Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Trustworthiness and Traceability of Supply Chain Data

Illustration of the 4-step manufacturing process with blockchain involvement
Credit: N. Hanacek/NIST

The Systems Engineering Group (SID/Engineering Laboratory) is pursuing a vision where a standards-based digital thread of data fuels the next generation of smart connected manufacturing systems. Data, in standard formats from traditionally “siloed” lifecycle functions, is combined to build knowledge and make decisions to improve the quality, reliability, interoperability, and efficiency of Smart Manufacturing Systems. With the growing digitalization of manufacturing and the associated reliance on digital data, manufacturers, their supply chains, and their customers are exposed to many and varied digital threats. Ensuring that data of the correct type and version is authorized for the intended use and came from the expected data owner/sender is paramount, especially in regulated industries. Our early work focused on including data traceability information inside standard data exchange files. We then explored including data traceability information in a secure external repository such as a blockchain. We are now building a software solution that would allow actors at any level of the supply chain to investigate the propagation of tampered data through heterogeneous systems using model-based integration methods (i.e., data mappings).

See below for our current project and recent accomplishments.


Current priorities

Data Traceability Web Framework

Data tampering—either intentional (i.e., cyberattacks) or unintentional (e.g., human or system error)—can lead to serious consequences in the physical world, such as structurally weaker or functionally different parts. The complexity of today’s goods and the distributed nature of supply chains involves a significant number of heterogeneous information systems operating on both business and engineering data. These systems are integrated to consume data from each other in a high-volume and fast-paced environment where tampered data can be quickly propagated across many systems and organizations. We leverage open standards and model-based integration specifications to quickly investigate and isolate infected systems.

Related publication:

  • Toward Model-Based Integration Specifications to Secure the Extended Enterprise – Krima S., Toussaint M., Barnard Feeney A. – ASTM Smart and Sustainable Manufacturing Systems, Vol. 4, No. 1, 2020, https://doi.org/10.1520/SSMS20200022

Current activities:

  • Implementing a web-based solution for investigating and evaluating data tampering
  • Developing cybersecurity metrics to evaluate the risk of exposure to data tampering
  • Developing a cybersecurity awareness program focused on data tampering issues
  • Aligning metrics and processes with NIST SP800-series for cybersecurity guidance

Accomplishments

Digital Manufacturing Certificate toolkit

The NIST Digital Manufacturing Certificate (DMC) Toolkit is designed to show how public key infrastructure (X.509-PKI) from the X.509 standard can be used to embed digital signatures into standard data exchange files for the purposes of certification and traceability. In its first release, the DMC toolkit supports signature and validation of data in the following formats: ISO 10303-21 (STEP), ISO 6983 (G-code), ISO 32000 (PDF) and 14739 (PRC, aka 3D PDF), and Quality Information Framework (QIF). The software offers both the Toolkit as a C# API and a fully-functional demonstration application.

Available software: DMC Toolkit (NIST git repository)

digital certificate toolkit
Using X.509 certificates for verifying the quality of product data and embedding usage restrictions.
Credit: ​​​​​​​S. Krima

Related publications:

  • Embedding X.509 Digital Certificates in Three-Dimensional Models for Authentication, Authorization, and Traceability of Product Data – Hedberg T., Krima S., Camelio J. – ASME Journal of Computing and Information Science in Engineering, 2016, http://dx.doi.org/10.1115/1.4034131  
  • Method for enabling a root of trust in support of product-data certification and traceability – Hedberg T., Krima S., Camelio J. – ASME Journal of Computing and Information Science in Engineering, 2019, https://doi.org/10.1115/1.4042839  
  • Recommendations on Ensuring Traceability and Trustworthiness of Manufacturing-Related Data – Hedberg T., Helu M., Krima S., Barnard Feeney A. – NIST Advanced Manufacturing Series 300-10, July 2020, https://doi.org/10.6028/NIST.AMS.300-10 

 

Blockchain Reference Model

In a complex environment composed of numerous partners and exchanges, auditing traceability embedded in data files is inefficient. To address this and other shortcomings, we presented an initial assessment and early recommendations on how to record product data transactions on a blockchain.
 

Publications and news:

supply chain traceability blockchain
Using a blockchain ledger to check product data ownership in a complex environment. 
Credit: ​​​​​​​S. Krima
Created March 3, 2021, Updated March 7, 2021