May 17, 2020

The Cold Chain of the Future

Supply Chain Digital
Global Cold Chain Alliance
GCCA
Cold
Freddie Pierce
5 min
Tori Miller Liu of the Global Cold Chain Alliance looks at some of the technological trends in today’s cold chain
Written by Tori Miller Liu The temperature-controlled logistics industry or cold chain business has a rich history, dating back to ancient Egypt. Howev...

Written by Tori Miller Liu

The temperature-controlled logistics industry or cold chain business has a rich history, dating back to ancient Egypt. However, the cold chain industry is by no means stagnant.

Logistics providers are constantly searching for new technologies that will not only improve operations, but help give their business a competitive edge. With customers also demanding greater efficiencies at increasingly lower costs, there is now an even greater push in the cold chain market to find and adopt new technology. In today’s market, providers can’t afford not to be forward-thinking.

THE FOOD COLD CHAIN

What technologies will drive the cold chain industry of the future? Here are three technology trends that every cold chain company should know about.

1.      Fuel Cells

Fuel cells utilize the chemical energy of fuel to generate electricity without combustion. The process is inherently efficient and environmentally clean. In a warehousing context, fuel cell-powered forklifts increase productivity – running up to three times longer per fill-up than battery-powered units. There is also a Federal Investment Tax Credit for fuel cell use, giving business property owner a credit of 30 percent of the cost up to $3,000 per kW.

Major food processors and retailers are leading the way, using fuel cells to reduce utility costs and increase productivity. According to the recent “The Business Case for Fuel Cells 2011” by Fuel Cells 2000, Wal-Mart is currently using 6.8 Megawatts (MW) at 17 stores in California and has 70+ fuel cell-powered forklifts in use in the company’s warehouses. Sysco has over 500 fuel cell-powered forklifts at several locations with hundreds more on order and Whole Foods’  fuel cells  generate 1.2 MW at four stores and has 60+ fuel cell-powered forklifts.

2.      Automation

Automated Storage and Retrieval Systems (ASRS) may not be a new technology, but adoption of ASRS has been slow. Those using automation, whether fully or partially, have seen the benefits. Jeff Hedges, the Director of Business Developmentat ASRS provider Dematic Corp. estimates that an automated facility with 8,000-10,000 or more pallet positions can generate 50-75 percent savings in labor costs and 60-80 percent savings in energy expenditures, working in a footprint that is at least 40-50 percent smaller. Hedges also noted that this doesn’t take into account measurable savings in real estate taxes, reduced environmental impact, less product damage, and better customer service, all of which are characteristic of automated facilities.

Not all facilities are good candidates for automation. In the “PRW North American Automation Readiness Study” published by c) and Dematic Corp, 15-30 percent of distribution facilities surveyed (about 62-125 facilities) are believed to be good candidates for automation, particularly for retrofit projects. According to the study, “there appears to be a sizeable market for automated solutions that can be retrofitted into existing facilities.” For many companies, though, implementing automation comes down to whether or not it makes sense with their current business model and clientele.

“Automation for facilities with approximately 10,000-15,000 pallets and low BTUs make the most sense for clients,” said Mike Jones, Vice President of Primus Design Services, during a recent presentation at the 2011 International Association for Cold Storage Construction Conference & Expo in Las Vegas. Primus Design Services is a contracting company with extensive experience in constructing buildings to accommodate ASRS. 

3.      Tracking and Reporting

The old adage “knowledge is power” is truer than ever in the logistics industry. Distribution center managers are increasingly relying on technology to provide an accurate, real-time picture of warehouse inventory and even warehouse employees. The available options are akin to alphabet soup with offerings like Yard management systems (YMS); Real-time location systems (RTLS); Warehouse management system (WMS); Transportation management system (TMS); and Radio-frequency identification (RFID). Many of these systems have been in use in the cold chain industry for years, but they are constantly evolving.

Today’s WMS is highly sophisticated. Benjamin Milk described some of the features of today’s WMS in JANUARY-February 2011 issue of COLD FACTS magazine. “Features typically include appointments; loading, unloading and slotting of product; inventory tracking by SKU, lot number, serial number, and pallet ID; electronic data interchange (EDI); radio frequency; voice activated terminals, radio frequency identification (RFID) encoding, and bar code labeling; kitting; location history; shipping, billing, and claims processing; document production, archiving and scanning; cost management; customer communications; and much, much more – including the kinds of reports that a cold storage manager or a customer could once only dream about,” wrote Milk.

At the 2011 IACSC Conference & Expo, keynote speaker Dave Harlan (President & CEO, United States Cold Storage) identified warehouse positioning systems (WPS) as a key characteristic of the warehouse of the future. Like a scaled-down version of a global positioning system (GPS), distribution center managers can use a WPS to keep track of inventory, material handling equipment, and operators in real-time without the aid of barcodes or RFID.

3PL COLD CHAIN PHARMACEUTICAL LOGISTICS

Many companies are also finding ways to share information with customers. “More customers are requesting electronic data interchange (EDI),” said Gary Jones at a recent International Association of Refrigerated Warehouses Board Meeting. EDI is the transfer of electronic documents or business data from one computer system to another computer system without human intervention. For example, organizations might replace bills of lading and even checks with appropriate EDI messages.

The possibilities seem endless when considering the ever-evolving software and hardware available. All these systems have the same end-goal, though: to create great visibility technology to increase efficiency and communication.

To learn more about the latest in cold chain technology, contact one of the many service providers in the Global Cold Chain Directory available online at www.gcca.org/directory.

Tori Miller Liu is the director of marketing and communications at the Global Cold Chain Alliance.

Share article

Jun 21, 2021

Google and NIST Address Supply Chain Cybersecurity

Google
NIST
SLSA4
Sonatype
Elise Leise
3 min
The SolarWinds and Codecov cyberattacks reminded companies that software security poses a critical risk. How do we mitigate it?

As high-level supply chain attacks hit the news, Google and the U.S. National Institute of Standards and Technology (NIST) have both developed proposals for how to address software supply chain security. This isn’t a new field, unfortunately. Since supply chains are a critical part of business resilience, criminals have no qualms about targeting its software. That’s why identifying, assessing, and mitigating cyber supply chain risks (C-SCRM) is at the top of Google and NIST’s respective agendas. 

 

High-Profile Supply Chain Attacks 

According to Google, no comprehensive end-to-end framework exists to mitigate threats across the software supply chain. [Yet] ‘there is an urgent need for a solution in the face of the eye-opening, multi-billion-dollar attacks in recent months...some of which could have been prevented or made more difficult’. 

 

Here are several of the largest cybersecurity failures in recent months: 

 

  • SolarWinds. Alleged Russian hackers slipped malicious code into a routine software update, which they then used as a Trojan horse for a massive cyberattack. 
  • Codecov. Attackers used automation to collect credentials and raid ‘additional resources’, such as data from other software development vendors. 
  • Malicious attacks on open-source repositories. Out of 1,000 GitHub accounts, more than one in five contained at least one dependency confusion-related misconfiguration. 

 

As a result of these attacks and Biden’s recent cybersecurity mandate, NIST and Google took action. NIST held a 1,400-person workshop and published 150 papers worth of recommendations from Microsoft, Synopsys, The Linux Foundation, and other software experts; Google will work with popular source, build, and packaging platforms to help companies implement and excel at their SLSA framework

 

What Are Their Recommendations? 

Here’s a quick recap: NIST has grouped together recommendations to create federal standards; Google has developed an end-to-end framework called Supply Chain Levels for Software Artifacts (SLSA)—pronounced “Salsa”. Both address software procurement and security. 

 

Now, here’s the slightly more in-depth version: 

 

  • NIST. The organisation wants more ‘rigorous and predictable’ ways to secure critical software. They suggest that firms use vulnerability disclosure programmes (VDP) and software bills of materials (SBOM), consider simplifying their software and give at least one developer per project security training.
  • Google. The company thinks that SLSA will encompass the source-build-publish software workflow. Essentially, the four-level framework helps businesses make informed choices about the security of the software they use, with SLSA 4 representing an ideal end state. 

 

If this all sounds very abstract, consider the recent SolarWinds attack. The attacker compromised the build platform, installed an implant, and injected malicious behaviour during each build. According to Google, higher SLSA levels would have required stronger security controls for the build platform, making it more difficult for the attacker to succeed. 

 

How Do The Proposals Differ? 

As Brian Fox, the co-founder and CTO at Sonatype, sees it, NIST and Google have created proposals that complement each other. ‘The NIST [version] is focused on defining minimum requirements for software sold to the government’, he explained, while Google ‘goes [further] and proposes a specific model for scoring the supply chain. NIST is currently focused on the “what”. Google, along with other industry leaders, is grappling with the “how”’. 

 

Share article