This SpringerBrief introduces methodologies and tools for quantitative
understanding and assessment of supply chain risk to critical
infrastructure systems. It unites system reliability analysis,
optimization theory, detection theory and mechanism design theory to
study vendor involvement in overall system security. It also provides
decision support for risk mitigation.
This SpringerBrief introduces I-SCRAM, a software tool to assess the
risk. It enables critical infrastructure operators to make risk-informed
decisions relating to the supply chain, while deploying their IT/OT and
IoT systems.
The authors present examples and case studies on supply chain risk
assessment/mitigation of modern connected infrastructure systems such as
autonomous vehicles, industrial control systems, autonomous truck
platooning and more. It also discusses how vendors of different system
components are involved in the overall security posture of the system
and how the risk can be mitigated through vendor selection and
diversification. The specific topics in this book include:
- Risk modeling and analysis of IoT supply chains
- Methodologies for risk mitigation, policy management, accountability,
and cyber insurance
These topics are supported by up-to-date summaries of the authors'
recent research findings. The authors introduce a taxonomy of supply
chain security and discusses the future challenges and directions in
securing the supply chains of IoT systems. It also focuses on the need
for joint policy and technical solutions to counter the emerging risks,
where technology should inform policy and policy should regulate
technology development.
This SpringerBrief has self-contained chapters, facilitating the readers
to peruse individual topics of interest. It provides a broad
understanding of the emerging field of cyber supply chain security in
the context of IoT systems to academics, industry professionals and
government officials.