Ensuring IFC Data Integrity

hannu.lahtela · June 19, 2023, 11:59am

Lately, we have noticed an increase in false positive notifications for invalid IFC files from Trimble. Upon investigation, we have found that a third party has made changes to the original file without providing any details about the modifications. As a result of these notifications, we will be taking steps to ensure the integrity of our exported files. We hope that future IFC schemas will include a provision for ensuring data integrity.

jwouellette · June 19, 2023, 2:11pm

@hannu.lahtela,
Other than requesting a checksum for the file in the exchange between the sender and the receiver, how would you propose integrating such provisions?

hannu.lahtela · June 20, 2023, 3:25am

The value is valid information only for the software vendor. Others don’t need to know the value and how it has been generated. Before returning a file to the software vendor, it is important to ensure that the file has not been modified. This can be done by checking its integrity.

jwouellette · June 20, 2023, 1:33pm

I would argue that the integrity of the file is valuable for everyone in the process, which is why I made the suggestion to create a checksum file for each IFC file and pass it along to the receiver in a secure fashion, rather than embedding something in the IFC file itself. This could (and more often should) be done today.

My question to the BIM-authoring vendors is whether this can be done in their respective apps alongside the IFC file export (some kind of user-selectable option at export), or would they prefer third-party tools and methods, with the decision left up to the customers.

aothms · June 20, 2023, 6:27pm

Note that a checksum is intended for integrity of the transmission, not protection against tampering. A checksum can be easily altered after the content is altered.

Public-key cryptography would be a way to sign an exchange depending on a private secret key, while allowing verification with the public key. See e.g GPG.

I think some sort of framework for verification that survives reserialization and whitespace changes would make sense to be standardized. Although you could also always just sign a zip file or attach the IFC to a signed PDF.

angel.velez · June 21, 2023, 6:30pm

I agree that some way of using public-key cryptography is probably the way to go, and bSI could have a public checker that would check that the file was the original or had been modified. If modification of IFC files is acceptable, it could even have multiple keys that would identify the original creator and the modifier.

berlotti · June 22, 2023, 10:36am

Yes! Great idea.
Shall we discuss this in the next technical meeting in Paris?
Or would you like a call earlier?
I would love to implement this!

Topic		Replies	Views
IFC Development Monthly Call - 20 August 2020 General Assembly (neé ISG) Meetings ifc5 , meetings	0	692	August 11, 2020
How to check if parameters in an IFC file are compliant and editable IFC	1	975	January 19, 2021
IFC Delta/Partial Updates Developers	2	366	November 12, 2022
usBIM.viewer+ Free IFC Editor Developers	5	7910	March 10, 2020
Upgrade of IFC file	9	997	June 13, 2020

Ensuring IFC Data Integrity

Related Topics