CN-122027278-A - Method and system for reliably tracing data in drug production process by combining blockchain

Abstract

The invention discloses a data credible tracing method and system in a drug production process combined with a blockchain, and relates to the field of data processing, wherein production data is collected through Internet of things equipment, equipment private key signature is used for generating credible data packets in a credible execution environment, an intelligent edge gateway performs signature verification, micro batch processing is performed on the verified data, merkle tree is built to obtain Merkle root hash, a plurality of edge consensus nodes perform consensus verification, an anchor data packet is generated after agreement is achieved and is sent to the blockchain, after intelligent contract verification consensus signature is called, the Merkle root hash and corresponding time information are chained, the credible data packets are stored under the chain, original credible data are obtained from the chain in response to an audit request, and integrity and authenticity are verified according to on-chain records. The technical problem that the authenticity of the data before the uplink can not be guaranteed in the existing drug production process data credibility traceability is solved, and the technical effect of enhancing the data credibility is achieved.

Inventors

• XIAO LI
• LV GANG

Assignees

• 启东博哲医药技术有限公司

Dates

Publication Date

20260512

Application Date

20260210

Claims (10)

1. 1. The method for reliably tracing the data of the drug production process by combining the blockchain is characterized by comprising the following steps of: Collecting production data through Internet of things equipment deployed in a drug production environment, and signing by using an equipment private key in a trusted execution environment to generate a trusted data packet; the intelligent edge gateway receives the trusted data packet and performs signature verification, and performs micro batch processing on verified data according to a preset time window, and builds a Merkle tree to obtain Merkle root hash; Performing consensus verification on the Merkle root hash by a plurality of edge consensus nodes, generating an anchor data packet to be sent to a blockchain after agreement is achieved, and uploading the Merkle root hash and corresponding time information after intelligent contract verification consensus signature is called; Storing the trusted data packet under a chain, responding to an audit request, acquiring original trusted data from the chain, and verifying the integrity and authenticity of the original trusted data according to the Merkle root hash recorded on the chain.
2. 2. The blockchain-combined pharmaceutical production process data trusted traceability method of claim 1, wherein the production data is collected through an internet of things device deployed in a pharmaceutical production environment, and the trusted data package is generated by signing with a device private key in a trusted execution environment, comprising: before the Internet of things equipment is deployed in a drug production environment, generating a key pair of an asymmetric encryption algorithm in a security chip inside the equipment; transmitting the public key of the key pair to a certificate authority along with a unique identifier of the device, the device type, and manufacturer information; After verifying the identity of the equipment, the certificate issuing mechanism issues a digital certificate for each piece of equipment of the Internet of things, installs the digital certificate into the corresponding piece of equipment of the Internet of things, and acquires a data packet to be signed through the equipment of the Internet of things; Transferring the data packet to be signed from the common rich execution environment to the trusted execution environment, calling an encryption engine of the security chip, carrying out hash operation on the data packet to be signed by using a private key in the key pair, and carrying out digital signature calculation on the hash value to obtain a signature value; And outputting the signature result to a rich execution environment, and assembling the rich execution environment and the data packet to be signed into the trusted data packet.
3. 3. The blockchain-combined pharmaceutical manufacturing process data trusted traceback method of claim 2, wherein the data packet to be signed includes at least the collected raw data value, a time stamp provided by a clock source, a unique identifier of the device, and a random number or serial number.
4. 4. The blockchain-combined pharmaceutical manufacturing process data trusted traceability method of claim 2, further comprising, after issuing a digital certificate for each internet of things device: the digital certificate is distributed to the intelligent edge gateway, a plurality of edge consensus nodes, each node on the blockchain and a local device certificate library simultaneously.
5. 5. The blockchain-combined pharmaceutical manufacturing process data trusted traceback method of claim 1, wherein the intelligent edge gateway receives the trusted data packet and performs signature verification, comprising: Searching a corresponding digital certificate in a local device certificate library according to the unique identifier of the device in the trusted data packet, and verifying the validity and the authenticity of the corresponding digital certificate by using a preset root certificate; And extracting the public key of the equipment from the corresponding digital certificate, carrying out hash operation on the original data value, the time stamp and the unique identifier of the equipment in the trusted data packet, and verifying the received signature by using the hash value.
6. 6. The method for trusted traceability of data in a blockchain-combined pharmaceutical manufacturing process of claim 5, wherein the step of performing micro-batch processing on the verified data according to a preset time window to construct a Merkle tree to obtain a Merkle root hash comprises the steps of: if the signature verification is passed, reading triggering conditions of micro-batch processing, and carrying out micro-batch processing on the verified data according to a preset time window to obtain data of each micro-batch; Serializing the data of each micro batch according to a fixed format to form a plurality of data blocks, calculating a hash value for each data block, and constructing leaf nodes of a Merkle tree; and grouping leaf nodes in pairs, calculating splicing hash of two hash values of each group to form a father node, and recursively executing until only one hash value is left, so as to generate the Merkle root hash.
7. 7. The blockchain-combined pharmaceutical manufacturing process data trusted traceback method of claim 6, wherein if signature verification is not passed, discarding the trusted data packet and triggering a data tamper alert.
8. 8. The method for trusted traceability of data in a pharmaceutical manufacturing process with a blockchain according to claim 1, wherein the plurality of edge consensus nodes perform consensus verification on the Merkle root hash, after agreement is reached, an anchor data packet is generated and sent to the blockchain, after intelligent contract verification consensus signature is called, the Merkle root hash and corresponding time information are uplink, and the method comprises: the intelligent edge gateway broadcasts the signed trusted data packet to a plurality of edge consensus nodes in an edge consensus network; After a plurality of edge consensus nodes verify signatures by using public keys of intelligent edge gateways, running a consensus algorithm to perform consensus verification on the Merkle root hash to reach agreement, signing the Merkle root hash by a preset leader node, and generating the anchoring data packet; And sending the anchoring data packet to a blockchain for certification, carrying out identity verification and consensus signature verification by using an intelligent contract, and after the identity verification and the consensus signature verification pass, uploading the Merkle root hash and corresponding time information.
9. 9. The method for trusted traceability of data in a pharmaceutical manufacturing process incorporating a blockchain of claim 1, wherein storing said trusted data packet under the chain, obtaining original trusted data from under the chain in response to an audit request, and verifying the integrity and authenticity of said original trusted data based on said Merkle root hash recorded on the chain, comprises: querying a target Merkle root hash corresponding to a target time window from a blockchain; acquiring all original trusted data packets in the target time window from under the chain; re-calculating the Merkle tree according to all the original trusted data packets to obtain a calculated Merkle root hash; Comparing the calculated Merkle root hash with the target Merkle root hash, and if the calculated Merkle root hash is consistent with the target Merkle root hash, verifying the integrity of the data; and verifying the digital signature in the original trusted data packet by using the corresponding equipment public key, and if the verification is passed, verifying the authenticity of the data.
10. 10. A blockchain-incorporated pharmaceutical manufacturing process data trusted traceability system for implementing the blockchain-incorporated pharmaceutical manufacturing process data trusted traceability method of any of claims 1-9, the system comprising: The trusted data packet generation module is used for acquiring production data through the Internet of things equipment deployed in the drug production environment, and generating a trusted data packet by using equipment private key signature in the trusted execution environment; The Merkle tree construction module is used for receiving the trusted data packet and carrying out signature verification by the intelligent edge gateway, carrying out micro batch processing on verified data according to a preset time window, and constructing a Merkle tree to obtain Merkle root hash; the consensus verification module is used for performing consensus verification on the Merkle root hash by a plurality of edge consensus nodes, generating an anchor data packet to be sent to a block chain after agreement is achieved, and uploading the Merkle root hash and corresponding time information after intelligent contract verification consensus signature is called; and the original data verification module is used for storing the trusted data packet under the chain, responding to an audit request, acquiring original trusted data from the under-chain, and verifying the integrity and the authenticity of the original trusted data according to the Merkle root hash recorded on the chain.

Description

Method and system for reliably tracing data in drug production process by combining blockchain Technical Field The application relates to the field of data processing, in particular to a method and a system for reliably tracing data in a drug production process by combining blockchain. Background The credible tracing of the data in the drug production process has extremely important significance for guaranteeing the quality safety of drugs, maintaining public health and promoting the standard development of the pharmaceutical industry. The data of each link from raw material acquisition to finished product delivery of the medicine is related to the quality of the final product, and accurate, real and traceable data can help the supervision department to discover the problems in the production process in time and prevent unqualified medicines from flowing into the market. At present, the main method for solving the problem of credible tracing of the data in the drug production process is to store various data in the production process in a uplink manner by using a blockchain technology, and ensure the credibility of the data by means of the non-falsifiable characteristic of the blockchain. However, although the blockchain can ensure that the data cannot be tampered after being uplinked, the authenticity of the data before being uplinked cannot be guaranteed. In the actual scene of drug production, there are various situations that may cause false data before the uplink, once the false data is written into the blockchain, the false data is wrongly recorded permanently and reliably due to the non-falsifiability, which not only can not provide reliable basis for drug production quality traceability, but also can mislead supervision decision, and bring serious hidden danger to drug safety. In the related technology at the present stage, the technical problem that the authenticity of the data before the uplink can not be ensured exists in the credible traceability of the data in the drug production process. Disclosure of Invention The application provides a method and a system for reliably tracing data in a drug production process by combining a blockchain, wherein the method and the system are characterized in that production data are collected by deploying Internet of things equipment in the drug production environment, a device private key signature is used for generating a trusted data packet in a trusted execution environment, an intelligent edge gateway receives the trusted data packet and verifies the signature, after verification, data are processed in a micro batch mode according to a preset time window, a Merkle tree is constructed to obtain Merkle root hashes, a plurality of edge consensus nodes perform consensus verification on the Merkle root hashes, an anchor data packet is generated after agreement is reached and sent to the blockchain, an intelligent contract verification consensus signature is called, the Merkle root hashes and corresponding time information are uplinked, the trusted data packet is stored under the chain, when an audit request is received, original data are obtained from the chain, the integrity and authenticity of the Merkle root hashes recorded on the chain are verified, and other technical means that the authenticity of the data before the uplink can not be ensured in a trusted trace mode in the existing drug production process are solved, and the technical effect of enhancing the data reliability is achieved. The application provides a data trusted traceability method for a drug production process combined with a blockchain, which comprises the steps of collecting production data through Internet of things equipment deployed in a drug production environment, signing by using an equipment private key in a trusted execution environment to generate a trusted data packet, receiving the trusted data packet by an intelligent edge gateway, performing signature verification, performing micro batch processing on verified data according to a preset time window, constructing a Merkle tree to obtain Merkle root hash, performing consensus verification on the Merkle root hash by a plurality of edge consensus nodes, generating an anchor data packet after agreement is achieved, sending the anchor data packet to the blockchain, calling the intelligent contract to verify the consensus signature, and then uploading the Merkle root hash and corresponding time information, storing the trusted data packet under the chain, responding to an audit request, acquiring original trusted data from the chain, and verifying the integrity and the authenticity of the original trusted data according to the Merkle root hash recorded on the chain. In a possible implementation mode, production data are collected through Internet of things equipment deployed in a drug production environment, a device private key is used for signing in a trusted execution environment to generate a trusted data packet, the following