Toward Privacy-Aware Traceability for Automotive Supply Chains

Abstract

The lack of traceability in today’s supply chain system for auto components makes counterfeiting a signi cant problem leading to millions of dollars of lost revenue every year and putting the lives of customers at risk. Traditional solutions are usually built upon hardware such as RFID tags and barcodes and these solutions cannot stop attacks from supply chain (insider) parties themselves as they can simply duplicate products in their local database. This industry-academia collaborative work studies the bene ts and challenges associated with the use of distributed ledger (or blockchain) technology towards preventing counterfeiting in the presence of malicious supply chain parties. We illustrate that the provision of a distributed and append-only ledger jointly governed by supply chain parties themselves makes permissioned blockchains such as Hyperledger Fabric a promising approach towards mitigating counterfeiting. Meanwhile, we demonstrate that the privacy of supply chain parties can be preserved as competing supply chain parties strive to protect their businesses from the prying eyes of competitors and counterparties. Besides, we show that the recall process can be achieved e ciently with the help of the blockchain. The proposed solution, Fordchain, overcomes the challenges to achieve the best of both worlds: a solution to the counterfeiting problem using distributed ledger technology while providing accountability and the privacy notions of interest for supply chain parties. Although our e orts to build a blockchain-based counterfeiting prevention system aims at automotive supply chains, the lessons learned are highly applicable to other supply chains. We end-to-end implement our Fordchain solution in the Hyperledger Fabric framework, analyze it over AWS EC2 clusters, and illustrate that the performance of our solution is good enough to be applied in practice.