moved by the freight carrier network, the secure edge device captures its real-time status (e.g., location, temperature, humidity) and signs it using the private key. Based on the location of the asset, the signed asset status is then sent to a specific smart contract for the SLA validation.
- Automatic penalty settlement. In the case that an SLA is breached, a special event is emitted on the blockchain by the smart contract. Once the event is captured by the corresponding stakeholders’ enterprise networks, the penalties will be automatically settled among stakeholders involved in the SLA.
- Chain-of-custody creation. The stakeholders send transactions to the blockchain when the asset is in their custody. Each transaction encapsulates a standardized EPCIS event describing what has happened to the asset. All the EPCIS events, which are recorded on the blockchain and shared among all the stakeholders, establish the chain of custody of the asset in the supply chain.
The authors describe the Framework in a new IIC technical brief “Trusted and Transparent Asset Tracking on the Edge.” The brief describes how to build a trusted and transparent asset-tracking solution by combining three technical components: secure edge devices, consortium blockchain and standardized supply chain data formats. The resulting solution facilitates collaboration among supply chain stakeholders, improves supply chain efficiency and user experience, and achieves substantial cost savings.