We're sorry but this page doesn't work properly without JavaScript enabled. Please enable it to continue.
Feedback

AMENDMENT Global Open Source Quality Assurance of Emergency Supplies

00:00

Formal Metadata

Title
AMENDMENT Global Open Source Quality Assurance of Emergency Supplies
Title of Series
Number of Parts
542
Author
License
CC Attribution 2.0 Belgium:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.
Identifiers
Publisher
Release Date
Language

Content Metadata

Subject Area
Genre
Abstract
COVID-19 birthed a movement to use open source to address crises through rapid distributed manufacture of medical supplies and emergency equipment. However, even in drastic crises, labeling, tracking, quality assurance and authenticity is required. The Global Open Source Quality Assurance System (GOSQAS) proposes to solve this with an open provenance tracking system that will track the maker’s mark, self-asserted and 3rd-party quality tests, and changes in custody accessible with a QR code. About a dozen nonprofits have formed an alliance to promote quality assurance for open source (free-design) devices and supplies. Open source emergency devices and medical supplies can be rapidly manufactured with distributed systems, such as hobbyists with 3D printers. This can quickly repair supply chains broken by war or natural disaster. However, the normal reputational and legal mechanisms for ensuring quality and authenticity don’t function well in such crises. The open source solution to this is to be as transparent as possible. In the case of physical devices, this means that a would-be buyer of the device should be able to easily look up: when, where, how, and by whom it was made, what quality assurance tests have been performed on it, maintenance performed, etc. By maintaining the complete chain-of-custody, counterfeiting can be effectively mitigated. Eventually, encryption will allow provenances to be kept appropriately private. This proposed system does not compete with other tracking systems, but can be used to complement them on a purely voluntary basis. Eventually, people will demand full and transparent provenances for many devices. In this talk we discuss the movement, the problems, and the proposed approach. Please note that this talk was originally scheduled to be given at 09.40 but have been postponed to give room for the talk Covid Exposure Notification Out in the Open to be longer to cover for cancellations of other talks just before the schedule freeze.
14
15
43
87
Thumbnail
26:29
146
Thumbnail
18:05
199
207
Thumbnail
22:17
264
278
Thumbnail
30:52
293
Thumbnail
15:53
341
Thumbnail
31:01
354
359
410
TwitterOpen sourceSystem programmingProjective planeBitDifferent (Kate Ryan album)Computer animationLecture/Conference
Open sourceTwitterSystem programmingSpacetimeAddress spaceSoftware testingSoftwareComputer hardwareRevision controlFundamental theorem of algebraMathematical analysisVideo trackingCryptographySimilarity (geometry)WebsiteInformationProduct (business)Entire functionUniform resource locatorComputer virusUsabilityOpen sourceCuboidDesign by contractChainObject (grammar)QuicksortMereologyCASE <Informatik>CryptographySoftware testingGoodness of fitTunisMultilaterationLetterpress printingSelf-organizationSoftwareProduct (business)System programmingSpacetimeFormal verificationCodeNumberTrailComputer hardwareStandard deviationProcedural programmingMobile appRegulator geneResultantDifferent (Kate Ryan album)Key (cryptography)Multiplication signPeripheralKnowledge organizationMetropolitan area networkRight angleInformationComputer clusterArithmetic meanData structureVideo gameSystem callPublic key certificateSampling (statistics)Computer animation
Product (business)InformationEntire functionUniform resource locatorComputer virusSoftware testingPurchasingServer (computing)FreewareVertex (graph theory)Point (geometry)Web browserDatabaseCryptographyOpen sourceGoogolSoftwareVideo trackingEmailSystem programmingPublic key certificatePublic-key cryptographyObject (grammar)System programmingComputer programDatabaseCuboidProgrammer (hardware)Confidence intervalMultiplication signKey (cryptography)TrailAuditory maskingOpen setProjective planeWebsiteHeat transferTelecommunicationCategory of beingSoftware testingInformationNumberInformation securityQuicksortRight angleNormal (geometry)Vector potentialEncryptionImplementationOpen sourceProduct (business)Point (geometry)Order (biology)Internet service providerFitness functionMetropolitan area networkPeripheralComputer programmingFreewareForm (programming)CryptographyView (database)Computer animation
TwitterMetropolitan area networkGoodness of fitLecture/Conference
Open sourceTwitterSystem programmingCASE <Informatik>DatabaseInformationWave packetCuboidComputer animation
Open sourceTwitterSystem programmingInformationCASE <Informatik>Object (grammar)Key (cryptography)Row (database)System programmingCuboidGoodness of fitComputer animation
TwitterDatabaseKey (cryptography)Object (grammar)CuboidChemical equationDigital photographySystem programmingInformation securityInternetworkingLecture/ConferenceMeeting/Interview
Program flowchart
Transcript: English(auto-generated)
So, happily, my talk is going to build a little bit on the talk that you just saw, the difference being that I'm making proposals and they actually built things, so it's a little different. My name is Robert Reed, I am the founder of Public Invention, but what I'm presenting
today is not a public invention project. This is co-work with two other people, Victoria Jaqua and Christina Cole of Open Source Medical Supplies. Open Source Medical Supplies and Public Invention are both U.S. 501c3 organizations. So what I'd like to talk about is global open source quality assurance of emergency
supplies, and we call this GOSQUAS, or the Global Open Source Quality Assurance System, and I'm making a proposal today for this. Now, open source manufacture has rapidly responded in a number of important cases to things that have happened, like open source software responded to contract tracing in the previous talk.
In particular, 3D printers can represent sort of an army for good that can immediately do things to help in a man-made or a natural disaster. In particular, we're working with some people to make tourniquets for the crisis in Ukraine
right now, and of course, if you saw my other talk, we've also made human ventilation products and other things. But when you do this, you have this fundamental problem, you have a widely distributed supply chain of people attempting to make useful products, but how do you trust them?
And the trust can be broken down into two issues. How do you trust that the design itself is useful? And then even if the design is a good design, how do you trust that the manufacturer is in fact a good manufacturer? Because of course, we all know, for example, 3D printing requires tuning and so forth.
Well, if you imagine using a tourniquet, which is a simple physical device but can easily be mismanufactured, especially if it's 3D printed, you're using it in a life-saving situation where you're trying to stop bleeding. If it breaks, you have a real serious problem.
And so even though a tourniquet only costs $20 and it's a relatively simple device, ensuring the quality of that is very important. It's almost better not to have a tourniquet than to have a faulty tourniquet. Now, I am a humanitarian engineer, and I consider humanitarian engineering the space that
I work in. Most of the people who worked for this that I know of were not making money from it. They didn't have a financial incentive to try to sell products to address these things. But nonetheless, engineers have a psychological problem, right? Nobody wants their baby to be called ugly.
And so all of us wanted to be heroes, and we wanted to save the world and save lives. And for that reason, engineers cannot be trusted to evaluate their own work, okay? But of course, this is a problem that the open source software community has dealt with already, and I'll deal with that. So in October of 2022, just four or five months ago, many non-governmental organizations
in the humanitarian engineering space got together for three hours, and we had really a surprisingly unanimous agreement that we needed quality assurance for rapidly manufactured open source devices. And we needed an alliance of NGOs to try to address this.
And so Christine and Victoria and I formed a new informal organization we haven't incorporated that we call GOSCOS, or the Global Open Source Quality Assurance System. So the open source software movement knows how to do testing, okay?
Of course, it's easier to test software than to test hardware devices. With software, you normally have automated tests that anyone is empowered to run. You download the Git repository, you run the test, and you have an independent verification of the quality of the code. So in a sense, what we want to do for hardware devices is what's already been done
for software devices or software systems. So fundamentally to this for hardware devices is to show the data. So you want a test procedure that's sort of a named standard test procedure. And then you want to record a test result. You want to say what was done, when was it done, how was it done, and who did it?
And you may have obviously an analysis of either you pass the test or you fail, and if you fail, in what way do you fail? And finally, you want a discoverable publication of those tests for the particular device. Now, there are examples of testing organizations like Underwriters Laboratory
and ASTM and other things. Often what happens is an industry begins its own testing procedures, and then later they become adopted into governmental regulation. So it's actually the case that many industries are sort of self-policing, and then they become part of a governmental structure later.
So what we propose is asset provenance tracking. As the fundamental way that we can improve the quality of rapidly manufactured devices. So when I say provenance, what I mean is the history of the device, in the same way that an art object has a provenance, right?
Who owned it, what happened to it, where was it physically throughout time? Now, this is a way to fight counterfeiting, which is a serious problem for medical devices, particularly in low and middle income countries, but even in other situations. It's also a way to organize documentation on behalf of makers.
So it's not necessarily that you're doing anything that couldn't be done some other way, but you could be relieving the burden of the makers themselves from having to do all of the documentation and distributing the documentation across a number of parties. So this would allow third party quality assurance testing,
relatively simple to implement, can use minimal well understood cryptography. I'm going to talk about that in a minute. Now, of course, people will say, well, there exists asset tracking systems. There is an open source app asset tracking system called Snipeit. It's possible that this should be a fork of Snipeit.
There are some ways in which it's different. What I is proposing is different than Snipeit. I don't have time in this talk to discuss that issue. But this is what we would like to produce. So you can imagine a box of tourniquets having a GOSQUAS seal printed on it.
Literally, a sticker is put on it. And the person who manufactures the tourniquets gets a unique key for this box of tourniquets, which either they generate or we generate for them. We describe the product, which is actually more important than you might think. And then we can give certain certifications if they have actually occurred for the object
so that anyone who holds the box in their hands can get some useful information about what's in the box. But more importantly, every box will have a key that you can use to look up in a public open access online database stuff about the particular object.
Now, it's kind of easy to understand how this would work. Imagine that it's made in Prague. It gets a private key. Someone else in Prague does a third-party test on it. That goes into the database. It's then purchased by a middleman in Egypt. The person in Egypt transfers it to Tanzania.
In Tanzania, someone verifies that it's in inventory. And a potential buyer in Kigoma then looks at the key, takes the box in their hand, points their phone at it, and says, this claims to be a box of masks or tourniquets or electronics or whatever.
And they look up in the website the complete history of the device. Now, just as we use for intellectual property and other art objects, if you can see the complete history of the device, it's very difficult to fake that. Not impossible, but it's quite, quite difficult to fake a chronologically accurate history
for a device. And so, in this way, it provides great confidence to the person in Kigoma that this product is what it says it is. Thank you, sir. Okay, now, I assume most of the people in this room are computer programmers. And they can probably have already imagined how this would be implemented.
From a programmatic point of view, it's very simple. You just have a database, you assign keys, you use one-way encryption. Much easier than the sort of public key encryption and the other kinds of things that are necessary today in the cryptocurrency world. You just do a simple one-way encryption of the key so that you allow a public access
where anyone can write into the database. Okay, now, there are a number of things that you would think are security flaws in this.
We don't have time in this talk to go over them, but I hold that the following principle is simple enough and good enough. It's not perfect, but it's good enough to build a workable system. If you have the device in your hand, you have a right to see the provenance. Now, there are ways in which that differs from our norm today.
For example, in the United States, if I have a box of something in my hand, I do not have a legal right to see where it physically was located before I got it. And if I have a box in my hand, I do not have a right to see the provenance in the future. Nonetheless, seeing those things is not particularly harmful.
You can imagine that being a right, and it wouldn't really hurt anything if that were true. And so, I consider this to be a great simplifying assumption. If you have the physical device, you have the right to see the provenance. And that simplifies an enormous number of things.
Now, what you're not allowed to do is, even though the database is, in a sense, public, you're not allowed to scrape it and see the history of all of the devices which are in the database. But you won't be able to do that unless you have the keys, because it's encrypted. Therefore, the database can be made a public database.
This is very, very simple, but I claim it's going to be good enough for us to really provide quality insurance. So, if you imagine this system existing, and you have a GOSQUAS seal that can be put on objects, you can ask, well, does it apply to medical devices, or does it apply to non-medical devices?
Does it interact with the CE stamp used in Europe to authorize medical devices, or with the US FDA? And the answer is, it can overlap all of those in a complicated way. It really doesn't require the approval of a government. It can be a completely open provenance tracking system, which is used or not used as people see fit in a voluntary way.
Now, the idea of open source devices are a threat to monopolies, but they're not a threat to large firms. There's no reason large firms could not use open source designs and use the same provenance tracking system
that we are suggesting here in order to give buyers confidence in their system. Today, very large firms have their own internal provenance tracking systems. They have asset tracking systems that they use for their own inventory purposes,
but they do not expose those and make them public to people and would consider them a trade secret. But there's no reason why they don't use an open source provenance tracking to add confidence to their products.
So, I claim that there's no reason anyone ought to particularly oppose this system. Now, we have started writing technical papers about this. These are very much in a draft form. They're not super great, but they're publicly available and we invite comment on them.
We are actively trying to build this system. And so, today in this very small room, I'd like to publicly launch the free global asset provenance tracking idea. Okay, I would like to be the technical lead of the new open source project system to build a website to provide this technology, but I can't do it completely by myself.
For one thing, I run public invention, which is a non-profit, takes up a lot of my time. So, I'd like to call for volunteers, both computer programmers and non-computer programmers who can handle business and communications and other things that we need to make this a reality.
There's going to be a lot of work convincing people to voluntarily use this system until it becomes respected enough that people start to demand it. Thank you. So, that ends my talk. Thank you. And I'm happy to take questions.
If anybody has a question, I'll repeat it into the microphone. Yes, sir.
So, the question is if you notice that something was previously touched. Yes, five steps.
The guy in Tanzania noticed that something is wrong. What happens? Well, so there's no guarantee that the entries in the database are completely accurate. But, it is the case that you can make an entry saying, it looks to me as if the device was tampered with.
Now, the people downstream of the provenance can decide what to do with that information or not. They can ignore it or they can say, well, so and so says the box was tampered with. I'm going to begin a legal proceeding with someone earlier in the provenance train or I'm going to ignore it or I'm going to believe that that was entered for some nefarious
purpose to sabotage my system. Or, I will use it to repair the device and inspect it and make sure that it's good. It's already the case that the US FDA requires market surveillance of objects for the purpose
of doing recalls as well as for other safety purposes. So, in a sense, the fact that you have that potential information is a positive thing about the provenance tracking, not a negative thing.
Yes, sir. Yes, the question is can anybody add information to the record for a device?
And the answer is yes, if you have the key. Okay, so a bad actor can't pollute the entire database. But if I broke into your warehouse and took a photocopy of a box, I could create a record for that. So, anyone can claim that they have this device if they have the key for the device
and they can make a false claim about it or an accurate claim. But just as with art objects and other kinds of things, I think false claims will be relatively easy to sort out in the system. And so, the great simplicity of this is that it's a completely open database that
doesn't require any security beyond maintaining the individual keys. And if a key for an individual object is corrupted, like for example, suppose I took a photo of your box and published it on the internet. Well, bad actors could likely disrupt the provenance of that box, but they could not
disrupt the provenance of the rest of your inventory. So, I claim this is the correct balance between simplicity and security and we don't have to go overboard on it. Okay, thank you very much.