Visible to the public Biblio

Filters: Keyword is supply chain security  [Clear All Filters]
Bansal, Lakshya, Chaurasia, Shefali, Sabharwal, Munish, Vij, Mohit.  2022.  Blockchain Integration with end-to-end traceability in the Food Supply Chain. 2022 2nd International Conference on Advance Computing and Innovative Technologies in Engineering (ICACITE). :1152—1156.
Food supply chain is a complex but necessary food production arrangement needed by the global community to maintain sustainability and food security. For the past few years, entities being a part of the food processing system have usually taken food supply chain for granted, they forget that just one disturbance in the chain can lead to poisoning, scarcity, or increased prices. This continually affects the vulnerable among society, including impoverished individuals and small restaurants/grocers. The food supply chain has been expanded across the globe involving many more entities, making the supply chain longer and more problematic making the traditional logistics pattern unable to match the expectations of customers. Food supply chains involve many challenges like lack of traceability and communication, supply of fraudulent food products and failure in monitoring warehouses. Therefore there is a need for a system that ensures authentic information about the product, a reliable trading mechanism. In this paper, we have proposed a comprehensive solution to make the supply chain consumer centric by using Blockchain. Blockchain technology in the food industry applies in a mindful and holistic manner to verify and certify the quality of food products by presenting authentic information about the products from the initial stages. The problem formulation, simulation and performance analysis are also discussed in this research work.
Dharma Putra, Guntur, Kang, Changhoon, Kanhere, Salil S., Won-Ki Hong, James.  2022.  DeTRM: Decentralised Trust and Reputation Management for Blockchain-based Supply Chains. 2022 IEEE International Conference on Blockchain and Cryptocurrency (ICBC). :1—5.
Blockchain has the potential to enhance supply chain management systems by providing stronger assurance in transparency and traceability of traded commodities. However, blockchain does not overcome the inherent issues of data trust in IoT enabled supply chains. Recent proposals attempt to tackle these issues by incorporating generic trust and reputation management methods, which do not entirely address the complex challenges of supply chain operations and suffers from significant drawbacks. In this paper, we propose DeTRM, a decentralised trust and reputation management solution for supply chains, which considers complex supply chain operations, such as splitting or merging of product lots, to provide a coherent trust management solution. We resolve data trust by correlating empirical data from adjacent sensor nodes, using which the authenticity of data can be assessed. We design a consortium blockchain, where smart contracts play a significant role in quantifying trustworthiness as a numerical score from different perspectives. A proof-of-concept implementation in Hyperledger Fabric shows that DeTRM is feasible and only incurs relatively small overheads compared to the baseline.
Swain, Satyananda, Patra, Manas Ranjan.  2022.  A Distributed Agent-Oriented Framework for Blockchain-Enabled Supply Chain Management. 2022 IEEE International Conference on Blockchain and Distributed Systems Security (ICBDS). :1—7.
Blockchain has emerged as a leading technological innovation because of its indisputable safety and services in a distributed setup. Applications of blockchain are rising covering varied fields such as financial transactions, supply chains, maintenance of land records, etc. Supply chain management is a potential area that can immensely benefit from blockchain technology (BCT) along with smart contracts, making supply chain operations more reliable, safer, and trustworthy for all its stakeholders. However, there are numerous challenges such as scalability, coordination, and safety-related issues which are yet to be resolved. Multi-agent systems (MAS) offer a completely new dimension for scalability, cooperation, and coordination in distributed culture. MAS consists of a collection of automated agents who can perform a specific task intelligently in a distributed environment. In this work, an attempt has been made to develop a framework for implementing a multi-agent system for a large-scale product manufacturing supply chain with blockchain technology wherein the agents communicate with each other to monitor and organize supply chain operations. This framework eliminates many of the weaknesses of supply chain management systems. The overall goal is to enhance the performance of SCM in terms of transparency, traceability, trustworthiness, and resilience by using MAS and BCT.
Becher, Kilian, Schäfer, Mirko, Schropfer, Axel, Strufe, Thorsten.  2022.  Efficient Public Verification of Confidential Supply-Chain Transactions. 2022 IEEE Conference on Communications and Network Security (CNS). :308—316.
Ensuring sustainable sourcing of crude materials and production of goods is a pressing problem in consideration of the growing world population and rapid climate change. Supply-chain traceability systems based on distributed ledgers can help to enforce sustainability policies like production limits. We propose two mutually independent distributed-ledger-based protocols that enable public verifiability of policy compliance. They are designed for different supply-chain scenarios and use different privacy-enhancing technologies in order to protect confidential supply-chain data: secret sharing and homomorphic encryption. The protocols can be added to existing supply-chain traceability solutions with minor effort. They ensure confidentiality of transaction details and offer public verifiability of producers' compliance, enabling institutions and even end consumers to evaluate sustainability of supply chains. Through extensive theoretical and empirical evaluation, we show that both protocols perform verification for lifelike supply-chain scenarios in perfectly practical time.
Miyamae, Takeshi, Nishimaki, Satoru, Nakamura, Makoto, Fukuoka, Takeru, Morinaga, Masanobu.  2022.  Advanced Ledger: Supply Chain Management with Contribution Trails and Fair Reward Distribution. 2022 IEEE International Conference on Blockchain (Blockchain). :435—442.
We have several issues in most current supply chain management systems. Consumers want to spend money on environmentally friendly products, but they are seldomly informed of the environmental contributions of the suppliers. Meanwhile, each supplier seeks to recover the costs for the environmental contributions to re-invest them into further contributions. Instead, in most current supply chains, the reward for each supplier is not clearly defined and fairly distributed. To address these issues, we propose a supply-chain contribution management platform for fair reward distribution called ‘Advanced Ledger.’ This platform records suppliers' environ-mental contribution trails, receives rewards from consumers in exchange for trail-backed fungible tokens, and fairly distributes the rewards to each supplier based on the contribution trails. In this paper, we overview the architecture of Advanced Ledger and 11 technical features, including decentralized autonomous organization (DAO) based contribution verification, contribution concealment, negative-valued tokens, fair reward distribution, atomic rewarding, and layer-2 rewarding. We then study the requirements and candidates of the smart contract platforms for implementing Advanced Ledger. Finally, we introduce a use case called ‘ESG token’ built on the Advanced Ledger architecture.
Gupta, Laveesh, Bansal, Manvendra, Meeradevi, Gupta, Muskan, Khaitan, Nishit.  2022.  Blockchain Based Solution to Enhance Drug Supply Chain Management for Smart Pharmaceutical Industry. 2022 IEEE 10th Region 10 Humanitarian Technology Conference (R10-HTC). :330—335.
Counterfeit drugs are an immense threat for the pharmaceutical industry worldwide due to limitations of supply chain. Our proposed solution can overcome many challenges as it will trace and track the drugs while in transit, give transparency along with robust security and will ensure legitimacy across the supply chain. It provides a reliable certification process as well. Fabric architecture is permissioned and private. Hyperledger is a preferred framework over Ethereum because it makes use of features like modular design, high efficiency, quality code and open-source which makes it more suitable for B2B applications with no requirement of cryptocurrency in Hyperledger Fabric. QR generation and scanning are provided as a functionality in the application instead of bar code for its easy accessibility to make it more secure and reliable. The objective of our solution is to provide substantial solutions to the supply chain stakeholders in record maintenance, drug transit monitoring and vendor side verification.
Nusrat Zahan, Thomas Zimmermann, Patrice Godefroid, Brendan Murphy, Chandra Maddila, Laurie Williams.  2022.  What are Weak Links in the npm Supply Chain? ICSE-SEIP '22: Proceedings of the 44th International Conference on Software Engineering: Software Engineering in Practice.

Modern software development frequently uses third-party packages, raising the concern of supply chain security attacks. Many attackers target popular package managers, like npm, and their users with supply chain attacks. In 2021 there was a 650% year-on-year growth in security attacks by exploiting Open Source Software's supply chain. Proactive approaches are needed to predict package vulnerability to high-risk supply chain attacks. The goal of this work is to help software developers and security specialists in measuring npm supply chain weak link signals to prevent future supply chain attacks by empirically studying npm package metadata.

In this paper, we analyzed the metadata of 1.63 million JavaScript npm packages. We propose six signals of security weaknesses in a software supply chain, such as the presence of install scripts, maintainer accounts associated with an expired email domain, and inactive packages with inactive maintainers. One of our case studies identified 11 malicious packages from the install scripts signal. We also found 2,818 maintainer email addresses associated with expired domains, allowing an attacker to hijack 8,494 packages by taking over the npm accounts. We obtained feedback on our weak link signals through a survey responded to by 470 npm package developers. The majority of the developers supported three out of our six proposed weak link signals. The developers also indicated that they would want to be notified about weak links signals before using third-party packages. Additionally, we discussed eight new signals suggested by package developers.

Mead, Nancy R..  2022.  Critical Infrastructure Protection and Supply Chain Risk Management. 2022 IEEE 30th International Requirements Engineering Conference Workshops (REW). :215—218.
Critical infrastructure is a key area in cybersecurity. In the U.S., it was front and center in 1997 with the report from the President’s Commission on Critical Infrastructure Protection (PCCIP), and now affects countries worldwide. Critical Infrastructure Protection must address all types of cybersecurity threats - insider threat, ransomware, supply chain risk management issues, and so on. Unsurprisingly, in the past 25 years, the risks and incidents have increased rather than decreased and appear in the news daily. As an important component of critical infrastructure protection, secure supply chain risk management must be integrated into development projects. Both areas have important implications for security requirements engineering.
[Anonymous].  Submitted.  Security Challenges of Blockchain-Based Supply Chain Systems.
Blockchain has revolutionized supply chain system security, especially with Internet of Things integration. Deploying blockchain in the supply chain incorporates immutability, transparency, and traceability mechanisms that promote secure data sharing and interactions between stakeholders in trustless environments. A blockchain-based supply chain as a layered architecture consists of three main layers: supply chain, blockchain, and IoT. This type of system is safer and more transparent, with better traceability than traditional supply chain; however, the system faces several security issues. This paper briefly discusses the primary security challenges related to blockchain-based supply chain systems.
Skrodelis, Heinrihs Kristians, Romanovs, Andrejs.  2021.  Cyber-physical Risk Security Framework Development in Digital Supply Chains. 2021 62nd International Scientific Conference on Information Technology and Management Science of Riga Technical University (ITMS). :1—5.

The aim of this study is to determine the current challenges related to security and trust issues in digital supply chains. The development of information and communication technologies (ICT) has improved the efficiency of supply chains, while creating new vulnerabilities and increasing the likelihood of security threats. Previous studies lack the physical security aspect, so the emphasis is on the security of cyber-physical systems. In order to achieve the goal of the study, traditional and digital supply chains, their security risks and main differences were examined. A security framework for cyber-physical risks in digital supply chains was developed.

Vo, Khoa Tan, Nguyen-Thi, Anh-Thu, Nguyen-Hoang, Tu-Anh.  2021.  Building Sustainable Food Supply Chain Management System Based On Hyperledger Fabric Blockchain. 2021 15th International Conference on Advanced Computing and Applications (ACOMP). :9—16.

Quality assurance and food safety are the most problem that the consumers are special care. To solve this problem, the enterprises must improve their food supply chain management system. In addition to tracking and storing orders and deliveries, it also ensures transparency and traceability of food production and transportation. This is a big challenge that the food supply chain system using the client-server model cannot meet with the requirements. Blockchain was first introduced to provide distributed records of digital currency exchanges without reliance on centralized management agencies or financial institutions. Blockchain is a disruptive technology that can improve supply chain related transactions, enable to access data permanently, data security, and provide a distributed database. In this paper, we propose a method to design a food supply chain management system base on Blockchain technology that is capable of bringing consumers’ trust in food traceability as well as providing a favorable supply and transaction environment. Specifically, we design a system architecture that is capable of controlling and tracking the entire food supply chain, including production, processing, transportation, storage, distribution, and retail. We propose the KDTrace system model and the Channel of KDTrace network model. The Smart contract between the organizations participating in the transaction is implemented in the Channel of KDTrace network model. Therefore, our supply chain system can decrease the problem of data explosion, prevent data tampering and disclosure of sensitive information. We have built a prototype based on Hyperledger Fabric Blockchain. Through the prototype, we demonstrated the effectiveness of our method and the suitability of the use cases in a supply chain. Our method that uses Blockchain technology can improve efficiency and security of the food supply chain management system compared with traditional systems, which use a clientserver model.

Ofori-Yeboah, Abel, Addo-Quaye, Ronald, Oseni, Waheed, Amorin, Prince, Agangmikre, Conrad.  2021.  Cyber Supply Chain Security: A Cost Benefit Analysis Using Net Present Value. 2021 International Conference on Cyber Security and Internet of Things (ICSIoT). :49—54.

Cyber supply chain (CSC) security cost effectiveness should be the first and foremost decision to consider when integrating various networks in supplier inbound and outbound chains. CSC systems integrate different organizational network systems nodes such as SMEs and third-party vendors for business processes, information flows, and delivery channels. Adversaries are deploying various attacks such as RAT and Island-hopping attacks to penetrate, infiltrate, manipulate and change delivery channels. However, most businesses fail to invest adequately in security and do not consider analyzing the long term benefits of that to monitor and audit third party networks. Thus, making cost benefit analysis the most overriding factor. The paper explores the cost-benefit analysis of investing in cyber supply chain security to improve security. The contribution of the paper is threefold. First, we consider the various existing cybersecurity investments and the supply chain environment to determine their impact. Secondly, we use the NPV method to appraise the return on investment over a period of time. The approach considers other methods such as the Payback Period and Internal Rate of Return to analyze the investment appraisal decisions. Finally, we propose investment options that ensure CSC security performance investment appraisal, ROI, and business continuity. Our results show that NVP can be used for cost-benefit analysis and to appraise CSC system security to ensure business continuity planning and impact assessment.

Hadi, Ameer Khadim, Salem, Shahad.  2021.  A proposed methodology to use a Block-chain in Supply Chain Traceability. 2021 4th International Iraqi Conference on Engineering Technology and Their Applications (IICETA). :313—317.

Increasing consumer experience and companies inner quality presents a direct demand of different requirements on supply chain traceability. Typically, existing solutions have separate data storages which eventually provide limited support when multiple individuals are included. Therefore, the block-chain-based methods are utilized to defeat these deficiencies by generating digital illustrations of real products to following several objects at the same time. Nevertheless, they actually cannot identify the change of products in manufacturing methods. The connection between components included in the production decreased, whereby the ability to follow a product’s origin reduced consequently. In this paper, a methodology is recommended which involves using a Block-chain in Supply Chain Traceability, to solve the issues of manipulations and changes in data and product source. The method aims to improve the product’s origin transparency. Block-chain technology produces a specific method of storing data into a ledger, which is raised on many end-devices such as servers or computers. Unlike centralized systems, the records of the present system are encrypted and make it difficult to be manipulated. Accordingly, this method manages the product’s traceability changes. The recommended system is performed for the cheese supply chain. The result were found to be significant in terms of increasing food security and distributors competition.

Jayaprasanna, M.C., Soundharya, V.A., Suhana, M., Sujatha, S..  2021.  A Block Chain based Management System for Detecting Counterfeit Product in Supply Chain. 2021 Third International Conference on Intelligent Communication Technologies and Virtual Mobile Networks (ICICV). :253—257.

In recent years, Counterfeit goods play a vital role in product manufacturing industries. This Phenomenon affects the sales and profit of the companies. To ensure the identification of real products throughout the supply chain, a functional block chain technology used for preventing product counterfeiting. By using a block chain technology, consumers do not need to rely on the trusted third parties to know the source of the purchased product safely. Any application that uses block chain technology as a basic framework ensures that the data content is “tamper-resistant”. In view of the fact that a block chain is the decentralized, distributed and digital ledger that stores transactional records known as blocks of the public in several databases known as chain across many networks. Therefore, any involved block cannot be changed in advance, without changing all subsequent block. In this paper, counterfeit products are detected using barcode reader, where a barcode of the product linked to a Block Chain Based Management (BCBM) system. So the proposed system may be used to store product details and unique code of that product as blocks in database. It collects the unique code from the customer and compares the code against entries in block chain database. If the code matches, it will give notification to the customer, otherwise it gets information from the customer about where they bought the product to detect counterfeit product manufacturer.

Li, Zhihong.  2021.  Remolding of the Supply Chain Development Mode Based on the Block Chain Technology. 2021 International Conference on Computer, Blockchain and Financial Development (CBFD). :392—395.

The supply chain has been much developed with the internet technology being used in the business world. Some issues are becoming more and more evident than before in the course of the fast evolution of the supply chain. Among these issues, the remarkable problems include low efficiency of communication, insufficient operational outcomes and lack of the credit among the participants in the whole chain. The main reasons to cause these problems lie in the isolated information unable to be traced and in the unclear responsibility, etc. In recent years, the block chain technology has been growing fast. Being decentralized, traceable and unable to be distorted, the block chain technology is well suitable for solving the problems existing in the supply chain. Therefore, the paper first exposes the traditional supply chain mode and the actual situation of the supply chain management. Then it explains the block chain technology and explores the application & effects of the block chain technology in the traditional supply chain. Next, a supply chain style is designed on the base of the block chain technology. Finally the potential benefits of the remolded supply chain are foreseen if it is applied in the business field.

Palmo, Yangchen, Tanimoto, Shigeaki, Sato, Hiroyuki, Kanai, Atsushi.  2021.  IoT Reliability Improvement Method for Secure Supply Chain Management. 2021 IEEE 10th Global Conference on Consumer Electronics (GCCE). :364—365.

With the rapid development of IoT in recent years, IoT is increasingly being used as an endpoint of supply chains. In general, as the majority of data is now being stored and shared over the network, information security is an important issue in terms of secure supply chain management. In response to cyber security breaches and threats, there has been much research and development on the secure storage and transfer of data over the network. However, there is a relatively limited amount of research and proposals for the security of endpoints, such as IoT linked in the supply chain network. In addition, it is difficult to ensure reliability for IoT itself due to a lack of resources such as CPU power and storage. Ensuring the reliability of IoT is essential when IoT is integrated into the supply chain. Thus, in order to secure the supply chain, we need to improve the reliability of IoT, the endpoint of the supply chain. In this work, we examine the use of IoT gateways, client certificates, and IdP as methods to compensate for the lack of IoT resources. The results of our qualitative evaluation demonstrate that using the IdP method is the most effective.

Wang, Wan, Xu, Fengjiao, Zhang, Chao, Qin, Tingxin.  2021.  Analysis on security management for supply chain under Emergencies. 2021 International Conference on Public Management and Intelligent Society (PMIS). :208—211.

Focusing on security management for supply chain under emergencies, this paper analyzes the characteristics of supply chain risk, clarifies the relationship between business continuity management and security management for supply chain, organizational resilience and security management for supply chain separately, so as to propose suggestions to promote the realization of security management for supply chain combined these two concepts, which is of guiding significance for security management for supply chain and quality assurance of products and services under emergencies.

Pranesh, S.A., Kannan V., Vignesh, Viswanathan, N., Vijayalakshmi, M..  2020.  Design and Analysis of Incentive Mechanism for Ethereum-based Supply Chain Management Systems. 2020 11th International Conference on Computing, Communication and Networking Technologies (ICCCNT). :1—6.
Blockchain is becoming more popular because of its decentralized, secured, and transparent nature. Supply chain and its management is indispensable to improve customer services, reduce operating costs and improve financial position of a firm. Integration of blockchain and supply chain is substantial, but it alone is not enough for the sustainability of supply chain systems. The proposed mechanism speaks about the method of rewarding the supply chain parties with incentives so as to improve the security and make the integration of supply chain with blockchain sustainable. The proposed incentive mechanism employs the co-operative approach of game theory where all the supply chain parties show a cooperative behavior of following the blockchain-based supply chain protocols and also this mechanism makes a fair attempt in rewarding the supply chain parties with incentives.
Wei, Yihang.  2020.  Blockchain-based Data Traceability Platform Architecture for Supply Chain Management. :77—85.
{With the rapid development of economic globalization, cooperation between countries, between enterprises, has become a key factor whether country and enterprises can make great economic progress. In these cooperation processes, it is necessary to trace the source of business data or log data for auditing and accountability. However, multi-party enterprises participating in cooperation often do not trust each other, and the separate accounting of the enterprises leads to isolated islands of information, which makes it difficult to trace the entire life cycle of the data. Therefore, there is an urgent need for a mechanism that can establish distributed trustworthiness among multiparty organizations that do not trust each other, and provide a tamper-resistant data storage mechanism to achieve credible traceability of data. This work proposes a data traceability platform architecture design plan for supply chain management based on the multi-disciplinary knowledge and technology of the Fabric Alliance chain architecture, perceptual identification technology, and cryptographic knowledge. At the end of the paper, the characteristics and shortcomings of data traceability of this scheme are evaluated.
Pennekamp, Jan, Alder, Fritz, Matzutt, Roman, Mühlberg, Jan Tobias, Piessens, Frank, Wehrle, Klaus.  2020.  Secure End-to-End Sensing in Supply Chains. 2020 IEEE Conference on Communications and Network Security (CNS). :1—6.
Trust along digitalized supply chains is challenged by the aspect that monitoring equipment may not be trustworthy or unreliable as respective measurements originate from potentially untrusted parties. To allow for dynamic relationships along supply chains, we propose a blockchain-backed supply chain monitoring architecture relying on trusted hardware. Our design provides a notion of secure end-to-end sensing of interactions even when originating from untrusted surroundings. Due to attested checkpointing, we can identify misinformation early on and reliably pinpoint the origin. A blockchain enables long-term verifiability for all (now trustworthy) IoT data within our system even if issues are detected only after the fact. Our feasibility study and cost analysis further show that our design is indeed deployable in and applicable to today’s supply chain settings.
Zhang, Yi, Song, Yurong, Jiang, Guoping, Yu, Bin.  2020.  Modeling of Layered Supply Chain Network Considering Similarity. 2020 Chinese Control And Decision Conference (CCDC). :3894—3900.
The supply chain network is a complex network with the risk of cascading failure. To study the cascading failure in it, an accurate supply chain network model needs to be established. In this paper, we construct a layered supply chain network model according to the types of companies in real supply chain networks. We first define the similarity between companies in the same layer by studying real-world scenarios in supply chain networks. Then, considering both the node degree and the similarity between nodes in the same layer, we propose preferential attachment probability formulas for the new nodes to join the exist network. Finally, the evolution steps of the model are summarized. We analyze the structural characteristics of the new model. The results show that the new model has scale-free property and small-world property, which conform to the structural characteristics of the known supply chain networks. Compared with the other network models, it is found that the new model can better describe the actual supply chain network.
Kirillova, Elena A., Shavaev, Azamat A., Wenqi, Xi, Huiting, Guo, Suyu, Wang.  2020.  Information Security of Logistics Services. 2020 International Conference Quality Management, Transport and Information Security, Information Technologies (IT&QM&IS). :103—106.

Information security of logistics services. Information security of logistics services is understood as a complex activity aimed at using information and means of its processing in order to increase the level of protection and normal functioning of the object's information environment. At the same time the main recommendations for ensuring information security of logistics processes include: logistics support of processes for ensuring the security of information flows of the enterprise; assessment of the quality and reliability of elements, reliability and efficiency of obtaining information about the state of logistics processes. However, it is possible to assess the level of information security within the organization's controlled part of the supply chain through levels and indicators. In this case, there are four levels and elements of information security of supply chains.

Sangeetha, A. S., Shunmugan, S., Murugan, G..  2020.  Blockchain for IoT Enabled Supply Chain Management - A Systematic Review. 2020 Fourth International Conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud) (I-SMAC). :48—52.
Blockchain will increase supply chains' productivity and accountability, and have a positive effect on anything from warehousing to distribution to payment. To bridge the supply chain visibility gap, blockchain is being deployed because of its security features like immutability, tamper-resistant and hash proof. Blockchain integration with IoT increases the traceability and verifiability of the supply chain management and drastically eradicates the fraudulent activities including bribery, money laundering, forged checks, sanction violations, misrepresentation of goods and services. Blockchain can help to cross-check the verification, identification and authenticity of IoT devices to reduce the frequency and ramifications of fraud in supply chain management. The epidemic outbreak of SARS-CoV-2 has disrupted many global supply chains. The Geneva-based World Economic Forum declared that SARS-CoV-2 exposed supply chain failures can be tackled by blockchain technology. This paper explores the modern methodologies of supply chain management with integration of blockchain and IoT.
Sobb, Theresa May, Turnbull, Benjamin.  2020.  Assessment of Cyber Security Implications of New Technology Integrations into Military Supply Chains. 2020 IEEE Security and Privacy Workshops (SPW). :128—135.
Military supply chains play a critical role in the acquisition and movement of goods for defence purposes. The disruption of these supply chain processes can have potentially devastating affects to the operational capability of military forces. The introduction and integration of new technologies into defence supply chains can serve to increase their effectiveness. However, the benefits posed by these technologies may be outweighed by significant consequences to the cyber security of the entire defence supply chain. Supply chains are complex Systems of Systems, and the introduction of an insecure technology into such a complex ecosystem may induce cascading system-wide failure, and have catastrophic consequences to military mission assurance. Subsequently, there is a need for an evaluative process to determine the extent to which a new technology will affect the cyber security of military supply chains. This work proposes a new model, the Military Supply Chain Cyber Implications Model (M-SCCIM), that serves to aid military decision makers in understanding the potential cyber security impact of introducing new technologies to supply chains. M-SCCIM is a multiphase model that enables understanding of cyber security and supply chain implications through the lenses of theoretical examinations, pilot applications and system wide implementations.
Kieras, Timothy, Farooq, Muhammad Junaid, Zhu, Quanyan.  2020.  Modeling and Assessment of IoT Supply Chain Security Risks: The Role of Structural and Parametric Uncertainties. 2020 IEEE Security and Privacy Workshops (SPW). :163—170.

Supply chain security threats pose new challenges to security risk modeling techniques for complex ICT systems such as the IoT. With established techniques drawn from attack trees and reliability analysis providing needed points of reference, graph-based analysis can provide a framework for considering the role of suppliers in such systems. We present such a framework here while highlighting the need for a component-centered model. Given resource limitations when applying this model to existing systems, we study various classes of uncertainties in model development, including structural uncertainties and uncertainties in the magnitude of estimated event probabilities. Using case studies, we find that structural uncertainties constitute a greater challenge to model utility and as such should receive particular attention. Best practices in the face of these uncertainties are proposed.