ISO 23257:2022
(Main)Blockchain and distributed ledger technologies — Reference architecture
Blockchain and distributed ledger technologies — Reference architecture
This document specifies a reference architecture for Distributed Ledger Technology (DLT) systems including blockchain systems. The reference architecture addresses concepts, cross-cutting aspects, architectural considerations, and architecture views, including functional components, roles, activities, and their relationships for blockchain and DLT.
Technologies des chaînes de blocs et technologies de registre distribué — Architecture de référence
Blokovno veriženje in tehnike razpršenih glavnih knjig - Referenčna arhitektura (ISO/DIS 23257)
General Information
Buy Standard
Standards Content (Sample)
INTERNATIONAL ISO
STANDARD 23257
First edition
2022-02
Blockchain and distributed ledger
technologies — Reference architecture
Technologies des chaînes de blocs et technologies de registre
distribué — Architecture de référence
Reference number
ISO 23257:2022(E)
© ISO 2022
---------------------- Page: 1 ----------------------
ISO 23257:2022(E)
COPYRIGHT PROTECTED DOCUMENT
© ISO 2022
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii
© ISO 2022 – All rights reserved
---------------------- Page: 2 ----------------------
ISO 23257:2022(E)
Contents Page
Foreword .v
Introduction . vi
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Symbols and abbreviated terms.4
5 Concepts . 5
5.1 DLT and blockchain systems . 5
5.1.1 General . 5
5.1.2 Blockchain DLT and non-blockchain DLT . 6
5.2 Networking and Communications . 6
5.3 DLT platform . 7
5.4 DLT system interfaces . 7
5.5 Consensus . 8
5.6 Events . 10
5.7 Integrity of ledger content . 10
5.8 Integrity and ledger management . 11
5.9 Subchains and sidechains . 12
5.10 DLT Applications .12
5.11 DLT solutions . 12
5.12 Smart contracts . 13
5.12.1 General .13
5.12.2 Smart contract execution on dedicated peers . 14
5.12.3 Smart contract execution on arbitrary peers . 14
5.13 Transactions and how they work . 14
5.14 Tokens, virtual and cryptocurrencies, coins, and associated concepts .15
6 Cross-cutting aspects . .16
6.1 General . 16
6.2 Security . 16
6.3 Identity . 17
6.4 Privacy . 17
6.4.1 General . 17
6.4.2 On-ledger PII storage . 18
6.4.3 Off-ledger PII storage. 19
6.5 DLT Governance. 19
6.6 Management . . . 20
6.7 Interoperability. 21
6.8 Data flow . 24
7 Types of DLT systems .25
8 Architectural considerations for DLT Systems .26
8.1 Characteristics and relationships. 26
8.2 Ledger technology . 27
8.3 Ledger storage architecture . 27
8.4 Ledger control architecture . 27
8.5 Ledger subsetting . 27
8.6 Ledger permission . 27
9 Architectural views of reference architecture .27
9.1 General . 27
9.1.1 Five architectural views . 27
9.1.2 Notation of diagrams .28
9.2 User view .29
iii
© ISO 2022 – All rights reserved
---------------------- Page: 3 ----------------------
ISO 23257:2022(E)
9.2.1 General .29
9.2.2 DLT users .30
9.2.3 DLT administrators .30
9.2.4 DLT providers . 31
9.2.5 DLT developers . . 32
9.2.6 DLT governors . .33
9.2.7 DLT auditors .33
9.3 Functional view .34
9.3.1 Functional categorization framework .34
9.3.2 Non-DLT systems . 35
9.3.3 User layer . 35
9.3.4 API layer . 35
9.3.5 DLT platform layer .36
9.3.6 Infrastructure layer.38
9.3.7 Cross-layer functions . . 39
9.4 System view . 45
9.4.1 General . 45
9.4.2 DLT Nodes .46
9.4.3 Application systems .46
9.4.4 Non-DLT systems .46
9.4.5 Other DLT systems.46
9.4.6 Cross-layer functions . .46
Annex A (informative) Consideration of tokens, virtual and cryptocurrencies, coins, and
associated concepts .47
Annex B (informative) Ledger implementation examples .50
Bibliography .51
iv
© ISO 2022 – All rights reserved
---------------------- Page: 4 ----------------------
ISO 23257:2022(E)
Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out
through ISO technical committees. Each member body interested in a subject for which a technical
committee has been established has the right to be represented on that committee. International
organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.
ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of
electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the
different types of ISO documents should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of
any patent rights identified during the development of the document will be in the Introduction and/or
on the ISO list of patent declarations received (see www.iso.org/patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO's adherence to
the World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT), see
www.iso.org/iso/foreword.html.
This document was prepared by Technical Committee ISO/TC 307, Blockchain and distributed ledger
technologies.
Any feedback or questions on this document should be directed to the user’s national standards body. A
complete listing of these bodies can be found at www.iso.org/members.html.
v
© ISO 2022 – All rights reserved
---------------------- Page: 5 ----------------------
ISO 23257:2022(E)
Introduction
Records of transactions, based on certain agreed upon conditions, form the basis for exchanging assets
between parties. Businesses and governments have been operating for centuries using this foundation.
While physical ledgers were once used, they have largely been replaced with modern technology.
However, in traditional approaches, a ledger must be centrally controlled by one or a small number of
parties, and other stakeholders must rely on them as agents to change those ledgers.
An important property of a ledger is verifiability. This means that the parties can verify that the set of
transactions in the ledger is complete and accurate. As a result, these parties can identify irregularities
in transactions, for example, to verify that digital assets of the participants are correctly accounted
within a financial ledger. Currently, it is possible to achieve a verifiable ledger in a centralized way
by making certain trust assumptions. However, verifiability can be also achieved by distributing the
storage and decentralizing the control of the ledger with minimal trust in any one party.
By maintaining a ledger in a distributed network, Distributed Ledger Technology (DLT) systems,
including blockchain systems, allow a much wider range of parties to have a shared view of the ledger
and to make their own changes to that ledger.
A broad spectrum of DLT based business solutions is possible. This document presents a reference
architecture for such DLT based solutions. It starts with the definitions and concepts of blockchain
and DLT such as the system organization, nature of access, type of consensus and the roles and
responsibilities of the participants. Given that the reference architecture must accommodate a wide
variety of possible use cases, it touches upon various business domains and their respective use cases
at a high level. Historically, ledgers have facilitated the exchange of assets, but DLT solutions can also be
used more broadly for reporting, auditing, and coordination. The document finally presents the reader
with various layers of a reference architecture for DLT systems and the functional components in the
layers.
This document is relevant to, among other, academics, architects, customers, users, developers,
regulators, auditors, and standards development organizations.
vi
© ISO 2022 – All rights reserved
---------------------- Page: 6 ----------------------
INTERNATIONAL STANDARD ISO 23257:2022(E)
Blockchain and distributed ledger technologies —
Reference architecture
1 Scope
This document specifies a reference architecture for Distributed Ledger Technology (DLT) systems
including blockchain systems. The reference architecture addresses concepts, cross-cutting aspects,
architectural considerations, and architecture views, including functional components, roles, activities,
and their relationships for blockchain and DLT.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their content
constitutes requirements of this document. For dated references, only the edition cited applies. For
undated references, the latest edition of the referenced document (including any amendments) applies.
ISO 22739, Blockchain and distributed ledger technologies — Vocabulary
ISO/IEC 24760-1, IT Security and Privacy — A framework for identity management — Part 1: Terminology
and concepts
3 Terms and definitions
For the purposes of this document, the terms and definitions given in ISO 22739, ISO/IEC 24760-1 and
the following apply.
ISO and IEC maintain terminology databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at https:// www .electropedia .org/
3.1
activity
specified pursuit or set of tasks
[SOURCE: ISO/IEC 17789:2014, 3.2.1]
3.2
architecture
fundamental concepts or properties of a system in its environment embodied in its elements,
relationships, and in the principles of its design and evolution
[SOURCE: ISO/IEC/IEEE 42010:2011, 3.2]
3.3
behavioural interoperability
interoperability so that the actual result of the exchange achieves the expected outcome
[SOURCE: ISO/IEC 19941:2017, 3.1.6]
1
© ISO 2022 – All rights reserved
---------------------- Page: 7 ----------------------
ISO 23257:2022(E)
3.4
data archiving
digital preservation process that is moving data into a managed form of storage for long-term retention
[SOURCE: ISO 5127:2017, 3.1.11.19]
3.5
data flow
sequence in which data transfer, use, and transformation are performed during the execution of a
computer program
[SOURCE: ISO/IEC/IEEE 24765:2017, 3.1006]
3.6
disruption
incident, whether anticipated (e.g. hurricane) or unanticipated (e.g. power failure/outage, earthquake,
or attack on information and communication technology systems/infrastructure) which disrupts the
normal course of operations at an organization’s location
[SOURCE: ISO/IEC 27031:2011, 3.6]
3.7
distributed ledger technology governance
DLT governance
system for directing and controlling a distributed ledger technology system including the distribution
of on-ledger and off-ledger decision rights, incentives, responsibilities and accountabilities
3.8
finality
property of a ledger that guarantees transactions in confirmed ledger records are irreversible and
cannot be altered or deleted
3.9
functional component
functional building block needed to engage in an activity, backed by an implementation
[SOURCE: ISO/IEC 17789:2014, 3.2.3]
3.10
fungible
capable of mutual substitution among individual units
Note 1 to entry: The individual units can be digital assets, e.g. tokens.
3.11
governance
system of directing and controlling
[SOURCE: ISO/IEC 38500:2015, 2.8]
3.12
incident
anomalous or unexpected event, set of events, condition, or situation at any time during the life cycle of
a project, product, service, or system
[SOURCE: ISO/IEC/IEEE 24748-1:2018, 3.22]
2
© ISO 2022 – All rights reserved
---------------------- Page: 8 ----------------------
ISO 23257:2022(E)
3.13
interoperability
ability of two or more systems or applications to exchange information and to mutually use the
information that has been exchanged
[SOURCE: ISO/IEC 17788:2014, 3.1.5]
3.14
party
natural person or legal person, whether or not incorporated, or a group of either
[SOURCE: ISO/IEC 17789:2014, 7.2.3]
3.15
personally identifiable information
PII
information that (a) can be used to establish a link between the information and the natural person to
whom such information relates, or (b) is or can be directly or indirectly linked to a natural person
Note 1 to entry: The “natural person” in the definition is the PII principal. To determine whether a PII principal
is identifiable, account should be taken of all the means which can reasonably be used by the privacy stakeholder
holding the data, or by any other party, to establish the link between the set of PII and the natural person.
[SOURCE: ISO/IEC 29100:2011/Amd 1:2018, 2.9]
3.16
policy interoperability
interoperability while complying with the legal, organizational and policy frameworks applicable to the
participating systems
[SOURCE: ISO/IEC 19941:2017, 3.1.7]
3.17
provenance
information that documents the origin or source of an asset, any changes that have taken place since it
was originated, and who has had custody of it since it was originated
[SOURCE: ISO/IEC 27050-1:2019, 3.19, modified — “Electronically Stored Information” has been
replaced with “asset”.]
3.18
resilience
capability of a system to maintain its functions and structure in the face of internal and external change,
and to degrade gracefully when this is necessary
[SOURCE: ISO 37101:2016, 3.33, modified — Definition replaced with text in Note 3 to entry, Notes to
entry deleted.]
3.19
role
set of activities that serve a common purpose
[SOURCE: ISO/IEC 17789:2014, 3.2.7]
3.20
semantic data interoperability
interoperability so that the meaning of the data model within the context of a subject area is understood
by the participating systems
[SOURCE: ISO/IEC 19941:2017, 3.1.5]
3
© ISO 2022 – All rights reserved
---------------------- Page: 9 ----------------------
ISO 23257:2022(E)
3.21
sub-role
subset of the activities of a given role
[SOURCE: ISO/IEC 17789:2014, 3.2.9]
3.22
syntactic interoperability
interoperability such that the formats of the exchanged information can be understood by the
participating systems
[SOURCE: ISO/IEC 19941:2017, 3.1.4]
3.23
transport interoperability
interoperability where information exchange uses an established communication infrastructure
between the participating systems
[SOURCE: ISO/IEC 19941:2017, 3.1.3]
3.24
smart contract
computer program stored in a DLT system wherein the outcome of any execution of the program is
recorded on the distributed ledger
Note 1 to entry: A smart contract can represent terms in a contract in law and create a legally enforceable
obligation under the legislation of an applicable jurisdiction.
[SOURCE: ISO 22739:2020, 3.72]
3.25
consensus
agreement among DLT nodes that 1) a transaction is validated and 2) the distributed ledger contains a
consistent set and ordering of validated transactions
Note 1 to entry: Consensus does not necessarily mean that all DLT nodes agree.
Note 2 to entry: The details regarding consensus differ among DLT designs and this is a distinguishing
characteristic between one design and another.
[SOURCE: ISO 22739:2020, 3.11]
4 Symbols and abbreviated terms
AMQP Advanced Message Queuing Protocol
API Application Programming Interface
CAdES Cryptographic Message Syntax (CMS) Advanced Electronic Signature
DLT Distributed Ledger Technology
DNS Domain Name System
EDI Electronic Data Interchange
FBA Federated Byzantine Agreement
GDPR General Data Protection Regulation
HTTP Hyper Text Transfer Protocol
4
© ISO 2022 – All rights reserved
---------------------- Page: 10 ----------------------
ISO 23257:2022(E)
HTTPS Hypertext Transfer Protocol Secure over Socket Layer
ICT Information and Communication Technology
IDE Interactive Development Environment
IoT Internet of things
IPFS InterPlanetary File System
JSON JavaScript Object Notation
MQTT Message Queuing Telemetry Transport
P2P Peer-to-peer
PBFT Practical Byzantine Fault Tolerance
PKI Public Key Infrastructure
RA Reference Architecture
XML eXtensible Markup Language
5 Concepts
5.1 DLT and blockchain systems
5.1.1 General
To understand blockchain and DLT systems, it is necessary to provide a description of the essential
concepts associated with these systems and the range of distributed ledger technologies that exist.
A ledger is a long-established concept used in business and technology. When applied to ICT systems, it
is an information store that keeps “final and definitive” records of transactions. Ledgers were originally
and principally applied to financial transactions and to accounting practices. However, ledgers can be
used to record transactions of almost any type: for example, the movements and transfers of physical
objects.
A highly desirable property of a ledger is tamper-resistance, i.e. that transaction records, once entered
into the ledger, are difficult to alter by design, and they cannot be altered without the alteration being
clearly evident on inspection, whether the alteration is deliberate or accidental, malicious or benign.
The word "tamper-resistant" is more appropriate than "tamper-proof" since it can be extremely hard
to prevent all forms of tampering. Similarly, although immutability is a desi
...
FINAL
INTERNATIONAL ISO/FDIS
DRAFT
STANDARD 23257
ISO/TC 307
Blockchain and distributed ledger
Secretariat: SA
technologies — Reference architecture
Voting begins on:
2021-11-02
Voting terminates on:
2021-12-28
RECIPIENTS OF THIS DRAFT ARE INVITED TO
SUBMIT, WITH THEIR COMMENTS, NOTIFICATION
OF ANY RELEVANT PATENT RIGHTS OF WHICH
THEY ARE AWARE AND TO PROVIDE SUPPOR TING
DOCUMENTATION.
IN ADDITION TO THEIR EVALUATION AS
Reference number
BEING ACCEPTABLE FOR INDUSTRIAL, TECHNO-
ISO/FDIS 23257:2021(E)
LOGICAL, COMMERCIAL AND USER PURPOSES,
DRAFT INTERNATIONAL STANDARDS MAY ON
OCCASION HAVE TO BE CONSIDERED IN THE
LIGHT OF THEIR POTENTIAL TO BECOME STAN-
DARDS TO WHICH REFERENCE MAY BE MADE IN
NATIONAL REGULATIONS. © ISO 2021
---------------------- Page: 1 ----------------------
ISO/FDIS 23257:2021(E)
COPYRIGHT PROTECTED DOCUMENT
© ISO 2021
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii
© ISO 2021 – All rights reserved
---------------------- Page: 2 ----------------------
ISO/FDIS 23257:2021(E)
Contents Page
Foreword .v
Introduction . vi
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Symbols and abbreviated terms.4
5 Concepts . 5
5.1 DLT and blockchain systems . 5
5.1.1 General . 5
5.1.2 Blockchain DLT and non-blockchain DLT . 6
5.2 Networking and Communications . 6
5.3 DLT platform . 7
5.4 DLT system interfaces . 7
5.5 Consensus . 8
5.6 Events . 10
5.7 Integrity of ledger content . 10
5.8 Integrity and ledger management . 11
5.9 Subchains and sidechains . 12
5.10 DLT Applications .12
5.11 DLT solutions . 12
5.12 Smart contracts . 13
5.12.1 General .13
5.12.2 Smart contract execution on dedicated peers . 14
5.12.3 Smart contract execution on arbitrary peers . 14
5.13 Transactions and how they work . 14
5.14 Tokens, virtual and cryptocurrencies, coins, and associated concepts .15
6 Cross-cutting aspects . .16
6.1 General . 16
6.2 Security . 16
6.3 Identity . 17
6.4 Privacy . 17
6.4.1 General . 17
6.4.2 On-ledger PII storage . 18
6.4.3 Off-ledger PII storage. 19
6.5 DLT Governance. 19
6.6 Management . . . 20
6.7 Interoperability. 21
6.8 Data flow . 24
7 Types of DLT systems .25
8 Architectural considerations for DLT Systems .26
8.1 Characteristics and relationships. 26
8.2 Ledger technology . 27
8.3 Ledger storage architecture . 27
8.4 Ledger control architecture . 27
8.5 Ledger subsetting . 27
8.6 Ledger permission . 27
9 Architectural views of reference architecture .27
9.1 General . 27
9.1.1 Five architectural views . 27
9.1.2 Notation of diagrams .28
9.2 User view .29
iii
© ISO 2021 – All rights reserved
---------------------- Page: 3 ----------------------
ISO/FDIS 23257:2021(E)
9.2.1 General .29
9.2.2 DLT users .30
9.2.3 DLT administrators .30
9.2.4 DLT providers . 31
9.2.5 DLT developers . . 32
9.2.6 DLT governors . .33
9.2.7 DLT auditors .33
9.3 Functional view .34
9.3.1 Functional categorization framework .34
9.3.2 Non-DLT systems . 35
9.3.3 User layer . 35
9.3.4 API layer . 35
9.3.5 DLT platform layer .36
9.3.6 Infrastructure layer.38
9.3.7 Cross-layer functions . . 39
9.4 System view . 45
9.4.1 General . 45
9.4.2 DLT Nodes .46
9.4.3 Application systems .46
9.4.4 Non-DLT systems .46
9.4.5 Other DLT systems.46
9.4.6 Cross-layer functions . .46
Annex A (informative) Consideration of tokens, virtual and cryptocurrencies, coins, and
associated concepts .47
Annex B (informative) Ledger implementation examples .50
Bibliography .51
iv
© ISO 2021 – All rights reserved
---------------------- Page: 4 ----------------------
ISO/FDIS 23257:2021(E)
Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out
through ISO technical committees. Each member body interested in a subject for which a technical
committee has been established has the right to be represented on that committee. International
organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.
ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of
electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the
different types of ISO documents should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of
any patent rights identified during the development of the document will be in the Introduction and/or
on the ISO list of patent declarations received (see www.iso.org/patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO's adherence to
the World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT), see
www.iso.org/iso/foreword.html.
This document was prepared by Technical Committee ISO/TC 307, Blockchain and distributed ledger
technologies.
Any feedback or questions on this document should be directed to the user’s national standards body. A
complete listing of these bodies can be found at www.iso.org/members.html.
v
© ISO 2021 – All rights reserved
---------------------- Page: 5 ----------------------
ISO/FDIS 23257:2021(E)
Introduction
Records of transactions, based on certain agreed upon conditions, form the basis for exchanging assets
between parties. Businesses and governments have been operating for centuries using this foundation.
While physical ledgers were once used, they have largely been replaced with modern technology.
However, in traditional approaches, a ledger must be centrally controlled by one or a small number of
parties, and other stakeholders must rely on them as agents to change those ledgers.
An important property of a ledger is verifiability. This means that the parties can verify that the set of
transactions in the ledger is complete and accurate. As a result, these parties can identify irregularities
in transactions, for example, to verify that digital assets of the participants are correctly accounted
within a financial ledger. Currently, it is possible to achieve a verifiable ledger in a centralized way
by making certain trust assumptions. However, verifiability can be also achieved by distributing the
storage and decentralizing the control of the ledger with minimal trust in any one party.
By maintaining a ledger in a distributed network, Distributed Ledger Technology (DLT) systems,
including blockchain systems, allow a much wider range of parties to have a shared view of the ledger
and to make their own changes to that ledger.
A broad spectrum of DLT based business solutions is possible. This document presents a reference
architecture for such DLT based solutions. It starts with the definitions and concepts of blockchain
and DLT such as the system organization, nature of access, type of consensus and the roles and
responsibilities of the participants. Given that the reference architecture must accommodate a wide
variety of possible use cases, it touches upon various business domains and their respective use cases
at a high level. Historically, ledgers have facilitated the exchange of assets, but DLT solutions can also be
used more broadly for reporting, auditing, and coordination. The document finally presents the reader
with various layers of a reference architecture for DLT systems and the functional components in the
layers.
This document is relevant to, among other, academics, architects, customers, users, developers,
regulators, auditors, and standards development organizations.
vi
© ISO 2021 – All rights reserved
---------------------- Page: 6 ----------------------
FINAL DRAFT INTERNATIONAL STANDARD ISO/FDIS 23257:2021(E)
Blockchain and distributed ledger technologies —
Reference architecture
1 Scope
This document specifies a reference architecture for Distributed Ledger Technology (DLT) systems
including blockchain systems. The reference architecture addresses concepts, cross-cutting aspects,
architectural considerations, and architecture views, including functional components, roles, activities,
and their relationships for blockchain and DLT.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their content
constitutes requirements of this document. For dated references, only the edition cited applies. For
undated references, the latest edition of the referenced document (including any amendments) applies.
ISO 22739, Blockchain and distributed ledger technologies — Vocabulary
ISO/IEC 24760-1, IT Security and Privacy — A framework for identity management — Part 1: Terminology
and concepts
3 Terms and definitions
For the purposes of this document, the terms and definitions given in ISO 22739, ISO/IEC 24760-1 and
the following apply.
ISO and IEC maintain terminological databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at http:// www .electropedia .org/
3.1
activity
specified pursuit or set of tasks
[SOURCE: ISO/IEC 17789:2014, 3.2.1]
3.2
architecture
fundamental concepts or properties of a system in its environment embodied in its elements,
relationships, and in the principles of its design and evolution
[SOURCE: ISO/IEC/IEEE 42010:2011, 3.2]
3.3
behavioural interoperability
interoperability so that the actual result of the exchange achieves the expected outcome
[SOURCE: ISO/IEC 19941:2017, 3.1.6]
1
© ISO 2021 – All rights reserved
---------------------- Page: 7 ----------------------
ISO/FDIS 23257:2021(E)
3.4
data archiving
digital preservation process that is moving data into a managed form of storage for long-term retention
[SOURCE: ISO 5127:2017, 3.1.11.19]
3.5
data flow
sequence in which data transfer, use, and transformation are performed during the execution of a
computer program
[SOURCE: ISO/IEC/IEEE 24765:2017, 3.1006]
3.6
disruption
incident, whether anticipated (e.g. hurricane) or unanticipated (e.g. power failure/outage, earthquake,
or attack on information and communication technology systems/infrastructure) which disrupts the
normal course of operations at an organization’s location
[SOURCE: ISO/IEC 27031:2011, 3.6]
3.7
distributed ledger technology governance
DLT governance
system for directing and controlling a distributed ledger technology system including the distribution
of on-ledger and off-ledger decision rights, incentives, responsibilities and accountabilities
3.8
finality
property of a ledger that guarantees transactions in confirmed ledger records are irreversible and
cannot be altered or deleted
3.9
functional component
functional building block needed to engage in an activity, backed by an implementation
[SOURCE: ISO/IEC 17789:2014, 3.2.3]
3.10
fungible
capable of mutual substitution among individual units
Note 1 to entry: The individual units can be digital assets, e.g. tokens.
3.11
governance
system of directing and controlling
[SOURCE: ISO/IEC 38500:2015, 2.8]
3.12
incident
anomalous or unexpected event, set of events, condition, or situation at any time during the life cycle of
a project, product, service, or system
[SOURCE: ISO/IEC/IEEE 24748-1:2018, 3.22]
2
© ISO 2021 – All rights reserved
---------------------- Page: 8 ----------------------
ISO/FDIS 23257:2021(E)
3.13
interoperability
ability of two or more systems or applications to exchange information and to mutually use the
information that has been exchanged
[SOURCE: ISO/IEC 17788:2014, 3.1.5]
3.14
party
natural person or legal person, whether or not incorporated, or a group of either
[SOURCE: ISO/IEC 17789:2014, 7.2.3]
3.15
personally identifiable information
PII
information that (a) can be used to establish a link between the information and the natural person to
whom such information relates, or (b) is or can be directly or indirectly linked to a natural person
Note 1 to entry: The “natural person” in the definition is the PII principal. To determine whether a PII principal
is identifiable, account should be taken of all the means which can reasonably be used by the privacy stakeholder
holding the data, or by any other party, to establish the link between the set of PII and the natural person.
[SOURCE: ISO/IEC 29100:2011/Amd 1:2018, 2.9]
3.16
policy interoperability
interoperability while complying with the legal, organizational and policy frameworks applicable to the
participating systems
[SOURCE: ISO/IEC 19941:2017, 3.1.7]
3.17
provenance
information that documents the origin or source of an asset, any changes that have taken place since it
was originated, and who has had custody of it since it was originated
[SOURCE: ISO/IEC 27050-1:2019, 3.19, modified — “Electronically Stored Information” has been
replaced with “asset”.]
3.18
resilience
capability of a system to maintain its functions and structure in the face of internal and external change,
and to degrade gracefully when this is necessary
[SOURCE: ISO 37101:2016, 3.33, modified — Definition replaced with text in Note 3 to entry, Notes to
entry deleted.]
3.19
role
set of activities that serve a common purpose
[SOURCE: ISO/IEC 17789:2014, 3.2.7]
3.20
semantic data interoperability
interoperability so that the meaning of the data model within the context of a subject area is understood
by the participating systems
[SOURCE: ISO/IEC 19941:2017, 3.1.5]
3
© ISO 2021 – All rights reserved
---------------------- Page: 9 ----------------------
ISO/FDIS 23257:2021(E)
3.21
sub-role
subset of the activities of a given role
[SOURCE: ISO/IEC 17789:2014, 3.2.9]
3.22
syntactic interoperability
interoperability such that the formats of the exchanged information can be understood by the
participating systems
[SOURCE: ISO/IEC 19941:2017, 3.1.4]
3.23
transport interoperability
interoperability where information exchange uses an established communication infrastructure
between the participating systems
[SOURCE: ISO/IEC 19941:2017, 3.1.3]
3.24
smart contract
computer program stored in a DLT system wherein the outcome of any execution of the program is
recorded on the distributed ledger
Note 1 to entry: A smart contract can represent terms in a contract in law and create a legally enforceable
obligation under the legislation of an applicable jurisdiction.
[SOURCE: ISO 22739:2020, 3.72]
3.25
consensus
agreement among DLT nodes that 1) a transaction is validated and 2) the distributed ledger contains a
consistent set and ordering of validated transactions
Note 1 to entry: Consensus does not necessarily mean that all DLT nodes agree.
Note 2 to entry: The details regarding consensus differ among DLT designs and this is a distinguishing
characteristic between one design and another.
[SOURCE: ISO 22739:2020, 3.11]
4 Symbols and abbreviated terms
AMQP Advanced Message Queuing Protocol
API Application Programming Interface
CAdES Cryptographic Message Syntax (CMS) Advanced Electronic Signature
DLT Distributed Ledger Technology
DNS Domain Name System
EDI Electronic Data Interchange
FBA Federated Byzantine Agreement
GDPR General Data Protection Regulation
HTTP Hyper Text Transfer Protocol
4
© ISO 2021 – All rights reserved
---------------------- Page: 10 ----------------------
ISO/FDIS 23257:2021(E)
HTTPS Hypertext Transfer Protocol Secure over Socket Layer
ICT Information and Communication Technology
IDE Interactive Development Environment
IoT Internet of things
IPFS InterPlanetary File System
JSON JavaScript Object Notation
MQTT Message Queuing Telemetry Transport
P2P Peer-to-peer
PBFT Practical Byzantine Fault Tolerance
PKI Public Key Infrastructure
RA Reference Architecture
XML eXtensible Markup Language
5 Concepts
5.1 DLT and blockchain systems
5.1.1 General
To understand blockchain and DLT systems, it is necessary to provide a description of the essential
concepts associated with these systems and the range of distributed ledger technologies that exist.
A ledger is a long-established concept used in business and technology. When applied to ICT systems, it
is an information store that keeps “final and definitive” records of transactions. Ledgers were originally
and principally applied to financial transactions and to accounting practices. However, ledgers can be
used to record transactions of almost any type: for example, the movem
...
Questions, Comments and Discussion
Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.