1
Secure Collaborative Planning, Forecasting, and Replenishment
Vinayak Deshpande
Krannert School of ManagementPurdue University
Collaborators:
Mikhail Atallah, Marina Blanton, Keith Frikken, Jiangtao Li
Computer Sciences, Purdue University
Leroy B.Schwarz
School of Management, Purdue University
Research funded by NSF ITR Grant
2
The Starting Point....
“Information Asymmetry” is one of the major sources of inefficiency in Managing Supply Chains
==> Wrong Investment in Capacity
==> Misallocation of Resources
==> “Bullwhip Effect”
==> Reduced Customer Service
==> Unnecessary Additional Costs
3
Supply Chain Management Trends
• Collaboration between supply-chain partners to improve efficiencies
• Information sharing for collaborative decision making
• National program sponsored by VICS for establishing collaboration standards – called CPFR (Collaborative Planning, Forecasting and Replenishment)
4
.... but, there are Very Good Reasons for Keeping Asymmetric Information
Asymmetric
• Fear that Supply-Chain Partner will Take Advantage of Private Information
• Fear that Private Information will Leak to a Competitor
5
As a result…
• Reluctance to share private/proprietary info– Even when both sides would gain from sharing
• Consequence: Information asymmetry– Many inefficiencies
6
Is it possible to enjoy the benefits of Information-Sharing without Disclosing Private Information?
Obvious Question…
7
The Future
• Online interactions that give the benefits of sharing, without its drawbacks– “As if” information sharing had taken place, yet without
revealing one’s private/proprietary data
• Counterpart’s information is often needed only as partial input for computing a desired output
• Can two parties compute desired output without either learning the other’s input?
8
An Example: Vickrey Auction
• Requires computation of the second highest bid value and identity of highest bidder from all submitted bids
• Secure Multi-party Computation (SMC) protocols can– Compute the second highest bid without revealing the
identity of the second highest bidder
– Identify highest bidder without revealing his bid
– Not reveal bids of any other bidders
9
Secure multiparty computation
• Alice has private data x,• Bob has private data y,• They want to jointly compute f(x,y),• Only Alice (or Bob, or both) knows the result.
Alice Bob
x y
10
Secure multiparty computation (SMC) Literature
• A decades old area– Yao, Goldreich, Micali, Wigderson, … (many others)
– Elegant theory
– General results • Circuit simulations, use oblivious transfer
– General results typically impractical
• Recently: Protocols for specific problems– More practical
11
Mechanism Design Literature
• Studies how private information can be elicited from agents by providing incentives
• Mechanism design problem simplified through the revelation principle (principal announces a menu constructed to induce truth telling)
• No future or side consequences of participating in the mechanism and truthfully revealing private information
• Assumes that the entity implementing the mechanism is trustworthy
12
Supply Chain Literature…
• Has quantified the benefit of information sharing (e.g. Lee, So and Tang; Cachon and Fisher)
• Has modeled Supply-Chain Collaboration, e.g. collaborative forecasting (Aviv 2001, 2003)
• Key obstacles: companies unwilling to share sensitive information, fear of information leakage
13
We Propose to
marry three distinct disciplines
• Secure Multi-Party Computation from CS
• Mechanism Design from Economics
• Supply-Chain Management from OM
14
Our Goal..
...we are developing protocols to enable Supply-Chain Partners to
Make Decisions that Cooperatively Achieve Desired System Goals without Revealing
Private Information
15
A Supply Chain Problem..
• Collaborative Forecasting and Planning without revealing private forecast information
16
Industry Backdrop
• Collaborative Planning, Forecasting, and Replenishment (CPFR), an initiative of the Voluntary Intra-Industry Collaboration Society (VICS)– buyer and supplier share inventory-status, forecast, and
event-oriented information and collaboratively make replenishment decisions
– pilot program between Wal-Mart and Warner-Lambert, called CFAR: (www.cpfr.org)
• Challenges to CPFR– fear that competitively-sensitive “private information”
will be compromised– Necessary to protect “sensitive” forecast information
such as sales promotions from “leaking”
17
Business Scenario
• A supply-chain with two players, a supplier selling to a retailer.
• The retailer and the supplier receive independent “signals” about future market demand– e.g., a retailer has private information about “promotions”
that he may be planning to run in the future which can affect his forecast of demand;
– the supplier can receive signals about overall “market trends”
• Incorporating these “signals” can improve forecast accuracy
• But.. “signal” information should be kept private
18
Demand Model
, ,1 1
T Tr s
t r t i s t i ti i
d
• dt – demand in period t (observed by the retailer only)
• t,ir – Retailer’s signal about period t observed in period t-i
(private information to the retailer)
• t,is –Supplier’s signal about period t observed in period t-i
(private information to the supplier)
• , r , s – unknown parameters to be estimated from past observations
19
Forecasting Process
• In each period t, estimate , r , s by regressing the observations dt versus the observed signals t,i
r and t,i
s
• For the forecast horizon (T periods) construct the forecast using the following equation:
, , 1,...,
T Tr s
j r sj i j ii j t i j t
d j t t T
20
Collaborative Inventory Planning Policy
21
Secure Protocols Example: Average Salary
22
Secure Protocols Building Blocks:
• Hiding numbers by additively splitting values
-x= xs + xr, Supplier has xs, while retailer has xr
- Modular arithmetic (xs+xr) mod N =x hides x in a information theoretic sense
Secure addition and subtraction
Homomorphic Encryption ( E(X) E(Y)=E(X+Y) )
Secure Split Multiplication
Secure Split Division
Secure Scalar Product
Secure Matrix Multiplication
23
Advanced Building Blocks:• Secure Matrix Inversion
-Matrix A is split such that As+Ar = A.
- Output supplier learns Bs, retailer learns Br; Bs+Br = B
• Secure Binary Search
• Secure Comparison
-Supplier has X, Retailer has Y,
- Output reveals if X<Y, without revealing X to retailer and Y to supplier
24
Secure Multiple Linear Regression Protocol
25
Secure Process for Forecasting and Inventory Planning
26
Step 1: Input cost parameters
1Rh 0.5Sh
19Rp 15Sp
Retailer Supplier
27
Retailer Supplier
16.80td
7RtOH
Step 2: Input demand and inventory information
1,1 0.83Rt
0RtBO
22RtIT
13StOH
0StBO
19StIT
2,2 0.58Rt
3,3 0.88Rt
4,4 0.29Rt
1,1 1.84St
2,2 0.81St
3,3 0.69St
4,4 0.18St
28
Retailer Supplier
Step 2(con’t): Regression
Supplier
ˆ 14.997
ˆ 0.996R
ˆ 0.996S
29
Step 3: Leadtime demand forecast
Overall
,[ , ] 47.46Rt t t L
,[ , ] 5.02St t t L
,[ , ] 79.35R St t t L L
SupplierRetailer
,[ ] 8.28R St t L L
30
Step 4: Determine base-stock levels
Overall
* 57.30Ry
* 67Sy
SupplierRetailer
31
Step 5: Determine order quantities
28.30Rtq
44Stq
SupplierRetailer
44Stq
28.30Rtq
32
Protocol Implementation Issues:
Protocols are verifiable
• The Logic of the Protocol is Auditable– Logic of Source Code Can be Audited
• Outputs Can be Tested– Outputs Can be Verified Given Known Inputs
33
Protocol Implementation Issues:
Other Advantages
• Valuable even in Trusted e.g. (intra-corporate) interactions– “Defense in depth” ! – Systems are hacked into, break-ins occur,
viruses occur, spy-ware, bad insiders, etc– Liability Decreased
• “Don’t send me your data even if you trust me”
• Impact on Litigation and Insurance Rates
34
We Have Only Just Begun...
• Tough Issues to Deal with:– SMC Complexities; e.g.,
• How to Deal with Collusion• Computational Complexity (e.g., simultaneity)
– Supply-Chain Modeling Complexities; e.g.• Contracting/Incentive Issues
– SSCC Complexities; e.g., • Inverse Optimization
• Bob’s Objective is fB(xA, xB); Alice’s is fA((xA, xB)
35
Future Work
• Protocols for other supply-chain applications– Price-Masking
– Bullwhip Scenarios
– Capacity Allocation
• Protocol implementation issues– Collusion by a subset of parties
– Intrusion detection
– Incentive issues and mechanism design
36
Questions?...
37
Secure Regression
38
Secure 3x3 Matrix Inverse Protocol
39
Secure Demand Forecasting ProtocolInput: The supplier knows the j,i
s and the retailer knows the j,ir , for all j,
i such that j = t + 1, ..., t + T and i = j − t, ..., T. The parameters , r , s are available in additively split form.
Output: Both supplier and retailer learn the forecast dj for all j = t + 1, ..., t + T.
Protocol Steps: 1. For each j {t + 1, ..., t + T}, the supplier computes vj
s = j,i
s. This is a “local” computation, as the supplier has all the j,i
s values. The retailer similarly computes vj
r = j,i
r for all j {t + 1, ..., t + T}.2. For each j {t + 1, ..., t + T}, the supplier and retailer run a split
multiplication protocol twice, once to compute wrj = rvr
j and once to compute ws
j = svsj (both in split fashion).
3. For each j {t + 1, ..., t + T}, the supplier and retailer run a split addition protocol to compute µ+ wr
j+ wsj, which is equal to dj . They
exchange their shares of each dj so they both learn its value.