Introduction

ISO 9001 is a standard of quality management systems (QMS) with international recognition, as is shown by over one million companies and organizations in over 170 countries certified [1]. ISO 9001 certification is not mandatory; however, it can be a useful tool to add credibility and differentiate an organization from its competitors [2]. The certification allows demonstrating that a company complies with standards and procedures that will provide a high level of customer service [3]. The primary motivation for ISO 9001 certification is to improve the products/services, and most importantly, the process that produces them [4]. If the process is done correctly, ISO standards can improve the business processes and add real value to the company, enhancing its performance[5][8].

For obtaining an ISO 9001 certification, an external body audits the company requesting the certification. This process includes verifying the control of the documentation, the records kept the conformity of the personnel and management with the system, the functioning of the system in each area of the organization, and the training of the personnel to comply with the requirements, among others [9]. However, suppose that the process is not well implemented. In that case, the company can not obtains the certificate or lost it. That produces continuous pressure on the company to maintain the certification, becoming a source of corruption risk. The company could be tempted to do unethical practices like paying a bribe, adulterating or falsifying registries, or other corrupted methods to keep the certification [10]. Even, for some industries in emerging markets, quality certification is a contractual requirement to export to some markets[5].

In this context, the audit of information in repositories and databases has some drawbacks since the registries can be modified, added, or deleted by unethical practices or even cyber-attacks [11], [12]. All this makes it impossible to guarantee real transparency and reliability of the information to be used by certifying bodies. It could be almost impossible for an auditor to detect whether a document was tampered with or whether the evidence is the actual result of a well-done procedure. Unless the system can maintain immutable records and allow traceability of the process.

Due to the aforementioned, in this study, a Blockchain-based Software Architecture to guarantee the immutability, traceability, and transparency of the quality assurance and certification process under ISO 9001:2015 is proposed. This architecture takes the essence of quality management systems, with their requirements and principles, to be reinforced by Blockchain technology. To provide greater confidence and transparency in the information and documentation needed to carry out an ISO 9001:2015 certification process that allows the audit of this information to be performed anywhere by any person with access to the Blockchain and even facilitates its automation.

Literature Review

This section explains the essential concepts regarding ISO 9001:2015 quality management systems and Blockchain technology.

Quality Management Systems and ISO 9001:2015

Nowadays, there are many interpretations of what quality is, a simple definition is meeting customer requirements. For ISO 9001:2015 Quality Management System[13], is the “degree to which a set of inherent characteristics of an object fulfills requirements”. The ISO 9000, is a generic series of quality management standards for quality management systems (QMS). A QMS includes all activities of the overall management function that determine the quality policy, objectives, and responsibilities and their implementation. ISO 9001:2015 apply to the business process within an organization and can be used by manufacturing or service industries [14]. ISO 9001 is based on seven principles that represent a set of fundamental beliefs, norms, rules, and values as described ISO [15], these principles are customer focus, leadership, engagement of people, process approach, improvement, evidence-based decision-making, and relationship management, table 1 provides a description of them.

ISO Quality Management Principles
Quality Principles Description
Customer Focus Sustained success is achieved when an organization attracts and retains the confidence of customers and other interested parties. Every aspect of customer interaction provides an opportunity to create more value for the customer. Understanding the current and future needs of customers and other interested parties contributes to the sustained success of the organization.
Leadership Creation of the unity of purpose and direction and engagement of people enable an organization to align its strategies, policies, processes, and resources to achieve its objectives.
Engagement of people To manage an organization effectively and efficiently, it is important to involve all people at all levels and to respect them as individuals. Recognition, empowerment, and enhancement of competence facilitate the engagement of people in achieving the organization’s quality objectives.
Process Approach The quality management system consists of interrelated processes. Understanding how results are produced by this system enables an organization to optimize the system and its performance.
Improvement Improvement is essential for an organization to maintain current levels of performance, react to changes in its internal and external conditions, and create new opportunities.
Evidence-based decision-making Decision making can be a complex process, and it always involves some uncertainty. It often involves multiple types and sources of inputs, as well as their interpretation, which can be subjective. It is important to understand cause-and-effect relationships and potential unintended consequences. Facts, evidence, and data analysis lead to greater objectivity and confidence in decision-making.
Relationship Management Interested parties influence the performance of an organization. Sustained success is more likely to be achieved when the organization manages relationships with all of its interested parties to optimize their impact on its performance. Relationship management with its suppliers and partners networks is of particular importance.

ISO 9001 may be implemented in different ways depending on organization management, thanks to its flexibility and the scope for the certification process, which might explain the unmatched performance of these standardized systems [16]. The standard was the first released in 1987, since then, it has been a significant quality movement and framework for all kind of organization worldwide; it is estimated that more than one million companies have adopted this standard since its creation[17].

According to the American Society for Quality [18], ISO 9001 is based on a plan-do-check-act methodology and provides a process-oriented approach to documenting and reviewing the structure, responsibilities, and procedures required to achieve effective quality management in an organization. Specific sections of this standard contain information on topics such as requirements for a quality management system, including documented information, planning and determining process interactions; responsibilities of management; management of resources, including human resources and an organization’s work environment; product realization, including the steps from design to delivery; measurement, analysis, and improvement of the QMS through activities like internal audits and corrective and preventive action [13]. Where standardized processes allow guaranteeing the repeatability in the product or service quality features.

The adoption of ISO 9001 in a company requires an implementation process which will be involved all company statements. In this sense, the British Assessment Bureau [19], suggests the following steps for a successful implementation:

  1. Make the right choice: Make sure the standard it has chosen fits the organization’s needs; also make sure it already has processes that can be assessed.

  2. Reviewing the standard: It will help it to learn the quality management system it wants to be certified.

  3. Communicating the goal: The implementation process requires teamwork from all its collaborators. Additional effort will be necessary; it is important to communicate the objectives and the target to be achieved.

  4. Establish training requirements: Get prepared to be ready. Based on its team knowledge about the standard, could be beneficial to improve its skills to help the implementation process

  5. Using a consultant: ISO standards implementation requires a consultant to help companies get certified. It is not the consultant’s responsibility for implementing the ISO standard. Each company handles its implementation. Senior management should be actively involved in the process to achieve the goal.

  6. Select a certification body: ISO implementations are based on a three-year cycle; make sure the certification body can provide it with the companionship it needs for this specific objective.

  7. Developing a management system: These standards apply to any organization in any industry sector. The framework provided for this standard will not tell it how to manage processes in its organization; it has to implement a quality management system based on the standard that applies to its own organization in concordance with its resources, production, measurement, analysis, and improvements.

  8. The stage 1 audit: The process starts with a "Stage 1 Audit". The auditor will review the process and provide a gap analysis that will help to identify the actions required for meeting the standard.

  9. The stage 2 audit: Once your organization has filled the gaps identified during stage 1 audit, it comes to the Stage 2 Audit, this will demonstrate the effectiveness of your quality management system and that your organization meets the requirement for certification.

  10. Maintaining the management system: This can be the hardest part of the certification, it is the organization responsible for ensuring that itself applies the quality management system once the certification has been granted. Communication and training will be necessary along the way, internal audits must be implemented to make sure the standards are being met, and corrective action should be held to assure quality management.

Once QMS is implemented, an organization that requests ISO 9001 certification should demonstrate that fulfills requirements to be certified [20]. Where the core of the certification process is the audit; in which the compliance standardized processes against the registries or document evidence provided by the company is verified. This process must be performed by an independent, impartial, and free from conflicts of interest certification body. Depending on the audit findings, the company or process is certified or not.

However, as was defined by the ISO 9000 principles, the result depends on the information registered in the evidence. This system feature could represent a weak element of the system in some contexts. Because the evidence could be changed or deleted for varied reasons, and the process will depend on the honesty of their participants (company and certification body). Unfortunately, these situations happen although contradict the system principles.

Blockchain

In 2009, as the world was reeling from a meltdown in the financial sector and politicians were musing about what could and should be done, a project called Bitcoin quietly dropped onto the global stage; Satoshi Nakamoto [21] published the article Bitcoin: A Peer-to-Peer Electronic Cash System in October 2008, in which he described the cryptocurrency called Bitcoin. Many electronic cash schemes existed prior to Bitcoin, but none of them achieved widespread use. By adopting Blockchain technology, Bitcoin achieved compelling capabilities that promoted its use. The use of a Blockchain-enabled Bitcoin to be implemented in a distributed fashion so that no single user controlled the currency and no single point of failure existed [22].

Blockchain may have been used as the underlying technology for all Bitcoin’s transactions; but its applicability goes beyond. This technology itself can be described as the general ledger for all transactions of any kind of assets ever made [23]. Blockchain enables a potentially evolving and open set of parties to maintain a safe, permanent, and tamper-proof digital ledger of transactions, without a central authority. The key to the technology is that transactions are not recorded centrally; instead, each party maintains a copy of the ledger. Most parties need to approve (verify) a new transaction before it can be recorded in the ledger – according to a notion of the majority that varies depending on the specific technology. Once a transaction is approved, it is almost impossible to change it or remove it. Hence, Blockchain technology can be seen as a replicated append-only transactional data store, and hence it can be used as a substitute for centralized registers maintained by single trusted authorities [24], it has the potential to revolutionize the digital world by enabling a distributed consensus where each and every online transaction involving digital assets, past and present, can be verified at any time in the future. It does this without compromising the privacy of the digital assets and parties involved. The distributed consensus and anonymity are two important characteristics of Blockchain technology.

Blockchain 2.0, goes beyond cryptocurrencies and is involved with Smart Contracts, which are mostly a computer protocol designed to facilitate, verify, or enforce the negotiation or execution of a contract digitally [25]. These contracts allow the realization of credible transactions without third parties and are stored under the Blockchain technology. Due to this technology potential, many industries have been working in order to adapt and adopt it in different business process, the main criteria to decide to use or not the Blockchain will define whether or not the assistance of intermediaries along the process.

There are different opportunities to apply Blockchain technology in varied industries as is described next. In agriculture Blockchain applications include food safety through traceability of provenance, information system, agro-trade, finance, crop certification, and insurance [26]. The provenance of products, and traceability is one the most important application of Blockchain in order to track the life-cycle of a product, information that can be used to make an informed purchase. Prior works have been done on this field, e.g., [27], [28].

Several bank entities are working together to adopt Blockchain technology, mostly for the settlement of transactions between financial entities; this will reduce the time in which a transaction is reflected from one entity to another. Blockchain platforms will also likely take some role in replacing the systems that now manage the distribution of electricity. As a smarter grid is built, Blockchains may aid in facilitating dynamic signaling between producers and consumers, especially as the line between those roles continues to blur [22].

Identity management systems based on Blockchain can facilitate the identification process in crucial situations like an emergency [22]. All the data about the medical records of a patient shared among all practitioners, making these records trustworthy and immutable [22]. Social programs are susceptible to be affected by unethical practices, due to its sense this contribution Cortes et al., [29] presents a model based on Blockchain technology with a reliable structure, in which the transactions are registered in Blockchain and smart contracts take control over the verification of the processes’ fulfillment.

Industry 4.0 [30] with the Internet of Things technologies could provide the links between Blockchain technologies and different applications as supply chains [31], even allows to recover process information. Also, there are many opportunities for implementing Blockchain technologies for circular economy strategies as is described by Vogel [32]. In this sense, Blockchain technology could be used in reverse logistics to reduce uncertainty about the quality and condition of used products [33].

The applications of Blockchain technology previously described have in common that they seek to provide credibility in the information. In this sense, they apply the principles of immutability, traceability and transparency of the transactions carried out in the Blockchain. These principles are used to solve problems in which there is a risk of losing, modifying or even adulterating information. It is precisely these characteristics that this study wishes to add to the quality management system towards to mitigate the risk of executing unethical actions, providing confidence to stakeholders.

Blockchain-enabled Software Architecture Proposal

Principal components of a Blockchain-software solution to support ISO certification.
Blockchain Components Description
Node Application Each Internet-connected computer has to run a specific application to be a participant in the Blockchain Network. In a more technical look, each computer must be able to process application-specific messages to generate an update on the ledger[34].
Shared Ledger Is a logic component; it is a data structure manage inside the node application. Each of the participants of the network, once they have installed the node application, have access to the Shared Ledger of the ecosystem they have access to each participant able to run as many applications they have permitted to use, according to the specific rules, smart contract, and payment when applying [34].
Consensus Is the process by which a network, or node, guarantee the ordering of transactions and confirm its validity, in order to validate the block of chain[35].
Smart Contracts These are an important component of a Blockchain, which helps to encode automatic validation for a transaction that before was specified on a written contract[36]
Alerts This are applications that work together in the Blockchain to monitor the smart contract results and produce events [37]
Participants In a permissioned Blockchain Network like the one suggested in this paper; participants will be everyone involves within the organization that needs to communicate with the Blockchain. For a public Blockchain like Bitcoin, anyone with a virtual wallet1 will be a participant of the network.
Virtual Machine It is a representation of a machine by a machine; in software development, a virtual machine assigns specific capabilities for the software (disk space, processor, and memory) that would help to improve performance[38]. In Blockchain, as the last logic component, it lives in the node application, and some of these virtual machines are call wallets [34].

The Blockchain-based Software Architecture to support ISO 9001: 2015 certification, is proposed to improve the current certification structure. As we have seen in section 2, currently there is a well-defined process to achieve this, involving third parties in the process, in terms of consulting and auditing.

An information system architecture without the use of Blockchain, such as those that currently exist in the market, may make unnecessary to use a consulting company to generate pre-audit readiness; However, this same information system, using Blockchain technology, can facilitate the audit process, due to the way in which the Blockchain is constructed, the traceability of the transactions generated during the preparation of the certification process can be determined.

In this case, the proposal of using Blockchain to support a quality certification under a specific standard, this means, the same software architecture we already know with an additional layer, see Figure 1, must consider the use of specifics Blockchain components as presented in Table 2, with the purpose of being able to validate conditions and business rules that are present in the information that is being stored into the Blockchain[39]. Given the fact that an audit model must generate action plans regarding the findings, they must be parameterized a priori, so that the necessary alarms can be generated to comply with the standard.

Layered architecture for a Blockchain-enabled QMS
Communication between the QMS and Blockchain

The main component of this architecture (see Figure 1) is the Business Process Management layer, which is used to communicate information among different audiences, in this case between the services layer and operative system layer.

Process that occurs inside the Blockchain every time, prior to store a transaction.

As shown in Figure 2 The communication between QMS and Blockchain will be through REST2 API3. Services, which endpoints are provided by the Blockchain and will be connected to the QMS server Creating the Block of chains (see Figure 1). For each transaction performed in the QMS that triggers a call to the Blockchain, will start a process (see Figure 3) to verify the validity of the transaction (consensus), validate the outcome of the process through the smart contract (validation), which will establish whether the processes is inside the control limits or not; with this information, it will send a response to the QMS server (alert) for the business process owner to take actions on the process, that, at the end, for this kind of certification will be a consider an opportunity for improvement and finally store the information on the Blockchain (Block 1).

This software architecture is proposed to work under a permissioned Blockchain, which means, the administrator, in conjunction with the organization, will decide who gets to participate and their roles.

Proof of development

A QMS is used by businesses to control vital activities through a set of policies, procedures, and processes for meeting customers’ requirements. Several types of QMS have been developed based on ISO 9000 Standard, which requires all intern operations to be documented and employees to follow them. One of major principles of QM is decision making based on evidence. Data gathered allows to inspect the actual result of the process and then compare it to the goal established in the quality objective in each process.

Based on the above, through a proof of concept (POC), we developed two smart contracts to simulate the monitoring of a task. This implementation was not carried out to see the overall functionality of the QMS but focused on checking the traceability of one activity, specifically the creation, review, and approval of one document. We chose Ethereum, an open-source blockchain platform with smart contracts functionality, for this implementation. It provides the object-oriented programming language Solidity, allowing easy business logic implementation and producing a digital ledger of transaction records. Finally, it was tested on the decentralized applications Ethereum ecosystem by using MetaMask.

Those contracts in Solidity contain persistent data in state variables, and functions can modify these variables. In this test, the contract CreatorTask creates the contract Responsible4Task. When the contract Responsible4Task is created, its constructor method, a function declared with the constructor keyword, is executed once.

Smart Contract: Responsible4Task

Algorithm 1 models the responsibility concept through a contract; the ’owner’ variable is the type ’address’ that holds a 20-byte value corresponding to the last 20 bytes of the hash of a public key. The tasks and the owners (task responsible) are identified with addresses for this design. The addresses are pre-fixed ’0x’ since this represents the hexadecimal format (base 16 notation). It manages the data related to the employee in charge of the task, so the function exists to transfer responsibility to a new owner when the employee cannot make the task.

Smart Contract: TaskCreator
Smart contract deploying on web platform
Test of a task creation - Manager must create the communication plan document

Algorithm 2 models the task concept, and only when a task is created a ’Responsible4Task’ contract must be constructed then. This contract creates a responsibility contract from the source code (and the binary). It manages the data related to the task, what it is about, where the evidence is stored (records and documents), its state, and who the employee is related to it.

Figure 4 is composed of three images. The black box on the left is the development environment just before deploying the contract. Above it, the upper rectangle in light blue color identifies the account ’0x737d..31F’ and the amount of Ether cryptocurrency in it; and the bottom rectangle indicates the contract name and its state. On the right is the graphical interface of MetaMask that is connected to the Account Rp1 ’0x737d..31F’ that belongs to the Rospten Network. Since the test uses the Ethereum blockchain, the account needs ETH gas, an amount of Ethereum cryptocurrency, which means an amount in Ether to pay the cost for users to interact with the network. Miners in the ecosystem set the price of ETH gas based on the network’s computational power they consume to verify a transaction and put on a layer of security to the network. At the bottom is the notification window that shows up when the transaction is done and the contract is ready for execution.

Figure 5 shows the TaskCreator and Responsible4Task contracts. The TaskCreator exposes the function ’createTask’ after it executes and included in a block which hash is ’0xf39Fd...’ (left side). In this test, the task is to create a document defined in the field type with the value ’0’, and the description field stores the detail of the task, which is a ’communication plan’. The source field relates to the absolute address where the document is stored, since database, repository, or local file system. And the data of the task responsible are bound with the ’role’ and ’id_employee’ fields. The top right picture shows the function ’getResponsibility’ that returns the description of the task. And the bottom right picture is the contract ’Responsible4Task’. The function getOwner returns the owner of the task address which is associated to account ’0xf39F...’

Discussion

The proposed architecture is attempting to make ISO certifications more transparent. Due to the Blockchain layer, certification information will be available for review and verification by anyone with permissions. Also, a business will have an integrated system that will ensure that all processes involved for certification are being monitored. This require sending sign when needed; collecting information regarding quality inspections, materials, products and more, these transactions are verified by smart contracts on the Blockchain and then make them available for audit[39]. In this sense, is mandatory to establish which transactions will be recorded at Blockchain, to avoid unnecessary efforts or resources consuming in this way.

Document control refers to the policies and procedures that should be in place to ensure that there is organizational accountability for records and demonstrate the effective operation of the quality management system: it is fundamental to all companies’ success. From a regulatory sense, it’s their way of proving your documentation is following requirements for compliance. Organizations must be able to prove that they are meeting their quality management goals. Documentation must be accurate, objective, and current in this regard, and practice must stand up to the scrutiny that a properly executed external audit will demand. The proposed architecture could help these tasks, allowing the organizations to establish and control their documents and records as evidence of conformity to requirements to obtain an ISO 9001 Certification. About this, in the QMS is suggested to identify what documents or information Blockchain must record and by how many time keep it.

The product/service quality hinges on the efficacy of the Organization’s system to manage your processes quality. It is essential to have the right foundation, infrastructure, and tools to oversee and maintain that quality. In this sense, the architecture proposed allows the automation of the audit process, which means early alerts systems to make the right decisions and keep the system efficient and trustworthy.

Conclusions

In this work, a software architecture based on Blockchain is proposed and explained to support an ISO 9001: 2015 QMS. The main objective of guaranteeing the immutability, traceability, and transparency of the quality assurance system is possible by the Blockchain’s transparent consensus mechanism. This makes it possible to verify transactions’ validity and how information has been modified or created in the process. In this manner, it supports QMS towards certification process.

The workflows’ execution of the software architecture proposed allows the automation of the regulatory processes by reporting and monitoring required data and checking compliance and approval processes. The Blockchain layer seeks to improve the ISO 9001:2015 certification audit process by maintaining the traceability and immutability of the records stored in it.

The proposed architecture is oriented to process and provides an intuitive and straightforward way to facilitate communication among the participants. All these allow the organizations to be in a constant improvement environment and have evidence to make crucial decisions. Also, the system could deliver more quality products and services if the processes are being performed and improved systematically.

Finally, with the evolution of this kind of solution, companies could expand and build an ecosystem for working together and self-regulated with quality standards like ISO 9001:2015, and represent an opportunity to provide customer confidence.

Authors' Information

  • Rafael Bettín-Díaz has a degree in systems engineering from Universidad del Sinú, Montería, Colombia, and a M.Sc. in processes engineering from Universidad Ean, Bogotá, Colombia.

  • Camilo Mejía-Moncayo has a degree and M.Sc. in mechanical engineering both from Universidad Nacional de Colombia, Bogota, Colombia. Currently he is Ph.D. candidate at École de Technologie Supérieure, Montréal, Canada.

  • Alix E. Rojas has a degree in systems engineering from Escuela Colombiana de Ingeniería, and a M.Sc. in systems engineering from Universidad Nacional de Colombia, Bogota, Colombia. Currently, she is associate professor at the Universidad Ean, Bogota, Colombia.

Authors' Contributions

  • Rafael Bettín-Díaz participated in writing the original draft, conceptualization, and software development.

  • Camilo Mejía-Moncayo contributed with the conceptualization of the project, methodology, reviewing and editing.

  • Alix E. Rojas: contributed with the conceptualization of the project, methodology, reviewing and editing.

Competing Interests

The authors declare that they have no competing interests.

References

[1]
ISO, The ISO Survey of Management System Standard Certfications -2017- Explanatory Note Background,” ISO, August, 2018.
[2]
J.-A. Medina-Merodio, C. De-Pablos-Heredero, L. Jimenez-Rodriguez, L. Fernandez-Sanz, R. Robina-Ramirez, and J. Andres-Jimenez, “A framework to support the process of measurement of customer’s satisfaction according to ISO 9001,” IEEE Access, vol. 8, pp. 102554–102569, 2020, doi: 10.1109/ACCESS.2020.2998434.
[3]
I. Betlloch-Mas, R. Ramón-Sapena, C. Abellán-García, and J. C. Pascual-Ramírez, “Implantación y desarrollo de un sistema integrado de gestión de calidad según la norma ISO 9001:2015 en un servicio de dermatología,” Actas Dermo-Sifiliográficas, vol. 110, no. 2, pp. 92–101, 2019, doi: https://doi.org/10.1016/j.ad.2018.08.003. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S000173101830406X
[4]
I. Montiel, B. W. Husted, and P. Christmann, Using private management standard certification to reduce information asymmetries in corrupt environments,” vol. 33. pp. 1103–1113, Sep-2012 [Online]. Available: http://doi.wiley.com/10.1002/smj.1957
[5]
J. A. LiPuma, S. L. Newbert, and J. P. Doh, The effect of institutional quality on firm export performance in emerging economies: A contingency model of firm age and size,” Small Business Economics, vol. 40, no. 4, pp. 817–841, 2013, doi: 10.1007/s11187-011-9395-7.
[6]
B. Ullah and Z. Wei, ISO Certification, Corruption and Firm Performance: A Cross-Country Study,” ISO, 2013 [Online]. Available: www.iso.org.
[7]
D. P. Kafetzopoulos, E. L. Psomas, and K. D. Gotzamani, The impact of quality management systems on the performance of manufacturing firms,” International Journal of Quality & Reliability Management, vol. 32, no. 4, pp. 381–399, 2015, doi: 10.1108/IJQRM-11-2013-0186. [Online]. Available: http://www.emeraldinsight.com/doi/10.1108/IJQRM-11-2013-0186
[8]
R. Prada Ospina and P. C. Ocampo, Quality in relation to models and management systems in the automotive sector. A bibliographic review,” Revista ESPACIOS, vol. 39, no. 16, 2018.
[9]
S. Johana, M. Marín, J. Luis, G. Díaz, J. Luis, and G. Reyes, Sistema de gestión de calidad y certificación ISO 9001:2008-Limitantes y desafíos para las Pymes Quality management system and ISO 9001:2008 certification-Barriers and challenges to SMEs,” Revista ESPACIOS, vol. 39, no. 9, 2018 [Online]. Available: http://www.revistaespacios.com/a18v39n09/18390902.html
[10]
K. G. Dastidar, Effects of Corruption and Incompetence in the Quality Monitoring Process,” in Oligopoly, Auctions and Market Quality, Springer, 2017, pp. 75–112 [Online]. Available: https://ideas.repec.org/h/spr/eclchp/978-4-431-55396-0_3.html
[11]
J. A. Rodríguez-Corzo, A. E. Rojas, and C. Mejía-Moncayo, Methodological model based on Gophish to face phishing vulnerabilities in SME,” 2018 ICAI Workshops, ICAIW 2018 - Joint Proceedings of the Workshop on Data Engineering and Analytics, WDEA 2018, Workshop on Smart Sustainable Cities, WSSC 2018, Workshop on Intelligent Transportation Systems, WITS 2018 and Workshop on Empirical Experiences on Software Reuse, WEESR 2018, 2018, doi: 10.1109/ICAIW.2018.8555006.
[12]
R. M. Nivia, P. E. Cortés, and A. E. Rojas, “Implementation phase methodology for the development of safe code in the information systems of the ministry of housing, city, and territory,” in Computational science and its applications – ICCSA 2018, 2018, pp. 34–49.
[13]
ISO 9001:2015(en), Quality Management Systems.” [Online]. Available: https://www.iso.org/obp/ui/{\#}iso:std:iso:9001:ed-5:v1:es. [Accessed: 17-May-2020]
[14]
N. Orviz Martínez, A. Blanco González, and C. Del Castillo Feito, Legitimacy and corporate reputation: Study from iso management system standards,” Revista Venezolana de Gerencia, vol. 25, no. 91, pp. 976–994, 2020, doi: 10.37960/rvg.v25i91.33177.
[15]
International Organization for Standardization, Quality Management Principles.” ISO Central Secretariat, Geneva, p. 20, 2015.
[16]
H. Yin and P. J. Schmeidler, Why do standardized ISO 14001 environmental management systems lead to heterogeneous environmental outcomes? Business Strategy and the Environment, vol. 18, no. 7, pp. 469–486, 2009.
[17]
L. M. Fonseca, From Quality Gurus and TQM To ISO 9001:2015: A review of several quality Paths,” International Journal for Quality Research, vol. 9, no. 1, pp. 167–180, 2015.
[18]
American Society for Quality, What is ISO 9001:2015 – Quality Management Systems? American Society for Quality, 2018.
[19]
The British Assessment Bureau, ISO 9001: The Ultimate Beginner’s Guide.” The British Assessment Bureau, p. 20, 2016.
[20]
International Organization for Standardization, ISO 9001:2015 Quality Management System Requirements. Norway: GNV GL, 2015, p. 16.
[21]
Satoshi Nakamoto, Bitcoin: A Peer-to-Peer Electronic Cash System.” https://bitcoin.org/bitcoin.pdf, 2008.
[22]
M. Peck, Reinforcing the links of the blockchain.” IEEE, p. 19, 2017 [Online]. Available: BLOCKCHAININCUBATOR.IEEE.ORG
[23]
M. Gates, Blockchain: Ultimate guide to understanding blockchain, bitcoin, cryptocurrencies, smart contracts and the future of money. North Charleston, SC, USA: CreateSpace Independent Publishing Platform, 2017.
[24]
F. Milani, L. García-Bañuelos, and M. Dumas, Blockchain and Business Process Improvement.” p. 4, 2016.
[25]
M. Crosby, Nachiappan, P. Pattanayak, S. Verma, and V. Kalyanaraman, BlockChain Technology: Beyond Bitcoin,” Applied Innovation Review, vol. June, no. 2, pp. 6–19, 2016, doi: 10.15358/0935-0381-2015-4-5-222.
[26]
V. S. Yadav and A. R. Singh, A systematic literature review of blockchain technology in agriculture,” in Proceedings of the international conference on industrial engineering and operations management, 2019, pp. 973–981.
[27]
R. Bettín-Díaz, A. E. Rojas, and C. Mejía-Moncayo, “Methodological approach to the definition of a blockchain system for the food industry supply chain traceability,” in Computational science and its applications – ICCSA 2018, 2018, pp. 19–33, doi: 10.1007/978-3-319-95165-2_2.
[28]
Q. Ding, S. Gao, J. Zhu, and C. Yuan, Permissioned Blockchain-based Double-layer Framework for Product Traceability System,” IEEE Access, 2019, doi: 10.1109/ACCESS.2019.2962274.
[29]
C. Cortés, A. Guzmán, C. A. Rincón-González, C. Torres-Casas, and C. Mejía-Moncayo, “A proposal model based on blockchain technology to support traceability of colombian scholar feeding program (PAE),” in Applied informatics, 2019, pp. 245–256, doi: 10.1007/978-3-030-32475-9_18.
[30]
B. G. Choi, E. S. Jeong, and S. W. Kim, Multiple security certification system between blockchain based terminal and internet of things device: Implication for open innovation,” Journal of Open Innovation: Technology, Market, and Complexity, vol. 5, no. 4, 2019, doi: 10.3390/joitmc5040087.
[31]
M. Teodorescu and E. Korchagina, Applying Blockchain in the Modern Supply Chain Management: Its Implication on Open Innovation,” Journal of Open Innovation: Technology, Market, and Complexity, vol. 7, no. 1, p. 80, 2021, doi: 10.3390/joitmc7010080.
[32]
J. Vogel, S. Hagen, and O. Thomas, Discovering Blockchain for Sustainable Product-Service Systems to enhance the Circular Economy,” 14th International Conference on Wirtschaftsinformatik, pp. 1493–1507, Feb. 2019 [Online]. Available: https://aisel.aisnet.org/wi2019/track12/papers/10
[33]
M. Kouhizadeh, Q. Zhu, and J. Sarkis, Blockchain and the circular economy: potential tensions and critical reflections from practice,” Production Planning and Control, vol. 0, no. 0, pp. 1–17, 2019, doi: 10.1080/09537287.2019.1695925. [Online]. Available: https://doi.org/10.1080/09537287.2019.1695925
[34]
Neocapita, The Logical Components of Blockchain – Neocapita – Medium.” 2017 [Online]. Available: https://medium.com/@neocapita/the-logical-components-of-blockchain-870d781a4a3a
[35]
Hyperledger.org, Introduction to Hyperledger Business Blockchain Design Philosophy and Consensus.” p. 15.
[36]
S. Mery and D. Selman, Make your blockchain smart contracts smarter with business rules,” Copyright IBM Corporation 2017, p. 21, 2017.
[37]
X. L. Liu, W. M. Wang, H. Guo, A. V. Barenji, Z. Li, and G. Q. Huang, “Industrial blockchain based framework for product lifecycle management in industry 4.0,” Robotics and Computer-Integrated Manufacturing, vol. 63, p. 101897, 2020, doi: https://doi.org/10.1016/j.rcim.2019.101897. [Online]. Available: https://www.sciencedirect.com/science/article/pii/S0736584519300596
[38]
J. E. Smith and Ravi Nair, The architecture of virtual machines,” Computer, vol. 38, no. 5, pp. 32–38, May 2005, doi: 10.1109/MC.2005.173. [Online]. Available: http://ieeexplore.ieee.org/document/1430629/
[39]
C. Paris, Quality Professionals: Embrace Blockchain or Perish.” 2018.

  1. The application that allows the participant to transact one another.↩︎

  2. Representational State Transfer↩︎

  3. application programming interface↩︎