Cyber Physical Supply Chains

Digital supply chain icon

Safe Movement of Physical Goods Across Geographical Borders

Current customs entry processes and environment results in limited supply chain data visibility, and fragmented or lacking data submissions create an information gap. This creates a risk for goods entering the geographical borders. In addition, restricted usage of trusted data inhibits the collaboration between trade and partnering government agencies to validate and speed the entry clearance and targeting process, resulting in congestion in the supply chain processes, inefficiencies prior to entry of goods within geographical borders, delays in the abilities of regulatory bodies ability to apply appropriate custom releases and ability of regulatory bodies (e.g., U.S. Customs and Border Protection [CBP]) to apply timely consequences creating business risk for importers.

The use of technical standards which have been vetted through standards organizations like GS1 and W3C (in particular verified credentials and decentralized identifiers) allow regulatory bodies to understand clearly:
Who is in control of the products being shipped
What are the contents of a particular shipment
Where are the parties associated with the shipment located

Understanding the whowhat, and where about the goods entering and leaving the geographical borders help the regulatory bodies to:
* Gather critical supply and trade data without divulging proprietary information
* Receive data at the creation of the data from the original source
* Retrieve missing data for better quality information for earlier decisions regarding the shipments
* Improve data quality to make informed decisions about a shipment
* Assert verifications of the parties involved with a shipment

Securing Software Supply Chains

Software supply chain attacks are becoming more prevalent. Such attacks happen when a cyber threat actor infiltrates a software vendor’s network and employs malicious code to compromise the software before the vendor sends it to their customers. The compromised software then compromises the customer’s data or system. These types of attacks affect all users of the compromised software and can have widespread consequences for government, critical infrastructure, and private sector software customers, often resulting in crippling companies and bringing global operations to a halt. The software supply chain is becoming so critical that in May 2021, the president of the United States issued an Executive Order targeted at improving the nation’s cybersecurity.

The use of verified credentials and decentralized identifiers provides the necessary technical infrastructure to address critical software supply chain issues. Decentralized identifiers define a standard way to discover keys for issuers and subjects. Verified credentials define a standard way to discover semantics for private claims. These attributes of decentralized identifiers and verified credentials enable defense against powerful threat actors.

For questions or more information, please contact Karyl Fowler at or Orie Steele at