The democratization of data access and usage in the enterprise is underway. Establishing data governance and organization-wide information management becomes a must.

Metadata management allows the end-to-end traceability, from data sourcing to data consumption. This traceability is required for personal data by regulations such as GDPR.

Traceability

Traceability means transparency of flows of goods and data – a basic requirement for a modern supply chain.

Consumers, authorities and various quality assurance and product standards demand transparent information on raw materials and primary packaging. Brand owners need to be able to fully answer questions quickly, at the batch level, on the source of raw materials, production methods, and staging points. With a good traceability information system, a brand owner can guarantee protection for consumers and itself. It can quickly contain any problems and provide adequate information, which builds confidence among consumers and the authorities.

Solution

We choose MUML as the underlying software design method due to its existing support for real-time, and due to our preliminary work on the approach (cf. Sect. 4). Furthermore, we rely on consensus for the specification of requirements due to its tight integration with MUML. More precisely, we provide the following partial solutions to the traceability problem for information flow requirements:

Specification of illegitimate information flow at the level of consensus system models. To address challenge C1, we provide systems engineers with a specification technique for information flow requirements, allowing them to mark a flow between elements of a system, or its environment, as illegitimate. The specification needs to take place in a form that enables a later comparison against the actual information flow detected through verification. Thus, by distinguishing illegitimate from legitimate flow, it is possible to judge whether the information flow requirements are violated.

Deriving verifiable information flow properties from the specified requirements in an automatic fashion. As a contribution to challenge C3, the derived properties relate the initial requirements to a MUML software design model and allow to verify the model’s compliance. In order to produce meaningful verification results, the derived properties need to preserve the semantics of the initial requirements and, therefore, the derivation needs to interrelate the consensus system model and the MUML software design model. It is beneficial to infer the relation between these models automatically from the traces of a model transformation.

Real-time verification of non-interference properties on the basis of software design models. In order to overcome challenge i.e., to decide whether a given MUML model fulfills the derived information flow properties, rigorous verification of the non-interference needs to be carried out. To this end, we enrich the theoretical basis of real-time non-interference by a ready-to-use verification technique. To cope with the infinite, real-valued state space, we explicitly consider the applicability of existing verification techniques from the area of real-time model checking.

Reinterpretation of the verification results to trace them back to the initial requirements as a further contribution to challenge C3. Depending on the complexity of the interrelations between MUML software design and Conses system model, the verification results obtained so far are of little significance, as they do not allow the engineers to draw immediate conclusions about the initial information flow requirements. Therefore, in order to give significance to the results, we automatically relate them back to the requirements specified initially. Every specified requirement needs to be marked as met (if the non-occurrence of information flow has been proved by the verification), or as a violation (if the verification detected the occurrence of an illegitimate flow).

Previous studies have shown that software traceability, the ability to link together related artifacts from different sources within a project (e.g., source code, use cases, documentation, etc.), improves project outcomes by assisting developers and other stakeholders with common tasks such as impact analysis, concept location, etc. Establishing traceability links in a software system is an important and costly task, but only half the struggle. As the project undergoes maintenance and evolution, new artifacts are added and existing ones are changed, resulting in outdated traceability information. Therefore, specific steps need to be taken to make sure that traceability links are maintained in tandem with the rest of the project. In this article, we address this problem and propose a novel approach called TRAIL for maintaining traceability information in a system.

Advantages and benefits of full traceability

Traceability in an open supply chain which help company in achieving:

  • Increase customer satisfaction and safety
  • In the event a recall does take place, manufacturers are able to minimize the impact by only recalling those items with the specific serial numbers that were built with the faulty component, material or process – thus significantly reducing expenses and customer impact.
  • Meet government and compliance mandates
  • Ease the burden and lessen the chances for fines and penalties associated with noncompliance.
  •  Improve data accuracy
  • Reduce human error.
  • Save millions in lost revenue, recall costs, damage control campaigns, litigation, and fines.
  • Mobile track-and-trace solutions can prevent quality issues before they occur or, in the event of a product recall, allow manufacturers to act swiftly as well as narrow the scope of the recall to reduce exposure to negative brand impressions and damage to revenues.
  • Reduce warranty claim costs
  • Traceability enables manufacturers to accurately analyze the root cause of a product or part failure to recover warranty costs from liable suppliers.
  • With automation and traceability solutions for discrete manufacturers, you can track warranty and part information to up-sell and cross-sell complementary products and services.

In addition, labor hours can be reallocated to focus on revenue-generating activities versus the double reporting that occurs when data is collected manually and then later transferred into a computer system. For that purpose, a traceability system identifies objects by using a representation format such as serial numbers or lot numbers, as well as the transfer medium such as labels and RF tags.

When all people related to the supply chain, including consumers, can recognize the status of the product and objects and information has been linked, tracing forward/back can be done easily. This ensures the quality and safety of the product.

We currently work towards reducing the verification problem to a refinement check for real-time systems. After preparing the verification backend, we plan to address the requirements specification at the level of model-based systems engineering, and the derivation of verifiable properties within the next year. Finally, we intend to carry out the final integration of systems engineering and software design in order to establish the desired traceability solution. Our evaluation strategy enables us to carry out a stepwise, incremental validation of our contributions.