The new ECLASS whitepaper presents a concept of distributed ledger-based infrastructure for identity and access management for industrial digital twins. This achieves an important milestone on the way to the future open global Industry 4.0 ecosystems.
This whitepaper introduces an approach to realizing a common decentralized registry for industrial Digital Twins.
Five practice-relevant use cases explain how this decentralized registry can be implemented and applied in practice. The use cases show how the Digital Twins and services around them can be registered within the registry and accessed by the users in different lifecycle stages. Furthermore, the use cases show how the industrial asset users can associate multiple Digital Twins to the same asset and how these Digital Twins can be found based on a unique asset ID. Other use cases describe the possibility to qualify the information provided within the Digital Twin by third parties as well as to implement a decentralized identity and access management for services listed in the decentralized registry. In this concept, the ECLASS standard is mainly used to describe the services as well as attributes within certificates for authorization and qualification of Digital Twins.
The challenges addressed in this whitepaper are relevant for different domains, e.g. automotive, energy, retail and logistics. To be more tangible, the whitepaper concentrates on the requirements of Industry 4.0 and explains the solution concepts using the technical specifications of the Asset Administration Shell, the standardized implementation of the Digital Twins proposed by the German Platform Industry 4.0 and the Industrial Digital Twin Association.
What is the Digital Twin?
Advancing digitalization, increasing networking and horizontal integration in the areas of purchasing, logistics and production, as well as in the engineering, maintenance and operation of machines and products, are creating new opportunities and business models that were unimaginable before. Classic value chains are turning more and more into interconnected value networks in which partners can seamlessly find and exchange relevant information.
Machines, products and processes receive their Digital Twins, which represent all relevant aspects of the physical world in the information world. The combination of physical objects and their Digital Twins creates cyber-physical systems.
Over the complete lifecycle, the relevant product information and production data captured in the Digital Twin must be available to the partners in the value chain at any time and in any place. The digital representation of the real world in the information world, in the form of Digital Twins, is therefore becoming increasingly important. However, the desired horizontal and vertical integration and cooperation of all participants in the value network across company boundaries, countries, and continents can only succeed based on common standards.
What is the Asset Administration Shell?
The so-called Asset Administration Shell (AAS) is a common concept of Platform Industry 4.0 and industry associations like VDMA (German Engineering Federation) and ZVEI (German Electrical and Electronic Manufacturers' Association) as well as the Industrial Digital Twin Association for the realization of the Digital Twin. The AAS is expected to become the standardized basis to drive the fourth industrial revolution and to build innovative applications.
The core elements of an AAS are standardized machine-interpretable information models that represent the attributes, configuration parameters, behavior, and capabilities of products, plants, machines, and their components in terms of standardized properties. ECLASS plays an important role in this context. The ECLASS standard is seen by the Industry 4.0 community as a common vocabulary and supplier of standardized semantics for interoperable information exchange between Digital Twins.
What is ECLASS?
ECLASS is internationally established as the only ISO/IEC-compliant industry standard and is thus the worldwide reference-data standard for the classification and unambiguous description of products and services. More than 4,000 customers are already successfully using the 45,000 classes and 19,000 properties of ECLASS in 16 languages for digital data exchange. In addition to traditional applications in procurement, controlling, production and distribution, ECLASS demonstrates its particular strengths when used for cross-enterprise process-data management and in engineering functions. A standardized master-data system is the key to enterprise-wide improvements, producing benefits along the entire value chain. The ECLASS e.V. association, founded in 2000, is a non-profit organization run by companies, associations and institutions from a wide variety of industries and trade sectors. Their common goal is to expand the ECLASS standard in line with current and future market requirements and promote its international application.
Why is a common registry and identity management so important to Industry 4.0?
To create the desired flexible value chains, the individual Digital Twins alone are not enough. The assets and their Digital Twins must be unambiguously identifiable and discoverable in an open digital ecosystem.
Concepts currently discussed in the Industry 4.0 community are based on the classic centralized approach, in which the centralized platforms are the anchor of trust that takes over the registration, identity management, authentication and authorization of Digital Twins in a common network.
The centralized approach is definitely a first valid step towards short term realization of Industry 4.0 applications but does not fully correspond with the long term visions of Industry 4.0, which underlines the highly decentralized character of future digital ecosystems without components that can assume a centralized monopoly position and whose non-availability can affect the secure operation of the overall system.
Distributed ledger-based infrastructure presented in the whitepaper
The new ECLASS white paper presents an approach toward a completely distributed solution of the essential tasks of identity and access management by combining DLT, W3C-specification of decentralized identifiers (DID), the AAS and ECLASS semantics and explains how several disadvantages of centralized systems can be overcome thereby.
Figure 1 presents the overall architecture of the decentralized registry proposed in the white paper which is based on decentralized identifiers (DIDs) and DLT. This can be explained by the basic scenario. Companies (such as manufacturers) operate the Digital Twins of various assets in their private trusted networks. The partners in the value chain currently operating the asset want to access the Digital Twin of these assets. The exact information about the endpoint (port and communication technology they have to use) to access the Digital Twin is not known to the asset operator. The asset operators only know the DID of the Digital Twin, which they can derive from a unique asset ID. The registration of a Digital Twin (step 1) takes place with the submission of a DID document, which is stored as a transaction in a common data set (distributed ledger). This document is referenced by the Digital Twin ID (step 2), which, in this system is the DID that can be derived from the unique asset ID.
The asset operator connects to one of the public network nodes of the DLT system and finds the corresponding transaction in the data set. From this transaction, the DID document can be extracted. The DID document contains a machine-readable description of how to access the Digital Twin, including endpoint information. The Digital Twin can be then accessed from outside the DLT network.
Figure 2 shows how the Digital Twin services themselves can be defined within this decentralized registry, inside the DID document.
All services associated with a Digital Twin can be listed within the decentralized registry in the corresponding DID document. For the definition of services, the ECLASS catalog is an essential part to ensure that the services are described in a semantically correct and machine-readable way. As soon as the consumer has accessed the DID document, he can retrieve this and have all information at hand to access the Digital Twin.
The controller of the DID is responsible to provide all required information within the DID document describing the Digital Twin’s services. The DID meta-model gives directions to the creator of a DID on how to structure and build the corresponding DID document to ensure compatibility and semantic correctness.
IOTA Tangle as infrastructure for digital twins
Technically seen, the concepts presented in the white paper can be implemented by almost every DLT. However, not every DLT is well suited to become the basis for the open digital ecosystems envisioned by Industry 4.0.
The requirements for such a future digital ecosystem are explicitly stated in the 2030 vision for Industry 4.0: openness, decentralization, supporting heterogeneity and diversity on the market, no participants with superior roles, and monopoly positions.
For example, in private and consortial blockchains, the control tasks are assigned to a qualified and known party or group, which automatically gives that group superior rights and a kind of monopoly position over the rest of the participants. By the definition, private and consortial blockchains do not imply an open character of the network and ecosystem.
Public blockchain networks still have significant shortcomings: low transaction rate, limited scalability and extremely high energy consumption. In addition, the purchase of electronic currency (cryptocurrency) is necessary to transfer information. That is often associated with significant regulatory barriers and excessive administrative effort. Furthermore, a tendency can be noticed towards de-facto centralization of "miners" to a few large mining pools.
IOTA solves the fundamental shortcomings of blockchain and as an open-source technology represents an alternative to public blockchains. IOTA Tangle as a global public network provides the necessary characteristics to become a base for infrastructure for future open digital Industry 4.0 ecosystems.
As the IOTA network does not require any transaction fees, the data transactions needed in the context of the ECLASS white paper can be processed free of charge. The possibility of sending financial transactions, including micro-transactions, with IOTA as well allows an easy switch to the business models that utilize the micropayments.
Through the wide ecosystem of users and use cases, the accumulated experiences are constantly flowing back into the further development of IOTA, matching the requirements to becoming the standard protocol for IoT and open digital cross-company ecosystems.
As a further development of the concepts presented in the ECLASS white paper the integration with IOTA Open Source technology will meet the requirements for security, data integrity, and data sovereignty. Integrated Layer 2 functionalities like IOTA Access can provide a basis for the management of access rights to industrial assets and their Digital Twins. IOTA is designed to be highly scalable and complementаr, forming a harmonious whole to realize the visions of the I40.
The IOTA mainnet is step by step being prepared for complete decentralization. With the latest updates to IOTA 1.5, is rapidly becoming enterprise-ready. The first testnet provides the best opportunity for companies, industry associations, and consortia to start exploring their ideas, create new products and business models on the IOTA network and co-operate, co-create and master the fourth industrial revolution together.
Authors: Alexander Belyaev and Alaettin Dogan