A Global Standard to Build Trusted and Decentralized Supply Chains with IOTA
EPCIS 2.0 is the new digital standard to share the what, when, where, why, how and who between supply chain actors. If you anchor EPCIS data (Electronic Product Code Information Services) on a distributed ledger technology (DLT), you have the fundamental building blocks for the digital transformation of supply chain management. By increasing trust and accountability, EPCIS 2.0 holds the key to a major upgrade of our planet's economic activity.
EPCIS 2.0 is a global supply chain standard (currently under community review) for storing and sharing supply chain event data; it is to supply chains what TCP/IP is to the Internet. In combination with IOTA, systems that support the standard (and the enterprises that use those systems) will be able to share trusted and verifiable information in a plug and play, interoperable, secure and decentralized fashion.
Today, supply chain information is siloed in corporate databases with proprietary formats. When it comes to sharing data among different actors, complex, individual and ad-hoc integrations must be developed. In addition, trust can only be established on a bilateral basis, which leads to intricate interactions, some of them still conducted through email or phone calls. These inefficiencies have been accentuated by the COVID-19 crisis, where supply chains have been put under very stressful conditions. As organizations rethink their global sourcing strategies, it has become clear that access to better and earlier data from the supply chains is needed. The answer is a more agile, modern and holistic supply chain system for the benefit of consumers, enterprises and governments.
In the IOTA Foundation, we have been working in the application of DLT to modernize supply chains, with some important results, namely: the digitization of trade corridors between East Africa and the rest of the world (in collaboration with TradeMark East Africa) and the definition of the reference architecture, building blocks and APIs that allow the Tangle to be integrated with automated identification and data capture devices (in collaboration with Zebra Technologies). The vision is a decentralized system where all actors can share trusted information about the limited visibility of the supply chain that they control, to actors that might be five or six tiers up the value chain from them. Our previously mentioned work shows how to do this in a secure and trusted way.
But there is still a missing piece in this equation: Data interoperability, e.g. when “everyone is speaking the same language”. You can always build a verification layer based on IOTA for the data generated by supply chains, but it could be a pointless exercise if the data serialization formats are not harmonized. Imagine an automotive OEM working with two different logistics service providers and two different part suppliers: If each logistics service provider reports about the location and delivery of parts in a different format, following disparate semantics, how can the consigner (the supplier) and the consignee (the OEM) properly automate their supply chain processes?
Fortunately, the industry is working hard on developing a harmonized yet extensible data model and unified serialization format for supply chain events. It is called EPCIS 2.0 and is developed by a Mission Specific Working Group (EPCIS MSWG) of GS1, the main supply chain standards development organization. Such MSWG is joined by experts around the world in different industries (health, transportation, retail, etc.). The IOTA Foundation is also an active member of such MSWG (and of GS1) and has been a core contributor to the development of the technical specifications and different software assets (schemas, Linked Data @context, API specs, etc.), together with our partners, EVRYTHNG and Zebra Technologies. In particular, IOTA Foundation’s contributions have been key in ensuring that EPCIS 2.0 can be seamlessly integrated with DLT technology.
After a long process and many lively discussions, EPCIS 2.0 entered the Community Review phase in October 2021. Essentially, this means that the experts of the MSWG consider the specification good enough and are asking the public and additional subject matter experts for comments and reviews. After the completion of the Community Review, the standard will be formally published by GS1 by the end of 2021, and then ratified by the national and international formal standards bodies, namely ISO/IEC JTC 1.
According to Dominique Guinard, CTO and Co-founder, EVRYTHNG: "EPCIS 2.0 is the interoperability language supply chains needed and I am thrilled that we get to prove that with our EVRYTHNG to IOTA integration that guarantees unforgeable and shareable supply chain events."
EPCIS 2.0: A detailed view
But what is EPCIS 2.0? From a programmer’s perspective, it is a vocabulary and data model (plus a JSON-based serialization format and accompanying REST APIs) that enables stakeholders to share transactional information regarding the movement and status of objects (physical or digital), identified by keys.
The figure below depicts the business process behind the manufacturing and retail of a trade item in the supply chain. First, the product is manufactured at the factory and then shipped to the retailer’s distribution center (DC). Then, the trade item moves to a retail store where it is received, stored and later sold to the final consumer. These are different business steps (commissioning, shipping, receiving, storing, selling) that happen at a particular location (factories, warehouses, etc.), at a particular moment in time and which involve multiple parties. EPCIS 2.0 enables the representation of these steps as events (serialized in JSON format) so that all the participants in the supply chain use the same terms; as a result, data can be shared seamlessly. Furthermore, extra events could be generated at later stages for trade items subject to recycling or with regulated disposal mechanisms, ensuring the proper traceability and compliance.
EPCIS 2.0 is modular and extensible and specifies the generic structure of the data and the core event types. Each EPCIS event contains key data elements that convey what are the subjects of the transaction (trade items identified by an EPC), the timestamp (when), the location (where), the related business action or step (why) and the source and/or destination entities (who). In addition, events containing data reported by IoT sensors can also be conveyed by EPCIS 2.0 (how), for instance, to track the temperature of the goods while they are transported (ensuring cold chain requirements).
The GS1 Core Business Vocabulary Standard is also part of EPCIS 2.0 and defines fundamental terms such as types of business steps, types of dispositions, location attributes, etc. As EPCIS 2.0 events are represented using JSON-LD (JSON Linked Data), additional vocabularies specific to an industry can also be used under the same framework. For instance, the VDA automotive association has defined specific vocabulary terms to be used by the automotive industry OEMs.
How is the IOTA Foundation working on EPCIS 2.0?
When it comes to off-tangle EPCIS 2.0, the IOTA Foundation has implemented a first version of the Linked Data Proofs library that allows verifying EPCIS events stored off-Tangle, for instance, in the EVRYTHNG Cloud platform. With such a library, a supplier can prove against an OEM, for example, that certain parts have been delivered. The OEM can retrieve the EPCIS Events related to a part’s journey and verify them through the Tangle, guaranteeing immutability, authenticity and accountability. The usage of the IOTA Streams framework also allows verifying the order of events.
The figure above depicts some simple examples of the kind of applications that are enabled by the combination of a common supply chain representation language (EPCIS 2.0) with immutability, decentralization, and trust (through the IOTA Tangle). In the coming months, in collaboration with the community and our partners, the IOTA Foundation plans to continue developing additional building blocks and use cases around traceability, provenance and authenticity in supply chains, involving business to business (B2B), business to government (B2G) and business to consumer (B2C) scenarios. To do so, we will leverage recently won projects such as the EBSI or the second phase of TLIP/TMEA. We will also be involved in further GS1 standardization actions such as GS1 Digital Signatures and the GS1 Digital Link (the successor of plain bar codes) so that we will be able to extend our suite with additional interoperability mechanisms.
Our final aim is to play a fundamental and pioneering role in a new generation of supply chains that are more efficient, accurate and safe; where there are substantial reductions in illicit activities like diversion and counterfeiting; and the realization of the circular economy. And we firmly believe that this can only happen by combining data standards (such as EPCIS 2.0) and scalable, feeless and energy-efficient DLTs like IOTA.
If you are active in the supply chain sector and are interested in more information on our work, feel free to reach out via our contact page.