Personal blog of Yzmir Ramirez

When a hacker broke into the computer systems of the Oldsmar Florida water supply last month, it sent up red flags across the operational tech world, whether that’s utilities or oil and gas pipelines. Xage, a security startup that has been building a solution to help protect these hard-to-secure operations, announced a Zero Trust remote access cloud solution today that could help prevent these kinds of attacks.

Duncan Greatwood, CEO at Xage, says flat out that if his company’s software was in place in Oldsmar, that hack wouldn’t have happened. Smaller operations like the one in Oldsmar tend to be one-person IT shops running older remote access software that’s vulnerable to hacking on a number of levels.

“It’s not difficult to compromise a virtual network computing (VNC) connection. It’s not difficult to compromise a stale account that’s been left on a jump box. What we started to do last year was deliver what we call a Zero Trust remote access solution to these kinds of customers,” Greatwood told me.

This involves controlling access device by device and person by person by determining who can do what based on them authenticating themselves and proving who they are. “It doesn’t rely on knowledge of a device password or a VPN zone password,” he explained.

The solution goes further with a secure traversal tunnel, which relies on a tamper proof certificate to prevent hackers from getting from the operations side of the house — whether that’s a utility grid, water supply or oil and gas pipeline — to the IT side where they could then begin to muck about with the operational technology.

Xage also uses a distributed ledger as a core part of its solution to help protect identity policies, logs and other key information across the platform. “Having a distributed ledger means that rather than an attacker having to compromise just a single node, it would have to compromise a majority of the nodes simultaneously, and that’s very difficult [if not impossible] to do,” he said.

What’s more, the ledgers operate independently across locations in a hierarchy with a global ledger that acts as the ultimate rules enforcer. That means even if a location goes offline, the rules will be enforced by the main system whenever it reconnects.

They introduced an on premise version of the Zero Trust remote access system last October, but with this kind of technology difficult to configure and maintain, some customers were looking for a managed solution like the one being introduced today. With the cloud solution, customers get a hosted solution accessible via a web browser with much faster deployment.

“What we’ve done with the cloud solution is made it really simple for people to adopt us by hosting the management software and the core Xage fabric nodes in this Xage cloud, and we’re really dramatically reducing that time to value for a remote access solution for OT,” Greatwood said.

You might be thinking that CISOs might not trust a cloud solution for these sensitive kinds of environments, and he admits that there is some caution in this market, even though they understand the benefits of moving to the cloud. To help ease these concerns, they can do a PoC in the cloud and there is a transfer tool to move back on prem easily if they are not comfortable with the cloud approach. So far he says that no early customers have chosen to do that, but the option is there.

Xage was founded in 2017 and has raised $16 million so far, according to Crunchbase data.

Early Stage is the premiere ‘how-to’ event for startup entrepreneurs and investors. You’ll hear firsthand how some of the most successful founders and VCs build their businesses, raise money and manage their portfolios. We’ll cover every aspect of company-building: Fundraising, recruiting, sales, legal, PR, marketing and brand building. Each session also has audience participation built-in — there’s ample time included in each for audience questions and discussion.

As the number of IoT devices proliferate, and machines conduct transactions with machines without humans involved, it becomes increasingly necessary to have a permissionless system that facilitates this kind of communication in a secure way.

Enter the IOTA Foundation, a Berlin-based open-source distributed ledger technology (DLT) project, which has hooked up with the Eclipse Foundation to bring IOTA DLT to the enterprise via the Tangle EE project. For starters, this involves forming a working group.

The distributed ledger idea first emerged as a way to distribute digital currency on the blockchain. Since then, there have been multiple ideas, both open source and commercial, to bring this concept to the enterprise to provide a secure, immutable and frictionless way to share data.

One such open-source project is IOTA, which saw an issue with DLT as it was being implemented by other entities. “IOTA is the first distributed ledger technology that went beyond blockchain with a completely new architecture that resolves the bottleneck problems of blockchain that has prevented real-world adoption,” Dominik Schiener, co-founder of IOTA Foundation, told TechCrunch.

The broad vision is to provide a way for machines and devices to communicate securely. “We provide a protocol layer that enables both humans and machines to bulk transact value without fees, as well as ensure data integrity, which is, of course, increasingly important in the age of Internet of Things, where hundreds of billions of devices are being connected over the next decades,” Schiener said.

Tangle EE is the part of the project aimed at enterprise users — EE stands for Enterprise Edition — that can take this technology and enable larger organizations to build applications on top of the project. For starters the foundation is working with the Eclipse Foundation to bring corporate entities on board who can help better define the requirements of the large business user.

Dell Technologies and STMicroelectronics are the first major companies joining the project, but the hope is that through discussion and dialogue, Tangle EE will begin to gain traction. “The main reason why we created Tangle EE was because of the discussions that we’ve had with corporations. They really understood that we need to have a working group around IOTA to discuss the application layer, to discuss what kind of solutions we can develop broadly across industries, but also really start having more serious discussions about the protocol,” Schiener said.

Much like the Linux Foundation, the Eclipse Foundation will provide a governance framework for the project. “The Eclipse Foundation will provide a vendor-neutral governance framework for open collaboration, with IOTA’s scalable, feeless and permissionless DLT as a base,” Mike Milinkovich, executive director of the Eclipse Foundation, explained in a statement.

If it gains traction, more companies will join in the coming months and years, and begin building out Tangle EE, while developing applications based on the protocol.

Clear is an early-stage startup with a big ambition. It wants to build a blockchain for high-volume transaction systems like payments between telcos. Today it announced a $13 million Series A investment.

The round was led by Eight Roads with participation from Telefónica Innovation Ventures, Telekom Innovation Pool of Deutsche Telekom, HKT and Singtel Innov8.

That the strategic investors were telcos is not a coincidence. The early use case for Clear’s blockchain transaction network involves moving payments between worldwide telcos, a system that today is highly manual and prone to errors.

Clear co-founder Gal Hochberg says what his company does is to take commercial contracts and turn them into digital representations, often known in digital ledger terms as a smart contract.

“What that lets us do is create a trusted view of the true status of the relationship within the company’s business partners because they’re now looking at the same pricing and usage. They can find any issues in real time, either in commercial information or in service delivery, and they can even actually resolve those inside our platform,” Hochberg explained.

By putting these high-volume, cross-border transactions onto the blockchain with these smart contracts to act as automated enforcer of the terms, it means that instead of waiting until the end of the month to find errors and begin a resolution process, this can be done in real time, reducing time to payment and speeding up conflict resolution.

“We use blockchain technology to create those interactions in ways that it is auditable, cryptographically secure and ensures that both sides are synced and seeing the same information,” Hochberg said.

For starters, the company is working with worldwide telco companies because the number of transactions, and the way they cross borders make this a good test case, but Hochberg says this is only the starting point. They are not in full-blown production yet, but he says they have proven they can process hundreds of millions of billable events.

The money should help the company get into full carrier-grade production some time in the first half of this year, and then begin to expand into other verticals beyond telcos with the help of today’s investment.

The open-source Hyperledger Foundation announced the release of Hyperledger Fabric 2.0 today, the first such project to reach a 2.0 release.

It’s a notable milestone. The blockchain as a business tool has certainly had a rocky road over the last few years, but there is still plenty to like about smart contracts that have automated compliance checks built-in. Hyperledger Fabric 2.0 has lots of new features with that in mind.

The biggest updates involve forcing agreement among the parties before any new data can be added to the ledger, known as decentralized governance of the smart contracts. In practice, it means that the system will prevent any entity from writing to the ledger until there is consensus among the parties involved in the transaction, a basic blockchain tenet.

This is a requirement because the beauty and the curse of the distributed ledger is that it is an immutable record. Once you have written something in the ledger, it becomes very difficult to change it without the agreement of all those involved in the contract. You want to make sure you get it right before you commit something to the ledger.

Along those same lines, developers can build in automated checks along the way. As they say, this ensures the parties can “validate additional information before endorsing a transaction proposal.”

Brian Behlendorf, executive director at Hyperledger and a big advocate of open-source distributed ledger technology, says this is a big milestone for the project and the organization as it looks to help organizations adopt distributed ledger technology.

“Fabric 2.0 is a new generation framework developed by and for the enterprises that are building distributed ledger capabilities into the core of their businesses. This new release reflects both the development and deployment experience of the Fabric community and confirms the arrival of the production era for enterprise blockchain,” Behlendorf said in a statement.

That remains to be seen. The rise of blockchain in business has moved at a slow pace, but this release shows that the open-source community is still committed to building enterprise-grade distributed ledger technology. Today’s announcement is another step in that direction.

Xage is working with utilities, energy companies and manufacturers to secure their massive systems, and today it announced some significant updates to deal with the scale and complexity of these customers’ requirements, including a new hierarchical blockchain.

Xage enables customers to set security policy, then enforce that policy on the blockchain. Company CEO Duncan Greatwood says as customers deploy his company’s solutions more widely, it has created a set of problems around scaling that they had to address inside the product, including the use of blockchain.

As you have multiple sites involved in a system, there needed to be a way for these individual entities to operate, whether they are connected to the main system or not. The answer was to provide each site with its own local blockchain, then have a global blockchain that acts as the ultimate enforcer of the rules once the systems reconnected.

“What we’ve done is by creating independent blockchains for each location, you can continue to write even if you are separated or the latency is too high for a global write. But when the reconnect happens with the global system, we replay the writes into the global blockchain,” Greatwood explained.

While classical blockchain doesn’t allow these kinds of separations, Xage felt it was necessary to deal with its particular kind of use case. When there is a separation, a resynchronization happens where the global blockchain checks the local chains for any kinds of changes, and if they are not consistent with the global rules, it will overwrite those entries.

Greatwood says these changes can be malicious if someone managed to take over a node or they could be non-malicious, such as a password change that wasn’t communicated to the global chain until it reconnected. Whatever the reason, the global blockchain has this power to fix the record when it’s required.

Another issue that has come up for Xage customers is the idea that majority rules on a blockchain, but that’s not always a good idea when you have multiple entities working together. As Greatwood explains, if one entity has 600 nodes and the other has 400, the larger entity can always enforce its rules on the smaller one. To fix that, they have created what they are calling a supermajority.

“The supermajority allows us to impose impose rules such as, after you have the majority of 600 nodes, you also have to have the majority of the 400 nodes. Obviously, that will give you an overall majority. But the important point is that the company with 400 nodes is protected now because the write to the ledger account can’t happen unless a majority of the 400 node customers also agrees and participates in the write,” Greatwood explained.

Finally, the company also announced scaling improvements, which reduce computing requirements to run Xage by 10x, according to the company.

Last year IBM and Danish shipping conglomerate Maersk announced the limited availability of a blockchain-based shipping tool called TradeLens. Today, the two partners announced that a couple of other major shippers have come on board.

The partners announced that CMA CGM and MSC Mediterranean Shipping Company have joined TradeLens. When you include these companies together with Maersk, the TradeLens consortium now encompasses almost half of the world’s cargo container shipments, according to data supplied by IBM .

That’s important, because shipping has traditionally been a paper-intensive and largely manual process. It’s still challenging to track where a container might be in the world and which government agency might be holding it up. When it comes to auditing, it can take weeks of intensive effort to gather the paperwork generated throughout a journey from factory or field to market. Suffice to say, cargo touches a lot of hands along the way.

It’s been clear for years that shipping could benefit from digitization, but to this point, previous attempts like EDI have not been terribly successful. The hope is that by using blockchain to solve the problem, all the participants can easily follow the flow of shipments along the chain and trust that the immutable record has not been altered at any point.

As Marie Wieck, general manager for IBM Blockchain told TechCrunch at the time of last year’s announcement, the blockchain brings some key benefits to the shipping workflow:

The blockchain provides a couple of obvious advantages over previous methods. For starters, [Wieck said] it’s safer because data is distributed, making it much more secure with digital encryption built in. The greatest advantage though is the visibility it provides. Every participant can check any aspect of the flow in real time, or an auditor or other authority can easily track the entire process from start to finish by clicking on a block in the blockchain instead of requesting data from each entity manually.

The TradeLens partners certainly see the benefits of digitizing the process. “We believe that TradeLens, with its commitment to open standards and open governance, is a key platform to help usher in this digital transformation,” Rajesh Krishnamurthy, executive vice president for IT & Transformations at CMA CGM Group, said in a statement.

Today’s announcement is a big step toward gaining more adoption for this approach. While there are many companies working on supply chain products on the blockchain, the more shipping companies and adjacent entities like customs agencies who join TradeLens, the more effective it’s going to be.

The Linux Foundation’s Hyperledger Project has a singular focus on the blockchain, but this morning it announced a framework for building supply chain projects where it didn’t want blockchain stealing the show.

In fact, the foundation is careful to point out that this project is not specifically about the blockchain, so much as providing the building blocks for a broader view of solving supply chain digitization issues. As it describes in a blog post announcing the project, it is neither an application nor a blockchain project, per se. So what is it?

“Grid is an ecosystem of technologies, frameworks and libraries that work together, letting application developers make the choice as to which components are most appropriate for their industry or market model.”

Hyperledger doesn’t want to get locked down by jargon or preconceived notions of what these projects should look like. It wants to provide developers with a set of tools and libraries and let them loose to come up with ideas and build applications specific to their industry requirements.

Primary contributors to the project to this point have been Cargill, Intel and Bitwise IO.

Supply chain has been a major early use case for distributed ledger applications in the enterprise. In fact, earlier today we covered an announcement from Citizens Reserve, a startup building a Supply Chain as a Service on the blockchain. IBM has been working on several supply chain uses cases, including diamond tracking and food supply protection.

But the distributed ledger idea is so new both for supply chain and the enterprise in general that developers are still very much finding their way. By providing a flexible, open-source framework, The Linux Foundation is giving developers an open option and trying to provide a flexible foundation to build applications as this all shakes out.

Oracle is a traditional tech company that has been struggling to gain traction in the cloud, but it could see blockchain as a way to differentiate itself. At Oracle OpenWorld today it announced the Oracle Blockchain Applications Cloud, a series of four applications designed for transactions-based processing scenarios using Internet of Things as a data source.

“Customers struggle with how exactly to go from concepts like smart contracts, distributed ledger and cryptography to solving specific business problems,” Atul Mahamuni, VP of IoT and Blockchain at Oracle told TechCrunch.

The company actually introduced a more generalized blockchain as a service offering at OpenWorld last year, but this year they have decided to focus more on specific use cases, announcing four new applications. The blockchain comes into account because of its nature as an irrefutable and immutable record.

In cases where there is a dispute over the accuracy of a particular piece of data, the blockchain can provide incontrovertible proof. As for the Internet of Things, that provides data points you can use to provide that proof. Your sensor feeds the data and it (or some reference to it) gets added to the blockchain, leaving no room for doubt.

The four applications involve supply chain-transaction data including a track and trace capability to follow a product through its delivery from inception to market, proof of provenance for valuables like drugs, intelligent temperature tracking (what they are calling Intelligent Cold Chain) and warranty and usage tracking. Intelligent Cold chain ensures that a product that is supposed to be kept cold didn’t get exposed to higher than recommended temperatures, while warranty tracking ensures that a product was being used in a proscribed fashion and should be subject to warranty claims.

Each of these plays to the some of Oracle’s strengths as a company that builds databases and ERP software. It can draw on the information it tends to collect any way as part of the nature of its business processes and add it to a blockchain and other applications when it makes sense.

“So what we do is we get events and insights from IoT systems, as well as from supply chain ERP data, and we get those insights and translation from all of this and then put them into the blockchain and then do the correlations and artificial intelligence machine learning algorithms on top of those transactions,” Mahamuni explained.

This year perhaps even more so than the last couple, Oracle is trying to differentiate itself from the rest of the cloud pack, as it tries to right its cloud business. By building applications on top of base technologies like blockchain, IoT and artificial intelligence, while taking advantage of their domain knowledge around databases and ERP, they are hoping to show customers they can offer something their cloud competitors can’t.

Walmart has been working with IBM on a food safety blockchain solution and today it announced it’s requiring that all suppliers of leafy green vegetable for Sam’s and Walmart upload their data to the blockchain by September 2019 .

Most supply chains are bogged down in manual processes. This makes it difficult and time consuming to track down an issue should one like the E. coli romaine lettuce problem from last spring rear its head. By placing a supply chain on the blockchain, it makes the process more traceable, transparent and fully digital. Each node on the blockchain could represent an entity that has handled the food on the way to the store, making it much easier and faster to see if one of the affected farms sold infected supply to a particular location with much greater precision.

Walmart has been working with IBM for over a year on using the blockchain to digitize the food supply chain process. In fact, supply chain is one of the premiere business use cases for blockchain (beyond digital currency). Walmart is using the IBM Food Trust Solution, specifically developed for this use case.

“We built the IBM Food Trust solution using IBM Blockchain Platform, which is a tool or capability that IBM has built to help companies build, govern and run blockchain networks. It’s built using Hyperledger Fabric (the open source digital ledger technology) and it runs on IBM Cloud,” Bridget van Kralingen, IBM’s senior VP for Global Industries, Platforms and Blockchain explained.

Before moving the process to the blockchain, it typically took approximately 7 days to trace the source of food. With the blockchain, it’s been reduced to 2.2 seconds. That substantially reduces the likelihood  that infected food will reach the consumer.

Photo:  Shana Novak/Getty Images

One of the issues in a requiring the suppliers to put their information on the blockchain is understanding that there will be a range of approaches from paper to Excel spreadsheets to sophisticated ERP systems all uploading data to the blockchain. Walmart spokesperson Molly Blakeman says that this something they worked hard on with IBM to account for. Suppliers don’t have to be blockchain experts by any means. They simply have to know how to upload data to the blockchain application.

“IBM will offer an onboarding system that orients users with the service easily. Think about when you get a new iPhone – the instructions are easy to understand and you’re quickly up and running. That’s the aim here. Essentially, suppliers will need a smart device and internet to participate,” she said.

After working with it for a year, the company things it’s ready for broader implementation with the goal ultimately being making sure that the food that is sold at Walmart is safe for consumption, and if there is a problem, making auditing the supply chain a trivial activity.

“Our customers deserve a more transparent supply chain. We felt the one-step-up and one-step-back model of food traceability was outdated for the 21st century. This is a smart, technology-supported move that will greatly benefit our customers and transform the food system, benefitting all stakeholders,” Frank Yiannas, vice president of food safety for Walmart said in statement.

In addition to the blockchain requirement, the company is also requiring that suppliers adhere to one of the Global Food Safety Initiative (GFSI), which have been internationally recognized as food safety standards, according to the company.

In the 1990s when the web was young, companies like Yahoo, created directories of web pages to help make them more discoverable. Hacera wants to bring that same idea to blockchain, and today it announced the launch of the Hacera Network Registry.

CEO Jonathan Levi says that blockchains being established today risk being isolated because people simply can’t find them. If you have a project like the IBM -Maersk supply chain blockchain announced last month, how does an interested party like a supplier or customs authority find it and ask to participate? Up until the creation of this registry, there was no easy way to search for projects.

Early participants include heavy hitters like Microsoft, Hitachi, Huawei, IBM, SAP and Oracle, who are linking to projects being created on their platforms. The registry supports projects based on major digital ledger communities including Hyperledger, Quorum, Cosmos, Ethereum and Corda. The Hacera Network Registry is built on Hyperledger Fabric, and the code is open source. (Levi was Risk Manager for Hyperledger Fabric 1.0.)

Hacera Network Registry page

While early sponsors of the project include IBM and Hyperledger Fabric, Levi stressed the network is open to all. Blockchain projects can create information pages, not unlike a personal LinkedIn page, and Hacera verifies the data before adding it to the registry. There are currently more than 70 networks in the registry, and Hacera is hoping this is just the beginning.

Jerry Cuomo, VP of blockchain technologies at IBM, says for blockchain to grow it will require a way to register, lookup, join and transact across a variety of blockchain solutions. “As the number of blockchain consortiums, networks and applications continues to grow we need a means to list them and make them known to the world, in order to unleash the power of blockchain,” Cuomo told TechCrunch. Hacera is solving that problem.

This is exactly the kind of underlying infrastructure that the blockchain requires to expand as a technology. Cuomo certainly recognizes this.”We realized from the start that you cannot do blockchain on your own; you need a vibrant community and ecosystem of like-minded innovators who share the vision of helping to transform the way companies conduct business in the global economy,” he said.

Hacera understands that every cloud vendor wants people using their blockchain service. Yet they also see that to move the technology forward, there need to be some standard ways of conducting business, and they want to provide that layer. Levi has a broader vision for the network beyond pure discoverability. He hopes eventually to provide the means to share data through the registry.