 So, welcome. Thanks for joining. The session, let's click session ID Union, which is a decent identity ecosystem for natural person, legal entities in IoT, and we'll do the presentation together with Andreas Kint. And Andreas, please introduce and say something how this all relates to Siemens. Sure. Thanks a lot, Mark. And welcome to everybody for another interesting session here at Hyperledger Global Forum. My name is Andreas Kint. I'm in charge of cybersecurity technology in Siemens. It's a global team that covers any kind of cybersecurity technology across the levels of the Siemens infrastructure, but as well as the environment, the factories, as well as the products and solutions that Siemens builds. So it's a pretty broad range. And what brings us here as Siemens to Hyperledger Global Forum are really very concrete industrial problems. And they cover the space of machine identities. We just had another presentation in this space, but also how to extend trust into production processes. Siemens stands for very much the physical environments of the critical infrastructures, like train infrastructure, factory, energy networks, factories, energy networks. And here we really have to find ways into bridging from the digital part of trusted systems, blockchain systems, verifiable credential systems into the physical domain. And the third area is actually around sustainability, how to bring trustiness into things like product carbon footprints and other forms of product-related exchange, so the trust in this context. So we have quite some problem statements that we feel the community that we have here is interested to learn about. And then of course we want to share a bit how we think solutions can look like. With this presentation here, we are in the middle of these problems, of these very interesting problems. And it's a big community. Mark what we'll talk about this. I will come back maybe at the end for some concrete use cases where Siemens is involved. And please post your questions in the chat as well. And hopefully we have a bit of time at the very end. Otherwise just contact us. Okay, now to you, Mark. Okay, thank you. So ID Union, identity ecosystem, identities, credential come a long way when I started computing science in the last millennium. I have hundreds of user password credential, even extended validation, X519 certificates in my keys here. So this all has to be managed. And today security have identities and trust is crucial for business and for persons. So my hope is, and this is why I'm also driving this from a Siemens point of view to overcome some of the issues we have as Sie and with existing PKI silos and come to an ecosystem that is more secure, harmonize and better ease of use and to show you a little bit the content and environment, how this all is set up. ID Union is a kind of building block in the federal government data strategy which was published in January. But the whole topic was pushed last year when Germany has the EU presidency in 2020. So to innovate such an identity ecosystem, a national competition on security to identities was started and was 11 projects participating. And Siemens was a partner of this self-serve identity for Germany project, which turned out to be one of the three winner projects and the first one which started in April. And what we are targeting here is implementing a diesel identity ecosystem. So you will see a lot of or a bunch of use cases where we will try to find out whether this all holds and can be implemented. So from the next levels you see here that this is on the top priority. The next pilots and next projects started in May. So here our chancellor, Angela Merkel, is regularly talking with the German industry and the companies which are all involved. And if you have, there's some noise. Kamesh, can you please mute? Thank you. And if you have followed the news, you have seen that on the European Union level they target a directive that there will be an EU ID for all countries which has to be adopted in the next years and which has to be used even for all companies whether it's banks or whether they are social media like Facebook and Google in the European Union when this is coming out. So coming back, so this is the frame of all this, coming back to natural identities. So we have our title and natural persons legal entities and IOTs. So it's all difficult because I'm and Andreas are natural persons and we are connected to Siemens. Siemens has given us a credential to use the email address and there you see we most likely are what we are. So let's have a very short view on self sovereign identities and verifiable credentials just to frame the whole presentation that is self-contained but I assume that most of you have knowledge about this so no details and just an overview about this. So physical world as we know it is fractal. Numerous claims, credentials for all the participants here. So Andreas and I claim to be natural persons and you believe us because you see us more or less. We might be of Siemens because we have the email address and Siemens might be a company and the things we build and others build are owned or produced by Siemens someone buy them and lease them and use them. So at the end there are credentials how we try to show what we are and where you think that really we are natural persons Siemens is a legal entity but at the end of the day you only can verify it with the registers. As we have registries governmental wise, commercial wise like our commercial trade register where Siemens is listed and the manufacturers of components and industrial and things which have the databases. So on this wonderful fits to why we are here so hyper ledger technology or let's see W3T technology so decent with identifiers and very well credentials so that you can mimic the physical world as shown the slide before. Corporate, get your credential, hold it and show it when you need and prove whether the verifier is the one who wants to find out whether what he sees is belief so if you show your PhD sheet he can check whether this was not withdrawn because the university has put his or the universal public key and the DID on the registry and the verifier will only show that your PhD still holds. So coming back to the project it's a consortium which is funded by the German government. We have 16 or 15 partners there and a lot of associated partner and a lot of requests which we are working on to onboard because we want to have the broad of the different players in the business in governmental and money-pistol life so you see here banking, banks like Maine and Kuwait, this is Gomerzbank the ING and other Deutsche Bank and so on. You see the two from the left top is the Bundestagerei this is the German ID printing company you see industry like German rail Deutsche Bahn, Bosch Siemens and IT and telco companies and some research co-partners. So what we started and have done is last year in August we already started our network and yes it's Hyperledger Indy. I had the first notes currently I think we have 13 or 14 notes running. The network started and this is used for our use cases which you see in a minute. So with all the partners using our registry to check whether use cases can be implemented I have the controller programmed have this check with usability and whatever we need here. So in addition you need these wallets for end users. You need this which we already have to. We need the solutions for institutions We already built some agents to implement the different use cases you will see to have the base for really do check whether technology is sold but also check where are additions and correct needs which we can bring upstream to Hyperledger to W3C. So with all this we need all we need a governance for the governance is someone has to overlook the network so we plan to establish European Cooperative so called SC where which will be responsible for all the governance and needed for the network and for running a productive network. So that's all that's always an up and running safe and stable network available when it comes to productive use. So as mentioned we have use cases and use cases we are diverse in the e-government public sector where the idea of people some certificates to education certificates like diplomas or students and all the finance sectors bank accounts KYC but also needed European EIDAS identification possibility so banks when the EU legislation will come have also have to have a harmonized identity system which fits to all this and then we come where Siemens is playing industrial IOT where you see master data for companies certificates and product IDs you need Andreas will tell you more later at the end but also all this like Deutsche Bahn when you want to travel all the travel services access to buildings and compounds up to e-health use cases like you would mentioned I think of with vaccination passes also so we have a broad range which we all want to pilot that we at the end can say technology will hold it's useful and we have an identity layer which and a harmonized technology approach which fits to all this so you see also that there are different partners here which are not listed on the partner list currently which like the car maker so you see Daimler you see in the middle or you see BMW on the left so there are additional partners there which just work with us but are currently not on board it so one use case you don't see here is the first governmental pilot the governmental pilot started already my 17s so it's running and as a project we support this some of our partners are involved there and what is done here is the Buddhist Tokarai I mentioned before provides the German ID card as basis ID which you can put in your smartphone in a wallet the companies can put in the company addresses so if you arrive at the hotel you should check in just with a few click on your mobile to provide to the hotel with all data needed for the German Meldeschein this is a legal mandatory registration form and the company information needed for invoice so this is now started and will be used by business traveler and there we will collect the first feedback on how this could be implemented and how this is running and what need to be added so Germany plans to have the ID as wallet for all citizens in Germany end of the year so coming to another way of our focus we address to establish the identity ecosystem so because the use cases are not standing alone this has to fit there so we need interability with a lot of technology which you find on the left side so having especially connected to existing identity systems like company have or in factories you have so if you have open ID connect or whatever implemented there you need bridges and you have to incorporate this how this can play together get all the involvement of citizens because trust at the end of the day is a function over time I have to show that you can use it and it's useful and it's usable that up to armed forces applications with different governmental agencies so it's how to generate every relevance these are the use cases for others running has showing and therefore through our Germany and also integrate on the European level to have this running and therefore we have to do a lot of corporations and have you seen all the partners we have and the grown list this is where we work what do we need for wallet security what do we need for technology wise that the other platforms existing platforms can be adopted can be integrated or can be migrated and it depends on the value of the new approach so what we are targeting is an addressing schedule so current plan is and it's subject of change like ever it's a research project and for research project very aggressive setting up the European Cooperative and having this done in this calendar year although there is a lot of legal involved so let's see how we can approach this and whether we can have this running as it would be begin of next year but this is responsible for running the productive network so that the first use cases can start productive that partners can have their own offerings also use the Indian network so the registry public available for their business at the end of the day mass adoption and have this targeting in 2023 that banks can use it and others we will work on it and as we officially started in April we already have some good approaches and I love the connection with all the partners here which are very very open and can bring us to a stage that we are have a chance to reach a schedule so to come back to the comments Andreas if you could introduce the sessions and approaches we already presented thanks Marc of course this is a large project many partners but we also want to share a little bit what we do as one of the partners address in the project the first use case is around asset management and it's asset management of industrial automation components very public credentials are mostly being discussed for giving individuals control over their identity it's sometimes only attributes of an identity and the context of self-sovereignty you want to be privacy preserving but we actually have a similar problem what is the identity of a box that you see here in the middle so like a programmable logic controller what is the identity of this device in the actual field environment these devices they talk protocols like profinet like OPC UA so it's really field level technology it's not IP or something beyond it's even a different kind of context projects have their own kind of sort of identity sometimes it's a MAC address sometimes it's an IP, sometimes a serial number but there's no unit no standard approach really for giving out identity and for asset management you need identity you need to be clear what is this device and what to do with it so what we propose is to apply verifiable credentials in this context actually we had a presentation on this if you're interested go to this we are not there yet but I think we have an interesting start in this domain maybe that's all I say for here the second use case if you move on is around sustainability we all know the big claims from companies about their environmental friendliness about offsetting about part of covered footprints that is apparently associated to their products it's very difficult for a consumer or for any kind of customer to verify this and we believe that there's a case again for verifiable credentials so here the subject let's say the holder is not the machine itself the holder of a credential would be a manufacturer the credential would be issued by something like a certifier or a technical inspection company an organization that has sort of some view into the production and can verify the correctness of the local part of a product covered footprint there's always a local context in the greenhouse gas protocol between scope 1 and scope 2 this can be certified this can be put into a verifiable credential by such an issuer but there's a part scope 3 that comes from the supply chain and again we think if we use the same kind of model again there's a holder a certifier that knows about the context of the supplier tier 1 supplier and it could present them respective information maybe it's not the full information set in the credential but parts of it maybe even in a confidentiality preserving or privacy preserving manner such that the confidentiality that exists of course in the supply chain would be recognized that's our idea here it has some commonalities with cases where you as an individual go to a store these days you want to prove you're vaccinated or you have been tested negative recently of COVID but you don't want to reveal your identity it's a very similar topic here the supplier maybe a tier 3 supplier doesn't want to reveal the exact components or the identity basically but wants to prove the sub component as part of the end the aggregated product carbon footprint so we have a we think that's the case here in such a initiative of course we cannot do this alone it has to do with standards of quality the greenhouse gas protocol the ISO standard it's not enough we need an ecosystem here and if you would be interested in joining in and discussing how to make this sharing and verification of sustainability information product related sustainability information happen then please contact us Good Thank you Andreas so we have some minutes left for questions and I already see some questions so Bogdan for the approaches and if you look back in last year's Global Forum there were only some presentations and presentations and this has now grown so if you see what Germany approaches with the national competition this is all orchestrated at least in Germany and this is also orchestrated on the European level so there might be not the one and so the European so there might be every company has one network and there are networks for all the industry like banks and us like Siemens and so on so this we will see at least it will have the same fundamental base and it will be harmonized and Germany and Europe will look on this so let's go to have a little bit different approaches and at least we as a project regularly talk to the other projects talk to the government to have this at least streamlined in one direction Good Next one I could take if you don't want to reveal your identity how do you implement identity binding I think biometrics would be wrong because this is the strongest identity factor so to speak that you could have you issue credentials issue to a real identity but in the presentation you want to hide probably your identity maybe not in all cases but in many cases and that works with the pair-wise pseudonyms you can derive as a hold of a credential a certain information from one or multiple received verifiable credentials and put like selected information into the presentation and this includes that you don't reveal your true identity you only say I have enough money or I am vaccinated or I don't know I have this degree but I not necessarily want to reveal exactly who I am but this is basics in Indian areas So coming to the national ID yes currently every German in his passport already has an EID but it's just a little bit clumsy to use so you can start by yourself via mobile phone and using all this like the app there to copy your ID from your national ID card into the mobile and so and but this has to be a secure wallet there or you go to somewhere to the borough where you get your IDs and they will do it for you like in the real world someone has to send you and to give you the ID and here this can only be done for the ID in your mobile phone so scanning QR code so this has to be yes it has to be bound to the trust element in the mobile and you have to somehow biometric also open your wallet if you want to use it I think and the governmental scheme yeah this is what not only the governmental scheme so we are working on and we have one of the working groups just about how to set up some standardized schemes for bank accounts and for other stuff and the German printing company is part of it and David you're right it's called BASIS ID you mostly know that there was another name at the beginning and yes the current German ID is now the BASIS ID we will get from the government so the session is over I see you can leave or we can address one or two more questions drop out and just go to the next session if you have booked this and then sustainability is to you yeah Inbell is asking in the case of sustainability must the end customer eventually have a wallet or they could verify the sustainability case as an external watcher yeah it should be possible as an external watcher still there would be a wallet holding the at-hoc pseudonym for interacting so that's needed but it's not a wallet that is in any way publicly registered or something or that there's a public DID in the underlying registry stored there so yes you want to have cases as you as a consumer in a supermarket for instance checking a product or an NGO or regulators there are many cases where you are basically only a watcher and not a participant so the VON network yes one is how to be interoperable so but you all know that with DID.com 1.0.2.2.0 something will change and in the world most likely also a little bit change technology will move and we think that even during our project time there will be changes and we have to adopt so there are other networks out there and we will connect and we already have partners who are connected to a lot of other activities and we look for interoperability as mentioned so what is presentation complex to overcome complex network management management is done through all the partners which are working our partner in the European connoisseurs so cooperative and when it comes to productive use we will see this will run out currently what we have is our test network and this runs very smoothly here and there are some hiccups when new partner onboarding are but I am impressed how smoothly it is currently running so we are over time thank you all who are still in there you have our contacts just contact us if you need some information you also have the link to our project and I think you will have more whether you are located in Europe or US about our projects because European Union and Germany and our project will work on how to make this success thank you from my side thanks a lot