Risks associated with Logistics 4.0 and their minimization using Blockchain

2.1 Economic Risks

Automation, digitization, and networking technology requires large expenditures for infrastructure, implementation and maintenance costs. Investing in new technologies brings a high financial risk because we do not know which processes will be economically advantageous in the long term and which will not. Technologies are full of uncertainty that will be truly necessary and successful. Choosing the right time and method of investment to be divided between different technologies and different parts of the supply chain can be seen as a crucial success factor regarding Logistics 4.0 [5]. There is a risk of incorrect investment in poor or often immature technologies. On the other hand, there is a risk of postponing investments, where companies can miss trends and thus the opportunity to place themselves on the market.

Another economic risk is the adoption of technologies related to Logistics 4.0. One part of customers is increasingly focusing on new product and service options, but another group of customers may be reluctant to pay for new technologies. Another aspect is the emergence of new business models. Existing business models are focused on product marketing. Many current executives do not know how to generate value from data. Companies lack the expertise to develop data-based business models, or lack the resources to collect the necessary amount of data to generate their value.

The principle of Logistics 4.0 is related to the transparency of processes and data. However, there is a risk and concern that increased transparency of data in the supply chain might be used to their disadvantage, e.g. when negotiating price or other terms of trade, based on knowledge of key numbers such as transmission capacity, average delivery speed, etc. Great concern brings fear of possibly excessive dependence on suppliers of necessary technologies, for example, with respect to repairs, updates or maintenance of systems that the user cannot perform independently. The provider can then demand a high price for these services.

2.2 Technological and IT Risks

The implementation and use of Logistics 4.0 solutions involves technical risks. The technical complexity is increasing, resulting from a merging of mechanical and IT systems across several stakeholders in a supply chain. Logistics 4.0 might bring a great deal of potential, but also is associated with a high level of complexity in order to be implemented. Digital transformation can be accomplished in two ways. The first way is to use a new infrastructure, including a technical side in the form of a new information and communication technology (ICT), but also an employee who will use the new technology. This method requires a large investment but guarantees greater compatibility. The second way is to incorporate new technologies into existing infrastructure. This would reduce the cost of implementing Logistics 4.0. However, from a technical point of view, this poses large technical challenges with very uncertain results and significant compromises. Software development that is compatible with existing technical solutions is also a risk with this method. Whereas existing systems might not be easily compatible, new developments would cost a lot of resources. Therefore, making software compatible with existing IT solutions in supply chain is described as a large risk.

In the concept of Logistics 4.0 is a great dependency on technology and software. In the event of a software or a system failure, the entire operational value chain could break down. The enterprise or even the entire supply chain becomes highly dependent on the functionality of the technical systems. For this reason, the system must be as resilient and redundant as possible, to ensure operability in the event of a part of the system failing.

In order within Logistics 4.0 technologies to generate value from data and allow data analysis, data needs to be on a level that ensures quality and consistency, calling for unified standards across different functions. It is therefore necessary to develop unified standards that apply throughout the supply chain. The clear definition of interfaces, especially across companies, is of vital importance. Explicit areas of responsibility have to be defined, and the new technologies needs to be integrated into the operational organization.

It is very important to know IT risks when implementing Logistics 4.0. The use of ICT opens the gates to attacks from the virtual world [6]. The larger the network and the more interfaces that exist, the larger the potential attack surface for cyberattacks. Preparations must be made in order to minimize these risks on a technical and organizational level. Technical solutions include firewalls and virtual private network connections.

Critical is the issue of data protection. Competitive advantages can be lost if information falls in the hands of competitors or third parties. This is not only a question of how to protect data from third parties, but also to know which kind of data belongs to whom. In the concept of Logistics 4.0, data ownership remains a central question, because if data is shared along the entire supply chain and on clouds, it becomes hard to control where the data came from and who is allowed to use the data. This is not only a technical point of view, but also a legal question.

Relating to data itself, the amount of data generated and handled must be controlled. Appropriate data quality must be ensured across a multitude of data types. This also relates to theaspects of technical integration and required standards. Data competence must be built up, ensuring that the data that is generated is put to a meaningful purpose and interpreted in a right way. This is the domain of Big Data technology. Big data challenges include capturing data, data storage, data analysis, search, sharing, transfer, visualization, querying, updating, information privacy and data source. Following Formula 1, information and communication technologies involved into data/information transfer/processing are one of individual risks.

The core technology of Logistics 4.0 is Cloud computing. Organizations often have concerns about the migration and utilization of cloud computing due to the loss of control over their outsourced resources and cloud computing is vulnerable to risks. Cloud environments experience the same threats as traditional data center environments; the threat picture is the same. That is, cloud computing runs software, software has vulnerabilities, and adversaries try to exploit those vulnerabilities [7]. However, unlike information technology systems in a traditional data center, in cloud computing, responsibility for mitigating the risks that result from these software vulnerabilities is shared between the cloud service providers (CSP) and the cloud consumer. As a result, consumers must understand the division of responsibilities and trust that the cloud service providers meets their responsibilities. The following vulnerabilities are a result of a CSP’s implementation of the five cloud computing characteristics:

• Consumers lose some visibility and control over operations when transitioning operations to the cloud. When using external cloud services, the responsibility for some of the policies and infrastructure moves to the CSP.

• On-Demand Self Service Simplifies Unauthorized Use. The on-demand self-service provisioning features of the cloud enable an organization’s personnel to provision additional services from the agency’s CSP without IT consent. Due to the lower costs and ease of implementing platform as a service (PaaS) and software as a service (SaaS) products, the probability of unauthorized use of cloud services increases. However, services provisioned or used without IT’s knowledge present risks to an organization. The use of unauthorized cloud services could result in an increase in malware infections or data exfiltration since the organization is unable to protect resources it does not know about. The use of unauthorized cloud services also decreases an organization’s visibility and control of its network and data.

• Internet-Accessible Management APIs can be Compromised. CSPs expose a set of application programming interfaces (APIs) that customers use to manage and interact with cloud services (also known as the management plane). Organizations use these APIs to provision, manage, orchestrate, and monitor their assets and users. These APIs can contain the same software vulnerabilities as an API for an operating system, library, etc. Unlike management APIs for on-premises computing, CSP APIs are accessible via the Internet exposing them more broadly to potential exploitation.

• Separation Among Multiple Tenants Fails. Exploitation of system and software vulnerabilities within a CSP’s infrastructure, platforms, or applications that support multi-tenancy can lead to a failure to maintain separation among tenants. This failure can be used by an attacker to gain access from one organization’s resource to another user’s or organization’s assets or data [8]. Multi-tenancy increases the attack surface, leading to an increased chance of data leakage if the separation controls fail.

• Data Deletion is Incomplete. Threats associated with data deletion exist because the consumer has reduced visibility into where their data is physically stored in the cloud and a reduced ability to verify the secure deletion of their data. This risk is concerning because the data is spread over a number of different storage devices within the CSP’s infrastructure in a multi-tenancy environment. In addition, deletion procedures may differ from provider to provider. Organizations may not be able to verify that their data was securely deleted and that remnants of the data are not available to attackers. This threat increases as an agency uses more CSP services [9].

It follows from the above that the use of CSP services entails a number of risks that can be eliminated or at least reduced by building your own cloud solution, where we are not dependent on a third party in the form of CSP. Such a solution is more advantageous from the security point of view, but entails, among other things, higher investments in the necessary infrastructure. For this reason, many companies choose to use CSP services at least at the beginning of the transformation. Following Formula 1, information and communication technologies involved into data/information transfer/ processing are again one of individual risks.

2.3 Social Risks

Of the social risks, job loss is probably the most likely [10]. This applies in particular to those activities that can be automated. The second vulnerable group are employees whoare not able to adapt quickly enough and meet the new requirements for activities within the ICT [11]. In particular, IT-related skills will be in demand in the future. Training should ensure that all employees are adequately prepared. Due to the competitive pressure on the labor market and the large number of alternatives for specialists, skilled personnel in particular is associated with high costs. Alternatively, IT-related experts can be accessed via external service providers, which can be contracted, but also are expensive and generate new dependencies. Employees who understand the traditional approach and IT at the same time are highly valued, to mediate between both. New demands on employees and additional tasks at work can lead to overload and strain. The loss of social interaction, as tasks are given increasingly to computers and automated services, is a further social risk.

Among others, additional risks arise from internal resistance and an inadequate corporate culture. It remains a risk that older employees or medium-level managers do not support the necessities of organizational transformation. The risk for an organization to be paralyzed and miss important developments due to a lack of openness and courage to do something new is critical. New systems and processes should be accepted and used. Vital features such as communication and the exchange of information have to be ensured. Relating to several economic and social risks, there is a risk that manufacturing, and services relocation could be a result. Employees’ resistance or lack of qualified personnel could drive owners to relocate their business to areas of the world where both aspects do not play such a major role.

2.4 Ecological Risks

One of the areas that needs to be considered from an ecological point of view is consumption. The implementation of Logistics 4.0 in practice and the application of digitization and new technologies involves various ecological risks and impacts. Thoughtful implementation plan can mean the critical difference whether Logistics 4.0 will bring environmental benefits or vice versa environmental risks. An example might be the consumption of raw materials or energy. Implementation of Logistics 4.0 technologies usually requires new machines whose production requires a large amount of raw material. For example, if the generation, transport, and storage of energy for the implementation and use of Logistics 4.0 technologies consumes more energy than the efficiency gains that would be generated, then assuming the complete adoption of all external effects is at least questionable from a macroeconomic point of view [12]. This relates especially to data transmission, decentralized systems such as Blockchain. Each verification transactions within Blockchain requires high computing power and thus high energy consumption. The larger the Blockchain network, the more energy-intensive it is.

Among the ecological risks are increased waste generation and emissions. Many companies making efforts to retrofit the existing machinery and equipment to save costs and resources. However, this will not be possible for the vast majority, due to the great complexity and required new technological capabilities. The majority of parts of the old machines or plants has to be discarded and ends up in landfills. This represents a burden on the global environment, especially since the decomposition and degradation of many waste materials takes a very long time.

An interesting question is Customization - of whether it’s an advantage or a risk. On the one hand, customization can mean time, material and energy savings, because the product is produced only on the basis of a specific order. On the other hand, product standardization involves the possibility of product re-use, while individualized products are more difficult to reuse. Therefore, waste might be increased, and recycling might become more difficult with non-standardized products. An inadequate infrastructure poses a major risk to competitiveness in the global market.

2.5 Legal and Political Risk

The applicability or diffusion of technologies is also influenced by politicians through laws that either support new technologies and create a favorable environment for their application, or, on the contrary, may create obstacles to the wider deployment of new technologies, either through legislative obstacles or political inactivity - thus, the absence of necessary laws. If digitization and networking are to find their way into the economy, the infrastructure must support and positively influence these efforts. Politicians must ensure that an appropriate infrastructure is provided [13].

One aspect that is often neglected but will have a major impact on the success of I4.0, are legal issues and how they will affect digital transformation. From a legal point of view, open questions need to be clarified with regard to data protection, data possession, data handling, liability (product liability, contractual liability and distribution/assignment of risk), jurisdiction, data protection and IT security, labor law, Intellectual Property. Another risk is the lack of standards, which hampers cross-border cooperation. Some questions of jurisdiction remain unresolved, such as for example when a transaction with a foreign company is carried out via the Internet or the role of online contracts or even “smart contracts” that are made automatically [14].

4.1 Mathematical Foundations of Blockchain

The fundamental part of Blockchain are cryptographic algorithms. In particular, the ECDSA algorithm is an Elliptic Curve Digital Signature Algorithm, which uses elliptic curves and finite fields to sign data so that a third party can confirm the authenticity of the signature by eliminating the possibility of falsification. ECDSA uses different procedures for signing and verification, consisting of several arithmetic operations. The signing algorithm makes use of the private key, and the verification process makes use of the public key.

Elliptic Curve Cryptography (ECC) is a method of public-key encryption based on the algebraic function and structure of a curve over a finite graph. It uses a trapdoor function predicated on the infeasibility of determining the discrete logarithm of a random elliptic curve element that has a publicly known base point.

Basic principle: you have a mathematical equation which draws a curve on a graph, and you choose a random point on that curve and consider that your point of origin. Then you generate a random number, this is your private key, you do some magical mathematical equation using that random number and that “point of origin” and you get a second point on the curve, that’s your public key. When you want to sign a file, you will use this private key (the random number) with a hash of the file (a unique number to represent the file) into a magical equation and that will give you your signature. The signature itself is divided into two parts, called R and S. In order to verify that the signature is correct, you only need the public key (that point on the curve that was generated using the private key) and you put that into another magical equation with one part of the signature (S), and if it was signed correctly using the the private key, it will give you the other part of the signature (R). So to make it short, a signature consists of two numbers, R and S, and you use a private key to generate R and S, and if a mathematical equation using the public key and S gives you R, then the signature is valid. There is no way to know the private key or to create a signature using only the public key.

ECDSA uses only integer mathematics, there are no floating points (this means possible values are 1, 2, 3, etc. but not 1.5.), also, the range of the numbers is bound by how many bits are used in the signature (more bits means higher numbers, means more security as it becomes harder to ‘guess’ the critical numbers used in the equation), as you should know, computers use ‘bits’ to represent data, a bit is a ‘digit’ in binary notation (0 and 1) and 8 bits represent one byte. Every time you add one bit, the maximum number that can be represented doubles, with 4 bits you can represent values 0 to 15 (for a total of 16 possible values), with 5 bits, you can represent 32 values, with 6 bits, you can represent 64 values, etc. one byte (8 bits) can represent 256 values, and 32 bits can represent 4294967296 values (4 Giga). Usually ECDSA will use 160 bits total, so that makes well, a very huge number with 49 digits in it. ECDSA is used with a SHA1 cryptographic hash of the message to sign (the file). A hash is simply another mathematical equation that you apply on every byte of data which will give you a number that is unique to your data. Like for example, the sum of the values of all bytes may be considered a very dumb hash function. So if anything changes in the message (the file) then the hash will be completely different. In the case of the SHA1 hash algorithm, it will always be 20 bytes (160 bits). It’s very useful to validate that a file has not been modified or corrupted, you get the 20 bytes hash for a file of any size, and you can easily recalculate that hash to make sure it matches. What ECDSA signs is actually that hash, so if the data changes, the hash changes, and the signature isn’t valid anymore.

The elliptic curve needs to consist of points that satisfy the equation:

(x,y) on the curve represent a point, while both a and b are constants.

More details about mathematical description of Elliptic curve cryptography is given, for example, by Hans Knutson [20] or Eric Rykwalder [21].

4.2 Cryptographic hash functions

A cryptographic hash function is a special class of hash functions that has various properties making it ideal for cryptography. There are certain properties that a cryptographic hash function needs to have in order to be considered secure:

• Deterministic – meaning that the same message always results in the same hash.

• Quick Computation - The hash function should be capable of returning the hash of an input quickly. If the process isn’t fast enough then the system, simply won’t be efficient. Computationally hash functions are much faster than a symmetric encryption.

• Pre-Image Resistance - Given a hash value h it should be difficult to find any message m such that h = hash(m). This property means that it should be computationally hard to reverse a hash function. This property protects against an attacker who only has a hash value and is trying to find the input.

• Second pre-image resistance - Given an input m₁, it should be difficult to find a different input m₂ such that hash(m₁) = hash(m₂). This property is sometimes referred to as weak collision resistance. Functions that lack this property are vulnerable to second-preimage attacks.

• The Avalanche Effect - Even if you make a small change in your input, the changes that will be reflected in the hash will be huge.

• Collision resistance - It should be difficult to find two different messages m₁ and m₂ such that hash(m₁) = hash(m₂). Such a pair is called a cryptographic hash collision. This property is sometimes referred to as strong collision resistance. It requires a hash value at least twice as long as that required for pre-imageresistance; otherwise collisions may be found by a birthday attack [22].

Informally, these properties mean that a malicious adversary cannot replace or modify the input data without changing its digest. Thus, if two strings have the same digest, one can be very confident that they are identical. Second pre-image resistance prevents an attacker from crafting a document with the same hash as a document the attacker cannot control. Collision resistance prevents an attacker from creatingtwo distinct documents with the same hash.

4.3 Consensus Algorithms in Blockchain

Consensus algorithms are of the highest relevance to blockchain technology since the purpose of Bitcoin was to transfer value in an unregulated, distrusting environment, where a sure way of validating transactions was needed. The goal of the consensus algorithm is to ensure a single history of transactions exists and that that history does not contain invalid or contradictory transactions. For example, that no account is attempting to spend more than the account contains, or to spend the same token twice, so-called double-spending.

We know that Blockchain is a distributed decentralized network that provides immutability, privacy, security, and transparency. There is no central authority present to validate and verify the transactions, yet every transaction in the Blockchain is considered to be completely secured and verified. This is possible only because of the presence of the consensus protocol which is a core part of any Blockchain network.

A consensus algorithm is a procedure through which all the peers of the Blockchain network reach a common agreement about the present state of the distributed ledger. In this way,consensus algorithms achieve reliability in the Blockchain network and establish trust between unknown peers in a distributed computing environment. Essentially, the consensus protocol makes sure that every new block that is added to the Blockchain is the one and only version of the truth that is agreed upon by all the nodes in the Blockchain.

Bitcoin solved the consensus problem by, for each new block announcing a target, which the hash of the previous block, the current block and a variable nonce has to equal less than. Since the output of the hashing function is evenly distributed, it’s impossible to create a block such that it with certainty will be easy to reach the target. Therefore, there is a race between the mining computers in the network to find the right nonce. Once a target is reached, the mining computer broadcasts that block to the network and other participants validate the transactions. If enough validating nodes find the transactions to add up, they agree upon that block being added to the chain. This procedure is called proof-of-work (PoW). Since the goal is, not to give too much power to a single person or organization, a limited resource has to be chosen which will be spent upon voting for the validity of a block. In PoW, that resource is computing power.

Proof of Stake (PoS) is the most common alternative to PoW. In this type of consensus algorithm, instead of investing in expensive hardware to solve a complex puzzle, validators invest in the coins of the system by locking up some of their coins as stake. After that, all the validators will start validating the blocks. Validators will validate blocks by placing a bet on it if they discover a block which they think can be added to the chain. Based on the actual blocks added in the Blockchain, all the validators get a reward proportionate to their bets and their stake increase accordingly. In the end, a validator is chosen to generate a new block based on their economic stake in the network. Thus, PoS encourages validators through an incentive mechanism to reach to an agreement.

There are a number of other algorithms such as: Proof of Burn (PoB), Proof of Capacity, Proof of Elapsed Time (PoET), Proof of Activity, Proof of Weight, Proof of Importance, Leased Proof of Stake, etc.

Implementation into logistic model of AutoID processing

Many information systems (ERP and other categories) are nowadays extended for providing better/extended data security as a prevention for information risks. For the purposes of presentation and modelling AutoID processes College of Logistics uses its laboratory model of data gathering information with basic information system. Basic structure of the physical model is presented at Figure 2a, example of data structures used is at Figure 2b.

Figure 2

a: block structure of physical model; b: part of data structures (tables with relations)

The model is rail yard in H0 scale. It represents very simple configuration with two parallel rail ovals. There are two simple stations for simulation of loading and unloading. Data read from the train model are processed in a connected information system (EPCIS). RFID readers with antennas are placed in specified locations of the rail yard model together with magnetic readers, together they monitor the movement of the trainset. Models of wagons are made of plastic. This is difference from real metal wagons. This is limitation for modelling of radiofrequency readings. Real metal environment requires special tags to eliminate lower readability [23].

Blockchain technology is used to secure data describing particular steps of defined logistics processes. Selected event records are used for hashes generation and theses hashes are sent to one of blockchain nodes in EAI Notarius structure. The Blockchain Notarius application provides service of registration of data files on the blockchain, and the service of verification of whether a submitted copy of a file is identical to the registered original. See Figure 3.

Figure 3

Blockchain Notarius structure ^[3]