The Internet of things (IoT) has brought new opportunities to the way products and assets can be tracked and managed across the supply chain. Yet, without the introduction of lightweight device authentication, security and privacy concerns will continue to add to the already high cost of IT infrastructure that makes near real-time data collection possible.
More commonly applied methods using barcodes, QR codes, and RFID tags to obtain monitoring data suffer from the ability to detach a digital identifier from its associated product, allowing it to be imitated or tampered with, and are often limited in their capacity to provide more detailed information.
In an article published in the IEEE Engineering Management Review, titled Physically Unclonable Functions (PUFs): A New Frontier in Supply Chain Product and Asset Tracking, nChain Researcher Jack Davies and Dr Yingli Wang of Cardiff University address such concerns by exploring the implications of physically unclonable functions (PUFs), a new frontier in IoT and supply chain management, and how the technology can be applied using blockchain technology to achieve enhanced visibility and data integrity across the supply chain.
What Are PUFs and Their Benefits?
PUFs exploit the random yet inherent attributes of a physical object to provide a digital fingerprint or identifier that is unique to the object. Jack Davies and Dr Wang explain that rather than assigning a digital identifier to an object or device, it is intrinsically linked to the device, ensuring that any changes to either the digital identifier or the device itself are easily detectable.
PUF devices are therefore highly tamper-evident and ideally suited to situations where identification and authentication are required across networks or complex systems, including supply chains. Resulting key applications of PUFs and unique benefits include:
- detecting counterfeits, ensuring that the identifying information and the relevant device cannot easily be changed, imitated, or cloned;
- securing IoT devices, which often suffer from a lack of efficiency and security when it comes to device authentication; and
- protecting and enforcing intellectual property (IP) rights concerning configurable circuits, by preventing unlicensed imitation or copies of designs and allowing suppliers to protect their IP across the supply chain.
By “generating an unpredictable yet deterministic response to a given challenge”, PUFs remove the need to store keys explicitly on-device, while allowing sensitive data to be shared only between authorised parties, improving overall security.
Combining PUFs and Blockchain Technology
Leveraging the permanent, immutable, and readily available record that is the blockchain, PUF devices can take advantage of the transparency that public networks provide. By linking digital signatures to hardware devices, blockchain technology can help streamline identity mapping and enhance accountability among supply chain actors.
The scale at which millions of existing IoT and other devices need to be able to interact with the blockchain requires an even larger number of transactions that a blockchain network would have to handle. Equally important is the ability to conduct large volumes of transactions at a low cost. For the same reason, nChain supports the use of applications on the BSV blockchain, which is already on track to handle such capacities, at fees of a fraction of a US cent.
With the ability to provide device authentication, while leveraging the capacity and efficiency of the BSV blockchain, products and assets can be verified at any critical point in time across the supply chain, offering a securely monitored and fully traceable audit trail.
The solutions explored in the article provide ways to enhance visibility and integrity in supply chain management, and present examples of the ongoing developments across industries taking advantage of emerging technologies.