Extensible Supply-chain Discovery Services (ESDS) BOF IETF 71 – Philadelphia, PA, USA Ted Mark

Objectives of ESDS BOF Explain the problem Discuss expectations Review proposed Charter Agree on scope of the work Reach consensus on forming a WG

ESDS BOF Agenda Agenda Bashing – Mark (5 min) Introduction to concept – Mark (15 min) – Questions regarding clarification (15 min) Review of Problem Statement – Michael (10 min) – Questions regarding clarification (10 min) Expectations of deliverables – Mark (15 min) – Questions regarding clarification (15 min) Scope of work – Mark (10 min) – Comments (15 min) Next Steps and Action Items (10 min)

Scope of Discussion What do we mean by Discovery Services? Why now? How are Discovery Services different from existing standards (e.g. UDDI, DNS, ONS, EPCIS)? Specific challenges

Discovery Services [ESDS protocol] How to chase a bull... Event Publish

Discovery Services [ESDS protocol] Running with the bull... Is my food safe for consumption? Where has it been? How fresh is it? URL Query

Why now? - Business perspective Companies are increasingly adopting technologies that allow for automatic unique identification of individual objects Improved traceability – food, pharmaceuticals, aircraft parts etc. Improved supply-chain efficiency – Balancing supply and demand using fine-grained data – Increased machine-machine data sharing Enables improved gathering of product lifecycle history info – Refurbishment / re-use of discarded products, remanufacturing Radio- Frequency Identification (RFID) 2-dimensional barcodes (e.g. DataMatrix)

Why now? - Technical perspective Air Interface Reader ID Tags on objects Reader Protocol Filtering & Collection Application Level Events Event Repository, ERP,... EPC Information Services Air Interface Reader ID Tags on objects Reader Protocol Filtering & Collection Application Level Events Event Repository, ERP,... EPC Information Services Air Interface Reader ID Tags on objects Reader Protocol Filtering & Collection Application Level Events Event Repository, ERP,... EPC Information Services Discovery Services Query ProtocolPublish ProtocolBootstrap Protocol EPCglobal ISO EPCglobal & Company A Company B Company C

What's different? Enables gathering of information about individual real-world objects Primary lookup key is unique ID of object rather than type of services / methods offered Focus is on a lightweight referral service that provides 'links' to information resources that hold more detailed information Multiple providers of information per object (1-to-many mapping, changing over time, complete list of links is not 'predictable' by inspection of ID) Potentially huge volumes of objects (trillions) Information in resources is generally not publicly accessible Even the 'link' information is very commercially sensitive Need to protect against data mining by competitors

Some specific challenges Scalability of access control permissions Potential number of permissions per object could be of order N 2 where N is number of companies in chain / lifecycle Need a more scalable solution Supply chain or lifecycle Co-existence and co-operation of multiple Discovery Services – How to find an appropriate DS for an unexpected object

Routing Query Routing R Query Referral Federation of DS Response Application making query Query Response Information Provider Insert Referral known by Q Query Q E D F

ESDS BOF Agenda Agenda Bashing – Mark (5 min) Introduction to concept – Mark (15 min) – Questions regarding clarification (15 min) Review of Problem Statement – Michael (10 min) – Questions regarding clarification (10 min) Expectations of deliverables – Mark (15 min) – Questions regarding clarification (15 min) Scope of work – Mark (10 min) – Comments (15 min) Next Steps and Action Items (10 min)

Review of Problem Statement Michael Young

Contributors & Consumers Afilias Air France Boeing EPCglobal SITA BRIDGE Project – Bénédicta Group – BT – AT4 wireless – University of Cambridge PROMISE Project – Helsinki University of Technology – PROMISE Innovation ESDS mailing list has over 70 members

Reliance on IETF Bootstrapping process Scaling to global operations Security considerations Leveraging IETF technology – Suggestions we have received already: Feedback from operational groups such as DNS “Forest Guides” concept developed by ECRIT work group Peer-to-peer communication and organization via P2PSIP

Real World Needs Enable cross-organization visibility into maintenance records for critical equipment such as airplane parts Detection of counterfeit products and verifying product authenticity Facilitate product recalls for pharmaceutical drugs, tainted food, or even faulty equipment to ensure consumer safety

Driving Forces Growing complexity of today’s supply chains Facilitating legislative requirements Consumer demand for better service Open market competitiveness to increase efficiency in operations Demand for increased security through visibility into the global supply chain

ESDS BOF Agenda Agenda Bashing – Mark (5 min) Introduction to concept – Mark (15 min) – Questions regarding clarification (15 min) Review of Problem Statement – Michael (10 min) – Questions regarding clarification (10 min) Expectations of deliverables – Mark (15 min) – Questions regarding clarification (15 min) Scope of work – Mark (10 min) – Comments (15 min) Next Steps and Action Items (10 min)

Review of Requirements Mark Harrison

Some User Requirements (continued) (gathered by the EU BRIDGE project) Tracking:Last seen - but also where an object is expected to be Alerting?:Misplacement, Duplicate IDs, Sensor values out of range Updating:On each shipping & receiving event Latency:Updates to be live within 1 minute, ideally 1 second Q response:Simple queries should respond within 1 second Availability:24 hours per day, 7 days per week Standing Q:Standing queries should be supported to provide future updates about new info providers for a given EPC Provision:Multiple providers offering DS on a competitive, commercial basis, with all supply chain parties contributing to the cost of the service, preferably paid on a subscription basis rather than charged according to # queries or # updates

Some Technical Expectations (gathered by the EU BRIDGE project) Core data record:Referral URL, Unique ID, [timestamp] Sizing: # objects to track:up to 1 billion per year per company # companies per supply chain:sometimes 50+ companies per object # queries per day:100,000/day from some companies DS records refer to:ERP systems, inventory mgmt, etc. including other Discovery Services Types of query:full trace, where last seen (time-ordered) Availability:24/7, > 99.99% uptime

More Technical Expectations (gathered by the EU BRIDGE project) Sync/Async response:Synchronous response preferred Async response OK for standing queries Updating of records:Not allowed; journalled log only Need mechanism to mark records as void and re-assert correct record as replacement (Never alter original records) Management of purging:Expiry time of record to be specified 'Meta-data' for context:Yes - but use standardized vocabularies Further details of Discovery Service requirements from BRIDGE project at: WP02 Serial Level Lookup Requirements

ESDS BOF Agenda Agenda Bashing – Mark (5 min) Introduction to concept – Mark (15 min) – Questions regarding clarification (15 min) Review of Problem Statement – Michael (10 min) – Questions regarding clarification (10 min) Expectations of deliverables – Mark (15 min) – Questions regarding clarification (15 min) Scope of work – Mark (10 min) – Comments (15 min) Next Steps and Action Items (10 min)

Review Charter ESDS has been chartered to architect and define the protocol of Discovery Services for global supply chains. ESDS's goal is to enable gathering of information on physical things flowing in a supply chain, by authorized and authenticated users. Economic and technical factors dictate that Discovery Services and their protocol ESDS must be designed for deployment on the Internet. Access control, data protection and security are of utmost importance, due to sensitivity and value of the information generated by the supply chain.

Scope of Discovery Services To provide an enabling technical protocol for a secure and scalable referral service To provide a bootstrap solution to such a service... and integrate with appropriate pre-existing security frameworks

1.Is this an interesting problem to tackle? 2.Is the scope of work appropriate to the problem? 3.Is there support to form a work group with the following charter? (i.e. that the charter itself is ready and supported by the community) 4.Can I ask for a show of hands for who is willing to review documents? 5.Do we have any additional volunteers as an editor for some of the document(s) to be produced by the work group?

ESDS BOF Agenda Agenda Bashing – Mark (5 min) Introduction to concept – Mark (15 min) – Questions regarding clarification (15 min) Review of Problem Statement – Michael (10 min) – Questions regarding clarification (10 min) Expectations of deliverables – Mark (15 min) – Questions regarding clarification (15 min) Scope of work – Mark (10 min) – Comments (15 min) Next Steps and Action Items (10 min)

Review Milestones DoneSubmit a draft problem statement April 2008Submit a document outlining the Initial Conventions July 2008Submit a draft on requirements for Security Sept 2008Submit a draft requirements for Publishing protocol Nov 2008Submit a draft proposed protocol for Publishing Jan 2009Submit a draft on requirements for Query protocol March 2009Submit draft proposed protocol for Querying May 2009Submit draft on requirements for DS-DS peer communications July 2009Submit draft proposed protocol for DS-DS peer communications