1 Introduction

The suppliers, raw material, manufacturers, retailers, hospitals, distributors, clinics, and patients are contained as an agent in the healthcare supply chain. The necessity of data, centralized organizations and the competition in the market between the partners and other factors are responsible for difficulty in supply throughout the process. It is not complex due to the COVID-19 (Chambliss et al. 2012) but also a challenge in counter to fake drugs as they can easily soak the healthcare sector.

Some healthcare drugs are produced and illegally designed for increasing financially in the market that affects human health and seems to be genuine (Chambliss et al. 2012). Medicines with no proper ingredients, inaccurate amount of API (Active Pharmaceutical Ingredient), repackaging of expired medicines, lower degree of rank, poisonous substances are examples of such medications that leads to harmful side effects like organ failures and even death.

In India, CDSCO (Central Drugs Standard Control Organization) is an administrative office that assigned to recognized the materials for producing drugs through a loyal API provider. The re-packager gets a bundle of the drugs from the manufacturer. The few parts of the item are sends to essential merchants and other is dependent on switching the drugs built on item request or secondary suppliers (if the number of items is extremely vast) who will switch the items to the stores. At the end, patients are medicating usually on doctor’s prescribed medicine that allotted by stores. In the whole process there is no need for a third party because of supply chain (Musamih et al. 2021).

Demand for drugs has increased very fast in the recent years and have been widely exported to the market on profit margins (Musamih et al. 2021). Poor healthcare facilities, corruption in public as well as in private sectors, restricted access to effective medicinal products are the key causes of counterfeit and second-rate drugs. For this reason, we need dominant and constant monitoring of healthcare items in the supply chain market (Marucheck et al. 2011).

Several governments throughout the world help to improve the demand of tracking and tracing the counterfeited drugs. Nowadays, the traceability of drugs has turned out to be an important part of the healthcare supply chain, that authenticates tracking and tracing of healthcare products in the supply chain (Conti et al. 2018).

In the healthcare industry, counterfeit drugs are a major problem which is a concern for patients who consume drugs. Blockchain technology-based solutions (Rai et al. 2022; Rai 2022a) for healthcare sector have been accepted as very appealing. Hospitals and pharmacies are having knowledge about the complications in analysing the materials used in drugs and this is a major cause in healthcare sector for patient illness. PcPbEHR system for healthcare information system that maintains security and privacy of patient data (Rai 2022b) and Electronic Healthcare Records (EHR) helps to maintain security of patient’s information with the help of chained hashing(Rai 2022c).

2 Related work

The previous works related to this field guide and the research problem. We can show the contributions and limitations we have overcome while doing our research by mentioning them. We have tried to showcase all the research work done before to place our piece against the problem statement.

Solaiman et al. (2021) defines their application using an inimitable smart contract which merges with Ethereum blockchain through Newcastle university and establishes a centralised management platform (Solaiman et al. 2021). Notheisen et al. (2017) gives three schemes of recent research: First, its present irreversibility of transactions to decrease risk of transaction failure. Second, it introduces an independent transaction database that includes more security for registration and transactions. Third, it provides reliability, transparency, and whole records of every market’s asset (Notheisen et al. 2017). Krishna and Kumar (2020) introduce a supply chain system that uses a distributed public ledger for secure transmission and tracking. National Urban Security Technology Laboratory (2016) gives data of the 20 assets and inventory systems. The commercial merchants provide a solution, product, technology from the market but it is unable to cover all commercial merchants (FDA 2014).

Mr. Daryl Woodfield, DAF (2019) studies blockchain in more detail than how the DOD supply chain influences DOD assets in cyber security. Their descriptive study states that to prevent from counterfeit products they need to analyse related work done through blockchain in the healthcare sector, then conclude what best algorithms are designed for the DOD supply chain for DOD assets in cyber security (Woodfield 2019). Banerjee and Venkatesh (2019) proposes a solution for tracking and tracing to upgrade the performance of tasks for recall and return of products. It simplifies the process of penetration, gathering and of obtaining information transversely multifaceted supply chain through a centralized system. Zakhary et al. (2019) offers both permissioned and permissionless blockchains for data management of assets of drugs. Permissioned blockchain are managed by governmental administrations.

Chiu and Koeppl (2018) works on permissionless blockchain for providing more security. Their main attention is on PoW protocol. Ahmad et al. (2021) helps to solve the problems and challenges that are faced for classifying and processing various blockchain mechanisms. Wang, et al. (2002) talk about US stock market for the exchanges of stock and capacity of data. Al Omar et al. (2017) offers a blockchain based secure data storage for patients’ healthcare information management. It is a centralized system. Hasan and Salah (2018) gives a POD solution using blockchain for shipment of raw materials that are used in Ethereum smart contract network for tracking and tracing of products and done with higher accuracy, security, integrity, reliability and invariability.

Rai (2022d) talk about current technologies that are used in the healthcare. These blockchain technologies are used for technical as well as an application standpoint and also a remarkable interference for actual and future problems (Yang et al. 2018). Utz et al. (2019) introduce a local market for financial implications, the problem of reimbursement and incentivizing of grid nature in market place.

Nizamuddin et al. (2019) gives a sale and digital publication of assets using blockchain technology. Djamali (2021) offers a methodological solution for providing high frequency of data and efficiency that uses a Merkle tree and influences Merkle 12 proofs for confirmation of data integrity, privacy and security (Djamali 2021). Di Francesco Maesa et al. (2017) introduced a blockchain based protocol and policy that is widely evident in exchanging rights, therefore any handler can easily use resources and know about policy at all time that is paired with resources.

Marbouh et al. (2020) tracks data of new, death and recovery cases and prepares a report from authentic sources that helps to plan, build and evaluate an Ethereum based blockchain system. Casino et al. (2019) offer a complete analysis of blockchain-enabled applications in a variety of industries, including supply chain, business, healthcare, IoT, privacy, and data management, as well as major topics, trends, and upcoming research areas. Beck et al. (2017) provide fundamental benefits for managing assets, physical partnership of assets, financial services, modern activity.

3 Blockchain for drug traceability

The centralised system is commonly used in tracing the traditional healthcare sector and openness is required in supply chain management, maintaining its privacy by permitting the central handler to make changes in data without any third-party involvement. Blockchain offers integrity, privacy, security, clarity, and recoding of all transactions (Chambliss et al. 2012). Blockchain technology used as a distributed ledger, decentralised system and interoperability property that makes it more special and helps in secure transactions and trace our asset. In the market, Straightforwardness and tracing is used in different fields. In the supply chain, complex information is termed as straightforwardness. Such as, name of supplier and so on is demonstrating in supply chain (Ahmad et al. Mar. 2021). As, granular data are connected with tracing which helps in selecting any component.

3.1 Benefits of blockchain

  • Decentralised As it is distributed over a network unlike a central distributed system. The decentralised nature of blockchain helps to solve the problem of sharing of information without being hacked.

  • Immutability Immutability means once all transactions are recorded on the blockchain system no one is able to change, delete or modify data. All transactions on the blockchain are time-stamped and date-stamped, so it is a permanent store.

  • Increased efficiency and speed A blockchain based system helps to complete transactions quickly and efficiently. All the details of transactions along with credentials are stored on the blockchain system so there is no need to do paper work.

  • Security and Privacy An end-to-end encryption is formed on blockchain for unchanging records of data and transactions, which prohibit unauthorized event and as blockchain stores data over a network which helps in protecting data from being hacked.

  • Transparency With help of blockchain information are recorded on several locations. All the authorized network members get access to see the information at same time which includes complete transparency.

3.2 Technology

  • ETHEREUM Ethereum is a distributed application which supports smart contracts. Smart contracts enable participants to exchange money, shares etc. Ethereum also allows peer-to-peer(P2P) transactions over a network.

  • SMART CONTRACT On blockchain, Smart contracts run which have all the information about the transactions in a contact; hence there is no need for third-party verification. It is secure, economical, and fast to execute.

  • SOLIDITY Solidity is used to implement smart contracts. It is a high-level programming language. Solidity is object-oriented language which creates an Ethereum network to construct smart contracts on blockchain.

  • EXPRESS.JS Express is a small framework that sits on top of Node.js’s web server functionality to simplify its application program interface (APIs) and add helpful new features. It makes it easier to organize your application’s functionality with middle ware and routing.

  • GANACHE Ganache is a personal Ethereum Blockchain used to test smart contracts which is used for deploy the contracts without any cost. We can use Ganache across the entire development cycle; enabling us to develop, deploy, and test our DApps in a safe and deterministic environment.

  • REACT React makes it painless to create interactive UIs. Design simple views for each state in your application, and react will efficiently update and render just the right components when your data changes.

  • METAMASK Metamask is a browser plugin that serves as an Ethereum wallet, and is installed like any regular plugin. Once it's installed, it allows users to store Ether and other ERC-20 tokens, enabling them to make transactions to any Ethereum address.

4 Proposed solution of BBTCD

Considering the current situation, we propose a decentralized solution BBTCD. It is a multichain system that provides users with a facility to deploy its smart contract on Ethereum blockchain. Our proposed solution has three major stages.

Stage 1 in which the stakeholders visualise the smart contract, decentralized storage system and on-chain resources with the help of software devices that consists of front-end layer denoted by a DApp (Decentralized Application) which is connected to the smart contract, on-chain resources, and decentralized storage system by an application program interface (API) such as Infura and Web3.

Stage 2 in which the already authorized function will get started when stakeholders interact with smart contract and then the data file will get access by decentralized storage system.

Stage 3 at the end they meet with the on-chain resources for the required information such as logs IPFS hashes and transaction.

4.1 System architecture

Every entity of BBTCD must first be registered on the blockchain network. The components are shown in Fig. 1 are:

  • Stakeholders support the agencies like the CDSCO team, distributors, suppliers, and patients. These agencies are dependent on the participation of the supply chain market. Stakeholders also have access for tracing and tracking the information like records and login information. These stakeholders have a direct concern in healthcare services.

  • Decentralized Storage System (IPFS [42]) helps in verifiable, accessible, programmable and efficient transactions for storing data in the supply chain. The integrity of decentralized storage system is maintained by uploading files with the help of Secure Hash Algorithm (SHA). These uploaded files are stored in the blockchain through smart contact with some minor changes reflected in the SHA.

  • Ethereum Smart Contract managed the decentralised storage system and the deployment process which is an important key factor for recording transactions and managing data. This helps in providing access to the participants and all the stakeholders. In this process, a modifier is used to remove non-specific transactions and add specified parties with the help of smart contact. Detailed transactions are approved by the stakeholders as it has all the accessing information of all the suppliers.

  • On-chain Resources refers to those resources that are present inside the blockchain network. These resources can work on public keys and are used by third-parties. These resources are used for storing, enabling the transactions for track and trace smart contracts.

  • Distributor bundles all the smart contracts and take a back-up of all the packages to start the delivery process. They supply different lot to pharmacies for secure transmission and transfer limited stock to the useful parties.

  • Sale contact between the pharmacist and the patients is the final phase in the sequence diagram. The pharmacy will start selling the medicine Lot box here, and it will be announced to all supply chain partners. The IPFS will then upload a picture of the sold drug package, and then send a hash to the smart contract. The patient will get the medication Lot box, which marks the end of the drug Lot selling phase.

Fig. 1
figure 1

System Architecture of Blockchain for Counterfeited Drugs

Full size image

There are two smart contracts that manage the entities such as patient and drug lot:

4.1.1 BBTCD_Parent Smart Contract

It is deployed only once and is responsible for adding, updating and deletion of drug lot information. It also deploys other smart contracts.

4.1.2 BBTCD_Patient Smart Contract (BBTCD_PSC)

BBTCD_PSC is deployed as per patient and is responsible for check the information of drugs. PSC allows the patients to give the information about the drug whether it is counterfeit or not. Its functioning includes storing records on IPFS.

The sequence of movements shown in Fig. 2 are as follows:

  1. (1)

    To initiate the process of manufacturing the drug, a manufacturer will send a request to CDSCO for approval. After approval from CDSCO, the manufacturer will start the manufacturing process.

  2. (2)

    On IPFS the image of the drug lot is uploaded by the manufacturer and then IPFS sends respective data to the smart contract so participants will access those images later. Then the distributor will get the drug lot for packaging.

  3. (3)

    The image of the package drug will be uploaded on IPFS which will be sent to the smart contract by the distributor. Then all packages are sent to the pharmacies.

  4. (4)

    In the end steps of the sequence diagram, there are only two participants who will interact: pharmacy and patients.

  5. (5)

    Pharmacy will sell drugs and an event declared in the supply chain to all participants. Sold drugs image is uploaded on IPFS which will further send to smart contract by the IPFS.

  6. (6)

    All transactions are recorded and further can be accessed by all participants in the supply chain.

Fig. 2
figure 2

Sequence Diagram of Blockchain for Counterfeited Drugs

Full size image

The work flow of proposed BBTCD is shown in Fig. 3. An API supplier is responsible for delivering the raw materials to manufacture drugs approved by the Indian agency CDSCO. CDSCO checks the raw materials and approve or deny to the lot manufacturing. Sometimes the manufacturer needs a re-packager for sending a drugs Lot. Distributor are receiving their respective Lots of packaged products and then sends to the hospitals and dispensaries. When the quality of Lots is very large, we move some packaging to the secondary distributor. At the end, dispensaries and hospitals allot the drugs to the patients as prescribed by their doctors.

Fig. 3
figure 3

Workflow Diagram of Blockchain for Counterfeited Drugs

Full size image

5 Implementation

We use Remix IDE for compilation and testing of smart contract. In this, smart contract is first deployed with the help of the manufacturer where all the details of the manufactured drugs are defined and the system is decentralised that helps our system from hacking, modifying data, removing data and accessing the data.

The current smart contract has the address of Ethereum, and is installed using the ownerID gateway. There is only a single ownerID because of the drug lot in smart contract and once the owner changes, an event is formed and recorded on the database, which helps us to track and trace the source of drug lot, but ownerID is a pathway not a mapping.

As it shows respective pharmacy lots, smart contract has features like Name, Price, nBoxes and images. Three mappings occur for companies that have permission to access some entities such as suppliers, manufacture, etc. For a comprehensive result the manufacturer and seller require smart settlement that needs a number of skills. Details contain the data about the manufacturer and take various inputs such as Name, Price, nBoxes, and priceofbox.

figure afigure a

In Fig. 4 first page of BBTCD dashboard has been shown. As per role separate login is provided which is shpwn in Fig. 5.

Fig. 4
figure 4

Screenshot of the BBTCD dashboard

Full size image
Fig. 5
figure 5

Login as per different roles

Full size image

In Fig. 6 smart contract and ganache account is shown.

Fig. 6
figure 6

Screenshot of Ganache and Smart Contract

Full size image

6 Discussion and evaluation of BBTCD

In this section, we discuss generalization of the proposed Ethereum blockchain based solution and security analysis for drug traceability in supply chain.

6.1 Generalization

The proposed work in this paper demonstrates how blockchain technology can be applied for drug traceability in a pharmaceutical supply chain. Although the functions in the smart contract were defined in a way that fits the pharmaceutical supply chain specifically, it can be easily extended to other types of supply chains. The main difference between the pharmaceutical supply chain and any other supply chain is the products/items that are being shipped, distributed, and sold and the way they are handled throughout the process. For example, some pharmaceutical drugs require very specific conditions like temperature and humidity while they are being transferred from a point to another whereas a spare part supply chain for example would have very different conditions. Since live tracking is out of the scope of this paper, tracing the origin of a product/item regardless of its type will be very similar because it only requires the scanning of a unique identification code which is attached to the product/item and the DApp will handle the rest. The only difference might occur in the way unique identifications are generated for the products items which does not hinder the process.

6.2 Security analysis for the blockchain-based healthcare supply chain

6.2.1 Integrity

The primary objective of the proposed blockchain solution is to keep track of all the transactions that occur within the healthcare supply chain ensuring traceability of the history of the Lots, ownership transfers and their corresponding boxes. This is ensured in the proposed solution because all events and logs are stored in the immutable blockchain ledger. Moreover, the use of IPFS to store images of the manufactured Lots adds integrity to the proposed solution. This will ensure that every transaction within the healthcare supply chain can be tracked and traced.

6.2.2 Accountability

Each execution of a function has the Ethereum address of the caller stored on the blockchain which means tracing the function caller is always possible. Therefore, all the participants are accountable for their actions. In the healthcare supply chain, the manufacturer will be accountable for any drug Lot he produces using the lotDetails function and pharmacies will be accountable for any prescription they give to a function because buyBox function will show from where each patient is getting the drugs.

6.2.3 Authorization

The critical functions in the smart contract can only be executed by authorised participants by using the modifier. This ensures protection against unprivileged access and prevention of any unwanted entities from using the implemented functions. This is very important for the healthcare supply chain because the manufacturing of the drug Lot should only be done by a verified manufacturer and the prescription of drugs should be only done by a verified pharmacy.

6.2.4 Availability

Blockchains are decentralized and distributed by nature. Therefore, once the smart contract is deployed on the blockchain, all logs and transactions are accessible to all participants. Contrary to centralized approaches, the transaction data is stored at all participating nodes therefore loss of a node does not result in the loss of transaction data. The blockchain network needs to be up and running all the time for the application of healthcare supply chain to be successful. Any downtime might result in delays that are very costly in the healthcare industry.

6.2.5 Smart contract security analysis

The developed Ethereum smart contract for drug traceability was analyzed using specialized tools to reveal any code vulnerabilities in addition to the aforementioned security analysis. Those tools were used in code development iterations to improve the reliability of the smart contract. Remix IDE that was used to develop the smart contract provides some code debugging and run-time error warnings. However, they are not sufficient to establish trust in the smart contract robustness. Therefore, SmartCheck was used to detect vulnerabilities in the code at different severity levels. After multiple iterations of smart code modification, the smart code was bug-free as reported by the output. SmartCheck analyzed the smart contract comparing it to its knowledge base and verified that it was free from risks that would make it susceptible to exploitation and cyber-attacks. It is designed to protect the Ethereum smart contract from known attacks such as callstack depth attack and re-entrancy attacks.

6.3 Performance evaluation

It is very important to understand how our proposed solution will perform when mass users will use our platform in real time. This is why we performed a test in order to understand and measure the performance of the platform under load. We have used Apache JMeter, a load testing software for examining and assessing the performance of a wide range of services. After performing the assessment, the following results are derived:

6.3.1 Average execution time

The execution time of the functions which are defined in the smart contracts are as follows: For only 1 user at a time, assignRoles takes 18.29 secs, these execution time increase when 100 users use the platform at same time.

6.3.2 Throughput

We have used Apache JMeter to understand the throughput of our proposed product. Transaction throughput is a term used in the blockchain to describe how quickly a blockchain executes transactions. Scale of the representation is Data travelled per second.

During the experimental analysis, it was discovered that as the number of users and their data requests increased, the system's throughput increased in a linear fashion. Thus, the efficiency of the BBTCD platform is demonstrated by this linear increase in throughput as shown in Fig. 7. To analyze the throughput for our platform, we have considered the number of users varying between 100 and 500.These simulated users are the ones who were using the platform and its services during the experiment.

Fig. 7
figure 7

Graph showing the Throughput of BBTCD platform

Full size image

6.3.3 Average latency

We have made use of Apache JMeter to know the average latency experienced in our platform. Latency is defined as the time difference between the components of system,when one system component sends a request and another system component generates a response to it. Latency is measured in milliseconds. The number of users in experiment was considered by JMeter itself. The average latency of BBTCD platform observed is 14.6 ms as shown in Fig. 8.

Fig. 8
figure 8

Average Latency of BBTCD platform

Full size image

6.4 Comparison of proposed solution with existing solution

We present a comparative analysis of the proposed solution for traceable supply chain for pharmaceutical drugs with relevant existing solutions. The proposed solution is decentralized which is an important feature as it prevents any single entity from manipulating or modifying the data. Another important feature of our solution is resilience, since the solution is decentralized, it eliminates single point of failure. Blockchain offers excellent solution for data integrity and security due to its features such as data immutability, therefore once the information is added to the edger it cannot be removed or modified. The security of data is maintained because it’s stored in a decentralized way which makes no single entity capable of simultaneous manipulation of data. Transparency of transactions is an important aspect for any supply chain. In our proposed solution, all participants can access and view the verified all transactions in a trusted environment. Our solution uses Ethereum blockchain whereas the solution in Faisal et.al operates in private permissioned mode which is an inherent feature in Hyperledger fabric. The payment method in our solution is Ether which is the currency of Ethereum. Faisal et.al does not have a currency. Furthermore, in all solutions data is stored on-chain but our solution has an additional feature which allows storing data off-chain as well. However, the solution in Faisal et.al does not provide a programmable module.

7 Conclusion

In the healthcare supply chain, it is a big challenge to protect drug traceability against counterfeit drugs. We designed a blockchain-based application for track and trace the healthcare supply chain in a distributed method. Our application uses blockchain technology which provides a secure channel in the supply chain for login and develops smart contract using Ethereum which is only accessed by stakeholders for check authentication of participants. Our proposed application is economically more stable, achieve transparency and enhance efficiency of the healthcare supply chain.