Combat Cyber Risk in Military Supply Chains with Blockchain
At SAP, we have always been looking for ways to realize tomorrow today – think about how SAP Cloud Platform got started, or SAP Leonardo – and we’re been rather successful following this formula. This is a story of another first, this time for the logistics supply chain and the defense vertical in particular.
For 6 months, we have been working behind the scenes with a blockchain technology pioneer Guardtime to create a revolutionary supply chain proof of concept for our defense customer base. The solution we envisioned was to enable end-to-end data integrity and provenance in a heterogenous multi-tier supply chain. Essentially, it’s the world’s first supply chain track-and-trace application for the defense vertical powered by blockchain technology.
Yesterday we demonstrated the first prototype of our joint development efforts at SAPPHIRE NOW 2017 combining the SAP S/4HANA in-memory data platform, SAP Supply Chain Management and Guardtime’s KSI blockchain technology, deployed on the SAP Cloud Platform. The feedback from our customer base has been tremendous.
The KSI blockchain integration is what makes the solution unique, so here’s a few words about what we did here. Implemented in production systems inside government and private networks since 2008, Guardtime’s KSI Blockchain has proven to be the scalable and secure solution for massive scale data management applications and business services. The technology provides the means to immediately detect changes and prove the integrity state or its absence. That’s valuable, of course.
However, in many real-life use case, data traverses through different and discrete systems and datasets can be combined or become decomposed – the most typical example of this is a supply chain. Whether software or physical supply chain, to be trusted, there needs to be an immutable audit-trail that also covers the asset in motion through a number of discrete systems, which can’t be accomplished by simply instrumenting the data asset in a blockchain.
Guardtime created the KSI Container concept specifically to solve this problem – a solution combining KSI blockchain based signatures with the supply chain context – adding relevant data and metadata of each processing entity. The digital fingerprint of an asset and relevant metadata (e.g. serial number, producer information, classification level, etc.) are secured by the KSI blockchain through every step asset moves in the supply chain and are stored in a portable KSI Container. The containers in turn are cryptographically linked together and provide a formally verifiable proof of authenticity for every spare part or software component.
As a result – KSI Container integration with SAP SCM in the SAP Cloud Platform makes it possible to realize a fully trustworthy cross-vendor supply-chain – allowing to track-and-trace the origin of every component – regardless of domains, trust relations or technologies used. As far as value propositions go, this truly is in the holy grail territory – and from what we hear, our customers seem to agree.
Stand by for future updates!