The Government Blockchain Association published their first Blockchain Maturity Model on 30 April 2022. The purpose of this model is to help people developing blockchain-based solutions as well as those acquiring them understand how to implement & demonstrate that blockchain-based solutions can be trusted.
Blockchain technology is rapidly advancing. It is the underlying technology of cryptocurrency. Has exploded into the 7th largest economy in the world within ten years. However, the technology is still immature. The technology is being implemented in almost every industry across the globe through platforms, applications, and more.
Blockchain-based solutions are being acquired by some governments. Despite this, they have little experience with blockchain-based systems, such as acquiring, implementing, and maintaining them.
The Blockchain Maturity Model (BMM) aims to provide:
- acquisition professionals with a framework to assess blockchain-based solutions for suitability as a basis for making acquisition decisions.
- roadmaps for solution developers to improve and mature their solutions.
The model outlines requirements and expectations for developing, implementing, maintaining, and continuously improving blockchain solutions. A BMM maturity rating may also include supplemental domain elements.
Structure
The Blockchain Maturity Model (BMM) defines generic expectations and domain specific requirements. The generic or “core” expectations are referred to as “elements” within this model. The elements define the expectations that are “core” and expected of all blockchain-based solutions. Within each element, there are five levels. The five levels relate to degrees of reliability and dependability for the given element. The five levels are:
• Level 1: Initial
• Level 2: Documented
• Level 3: Validated
• Level 4: Production
• Level 5: Optimizing
The Elements
1. Distribution
The goal of distribution is to assess the hosting concentration risk from homogeneous to heterogeneous. No single person or entity may have administrative control of the hardware for more than a certain percentage of the nodes. This includes nodes hosted on the same cloud provider.
2. Governance
The goal of governance in a blockchain solution is to provide effective management of key components, including assets, nodes, synchronization mechanisms, infrastructure/network, system, participants, protocols, records, and smart contracts or life cycle scripts.
Governance may be performed by a variety of mechanisms ranging from a centralized authority to one or more mutualised network agreement.
3. Identity Management
- The goal of identity management in a blockchain solution is to ensure that controls are in place for identity and access management. Controls include:
- Methods to identify users of a system and establish a user profile, address, or other identifier
- Define the activities and processes to bind a user to a known identity or dissociate a user from a real-word identity to protect anonymity.
- Associating user profiles with one or more roles and/or permissions
- Associating roles and levels of access and permissions
- Allocating users to groups
- Adding, modifying, or removing users, roles, groups, and permissions
- Limiting access to individuals and groups based on defined rules.
4. Interoperability
The goal of interoperability is to facilitate the ability of a blockchain solution to share and use information and assets with other legacy and blockchain solutions.
5. Performance
The goal of performance in a blockchain solution is to ensure that the transaction volumes and speed are suitable for the use of the blockchain. This is measured based on an understanding of demand requirements and resource utilization. It includes consideration of capacity, cost, latency, memory, transaction speeds, and transaction finalization. Specific factors are considered for domains.
6. Privacy
The goal of privacy in a blockchain solution is to ensure that the solution has adequate encryption and protections of Personal Identifiable Information (PII) in accordance with international standards such as the General Data Privacy Regulation (GDPR). The protections are required both internally and externally to the network because the key components, composed of nodes, synchronization mechanisms, infrastructure/network, system, deterministic scripts, and smart contracts.
7. Reliability
The goal of reliability in a blockchain solution is to provide the assurance that adequate controls address and mitigate the resolution of the disputed forks, blocks, errors or fraud of the network.
8. Resilience (Fault Tolerance)
The goal of resilience in a blockchain solution is to ensure the continuity of operations during unforeseen events, limitations, and failures. Resilience management aims at optimizing the capacity and availability of critical components. Critical components may include nodes, synchronization mechanisms, infrastructure/network, system, smart contracts and deterministic scripts.
9. Security
The goal of security in a blockchain solution is to provide assurance that adequate controls address and mitigate the end-to-end security risks of the solution composed of nodes, synchronization mechanisms, infrastructure/network (hardware/software), network interfaces, network-linked devices, system, deterministic scripts, and smart contracts.
10. Infrastructure Sustainability
The goal of Infrastructure Sustainability is to ensure the availability of all resources required to maintain the capabilities and satisfy requirements throughout the life of solution.
11. Synchronization
The goal of synchronization in a blockchain solution is to assess the means for the network to achieve consistency and completeness for finality of the distributed and immutable records. Synchronization covers many mechanisms which include, but are not limited to, consensus algorithms, competitions such as mining, elected or selected validators with Proof of Stake solutions.
For full information and the requirements for attaining specific levels, please refer to the official BMM document here.
Watch GBA Executive Director Gerard Dache’s video explaining the BMM in more depth here.
Mr Dache also talks about potential tax relief for companies that get assessed by the Government Blockchain Association (GBA), here (towards the end of the video).