Visible to the public Biblio

Filters: Keyword is Supply chains  [Clear All Filters]
Patnaik, Satwik, Ashraf, Mohammed, Sinanoglu, Ozgur, Knechtel, Johann.  2018.  Best of Both Worlds: Integration of Split Manufacturing and Camouflaging into a Security-Driven CAD Flow for 3D ICs. 2018 IEEE/ACM International Conference on Computer-Aided Design (ICCAD). :1—8.

With the globalization of manufacturing and supply chains, ensuring the security and trustworthiness of ICs has become an urgent challenge. Split manufacturing (SM) and layout camouflaging (LC) are promising techniques to protect the intellectual property (IP) of ICs from malicious entities during and after manufacturing (i.e., from untrusted foundries and reverse-engineering by end-users). In this paper, we strive for “the best of both worlds,” that is of SM and LC. To do so, we extend both techniques towards 3D integration, an up-and-coming design and manufacturing paradigm based on stacking and interconnecting of multiple chips/dies/tiers. Initially, we review prior art and their limitations. We also put forward a novel, practical threat model of IP piracy which is in line with the business models of present-day design houses. Next, we discuss how 3D integration is a naturally strong match to combine SM and LC. We propose a security-driven CAD and manufacturing flow for face-to-face (F2F) 3D ICs, along with obfuscation of interconnects. Based on this CAD flow, we conduct comprehensive experiments on DRC-clean layouts. Strengthened by an extensive security analysis (also based on a novel attack to recover obfuscated F2F interconnects), we argue that entering the next, third dimension is eminent for effective and efficient IP protection.

Shey, James, Karimi, Naghmeh, Robucci, Ryan, Patel, Chintan.  2018.  Design-Based Fingerprinting Using Side-Channel Power Analysis for Protection Against IC Piracy. 2018 IEEE Computer Society Annual Symposium on VLSI (ISVLSI). :614—619.
Intellectual property (IP) and integrated circuit (IC) piracy are of increasing concern to IP/IC providers because of the globalization of IC design flow and supply chains. Such globalization is driven by the cost associated with the design, fabrication, and testing of integrated circuits and allows avenues for piracy. To protect the designs against IC piracy, we propose a fingerprinting scheme based on side-channel power analysis and machine learning methods. The proposed method distinguishes the ICs which realize a modified netlist, yet same functionality. Our method doesn't imply any hardware overhead. We specifically focus on the ability to detect minimal design variations, as quantified by the number of logic gates changed. Accuracy of the proposed scheme is greater than 96 percent, and typically 99 percent in detecting one or more gate-level netlist changes. Additionally, the effect of temperature has been investigated as part of this work. Results depict 95.4 percent accuracy in detecting the exact number of gate changes when data and classifier use the same temperature, while training with different temperatures results in 33.6 percent accuracy. This shows the effectiveness of building temperature-dependent classifiers from simulations at known operating temperatures.
Holland, Martin, Stjepandić, Josip, Nigischer, Christopher.  2018.  Intellectual Property Protection of 3D Print Supply Chain with Blockchain Technology. 2018 IEEE International Conference on Engineering, Technology and Innovation (ICE/ITMC). :1—8.
Within “Industrie 4.0” approach 3D printing technology is characterized as one of the disruptive innovations. Conventional supply chains are replaced by value-added networks. The spatially distributed development of printed components, e.g. for the rapid delivery of spare parts, creates a new challenge when differentiating between “original part”, “copy” or “counterfeit” becomes necessary. This is especially true for safety-critical products. Based on these changes classic branded products adopt the characteristics of licensing models as we know them in the areas of software and digital media. This paper describes the use of digital rights management as a key technology for the successful transition to Additive Manufacturing methods and a key for its commercial implementation and the prevention of intellectual property theft. Risks will be identified along the process chain and solution concepts are presented. These are currently being developed by an 8-partner project named SAMPL (Secure Additive Manufacturing Platform).
Gorodnichev, Mikhail G., Nazarova, Anastasia N., Moseva, Marina S..  2019.  Development of Platform for Confirming and Storing Supply Data Using Blockchain Technology. 2019 International Conference "Quality Management, Transport and Information Security, Information Technologies" (IT QM IS). :182–185.

This article is devoted to the development of a platform for reliable storage of information on supplies based on blockchain technology. The article discusses the main approaches to the work of decentralized applications, as well as the main problems.

Liang, Shiaofang, Li, Mingchen, Li, Wenjing.  2019.  Research on Traceability Algorithm of Logistics Service Transaction Based on Blockchain. 2019 18th International Symposium on Distributed Computing and Applications for Business Engineering and Science (DCABES). :186–189.

The traditional logistics transaction lacks a perfect traceability mechanism, and the data information's integrity and safety are not guaranteed in the existing traceability system. In order to solve the problem of main body responsibility caused by the participation of many stakeholders and the uncompleted supervision system in the process of logistics service transaction, This paper proposes a traceability algorithm for logistics service transactions based on blockchain. Based on the logistics service supply chain and alliance chain, the paper firstly investigates the traditional logistics service supply chain, analyzes the existing problems, and combines the structural characteristics of the blockchain to propose a decentralized new logistics service supply chain concept model based on blockchain. Then, using Globe sandara 1 to standardize the physical products and data circulating in the new logistics service supply chain, form unified and standard traceable data, and propose a multi-dimensional traceable data model based on logistics service supply chain. Based on the proposed model, combined with the business process of the logistics service supply chain and asymmetric encryption, a blockchain-based logistics service transaction traceability algorithm is designed. Finally, the simulation results show that the algorithm realizes the end-to-end traceability of the logistics service supply chain, and the service transaction is transparent while ensuring the integrity and security of the data.

Yousuf, Soha, Svetinovic, Davor.  2019.  Blockchain Technology in Supply Chain Management: Preliminary Study. 2019 Sixth International Conference on Internet of Things: Systems, Management and Security (IOTSMS). :537–538.

Despite significant research, the supply chain management challenges still have a long way to go with respect to solving the issues such as management of product supply information, product lifecycle, transport history, etc. Given the recent rise of blockchain technology in various industrial sectors, our work explores the issues prevalent in each stage of the supply chain and checks their candidacy for the implementation using blockchain technology. The analysis is performed in terms of the characteristics of trust and decentralization with respect to forming a generalized framework. The main contribution of this work is to create a conceptual overview of the areas where blockchain integrates with supply chain management in order to benefit further research and development.

Kumar, Randhir, Tripathi, Rakesh.  2019.  Traceability of Counterfeit Medicine Supply Chain through Blockchain. 2019 11th International Conference on Communication Systems Networks (COMSNETS). :568–570.

The main issues with drug safety in the counterfeit medicine supply chain, are to do with how the drugs are initially manufactured. The traceability of right and active pharmaceutical ingredients during actual manufacture is a difficult process, so detecting drugs that do not contain the intended active ingredients can ultimately lead to end-consumer patient harm or even death. Blockchain's advanced features make it capable of providing a basis for complete traceability of drugs, from manufacturer to end consumer, and the ability to identify counterfeit-drug. This paper aims to address the issue of drug safety using Blockchain and encrypted QR(quick response) code security.

Zhang, Haibo, Nakamura, Toru, Sakurai, Kouichi.  2019.  Security and Trust Issues on Digital Supply Chain. 2019 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech). :338–343.

This exploratory investigation aims to discuss current status and challenges, especially in aspect of security and trust problems, of digital supply chain management system with applying some advanced information technologies, such as Internet of Things, cloud computing and blockchain, for improving various system performance and properties, i.e. transparency, visibility, accountability, traceability and reliability. This paper introduces the general histories and definitions, in terms of information science, of the supply chain and relevant technologies which have been applied or are potential to be applied on supply chain with purpose of lowering cost, facilitating its security and convenience. It provides a comprehensive review of current relative research work and industrial cases from several famous companies. It also illustrates requirements or performance of digital supply chain system, security management and trust issues. Finally, this paper concludes several potential or existing security issues and challenges which supply chain management is facing.

Wu, Hanqing, Cao, Jiannong, Yang, Yanni, Tung, Cheung Leong, Jiang, Shan, Tang, Bin, Liu, Yang, Wang, Xiaoqing, Deng, Yuming.  2019.  Data Management in Supply Chain Using Blockchain: Challenges and a Case Study. 2019 28th International Conference on Computer Communication and Networks (ICCCN). :1–8.

Supply chain management (SCM) is fundamental for gaining financial, environmental and social benefits in the supply chain industry. However, traditional SCM mechanisms usually suffer from a wide scope of issues such as lack of information sharing, long delays for data retrieval, and unreliability in product tracing. Recent advances in blockchain technology show great potential to tackle these issues due to its salient features including immutability, transparency, and decentralization. Although there are some proof-of-concept studies and surveys on blockchain-based SCM from the perspective of logistics, the underlying technical challenges are not clearly identified. In this paper, we provide a comprehensive analysis of potential opportunities, new requirements, and principles of designing blockchain-based SCM systems. We summarize and discuss four crucial technical challenges in terms of scalability, throughput, access control, data retrieval and review the promising solutions. Finally, a case study of designing blockchain-based food traceability system is reported to provide more insights on how to tackle these technical challenges in practice.

Gawanmeh, Amjad, Parvin, Sazia, Venkatraman, Sitalakshmi, de Souza-Daw, Tony, Kang, James, Kaspi, Samuel, Jackson, Joanna.  2019.  A Framework for Integrating Big Data Security Into Agricultural Supply Chain. 2019 IEEE Fifth International Conference on Big Data Computing Service and Applications (BigDataService). :191–194.

In the era of mass agriculture to keep up with the increasing demand for food production, advanced monitoring systems are required in order to handle several challenges such as perishable products, food waste, unpredictable supply variations and stringent food safety and sustainability requirements. The evolution of Internet of Things have provided means for collecting, processing, and communicating data associated with agricultural processes. This have opened several opportunities to sustain, improve productivity and reduce waste in every step in the food supply chain system. On the hand, this resulted in several new challenges, such as, the security of the data, recording and representation of data, providing real time control, reliability of the system, and dealing with big data. This paper proposes an architecture for security of big data in the agricultural supply chain management system. This can help in reducing food waste, increasing the reliability of the supply chain, and enhance the performance of the food supply chain system.

Tychalas, Dimitrios, Keliris, Anastasis, Maniatakos, Michail.  2019.  LED Alert: Supply Chain Threats for Stealthy Data Exfiltration in Industrial Control Systems. 2019 IEEE 25th International Symposium on On-Line Testing and Robust System Design (IOLTS). :194–199.

Industrial Internet-of-Things has been touted as the next revolution in the industrial domain, offering interconnectivity, independence, real-time operation, and self-optimization. Integration of smart systems, however, bridges the gap between information and operation technology, creating new avenues for attacks from the cyber domain. The dismantling of this air-gap, in conjunction with the devices' long lifespan -in the range of 20-30 years-, motivates us to bring the attention of the community to emerging advanced persistent threats. We demonstrate a threat that bridges the air-gap by leaking data from memory to analog peripherals through Direct Memory Access (DMA), delivered as a firmware modification through the supply chain. The attack automatically adapts to a target device by leveraging the Device Tree and resides solely in the peripherals, completely transparent to the main CPU, by judiciously short-circuiting specific components. We implement this attack on a commercial Programmable Logic Controller, leaking information over the available LEDs. We evaluate the presented attack vector in terms of stealthiness, and demonstrate no observable overhead on both CPU performance and DMA transfer speed. Since traditional anomaly detection techniques would fail to detect this firmware trojan, this work highlights the need for industrial control system-appropriate techniques that can be applied promptly to installed devices.

Xuefeng, He, Chi, Zhang, Yuewu, Jing, Xingzheng, Ai.  2019.  Risk Evaluation of Agricultural Product Supply Chain Based on BP Neural Network. 2019 16th International Conference on Service Systems and Service Management (ICSSSM). :1–8.

The potential risk of agricultural product supply chain is huge because of the complex attributes specific to it. Actually the safety incidents of edible agricultural product emerge frequently in recent years, which expose the fragility of the agricultural product supply chain. In this paper the possible risk factors in agricultural product supply chain is analyzed in detail, the agricultural product supply chain risk evaluation index system and evaluation model are established, and an empirical analysis is made using BP neural network method. The results show that the risk ranking of the simulated evaluation is consistent with the target value ranking, and the risk assessment model has a good generalization and extension ability, and the model has a good reference value for preventing agricultural product supply chain risk.

Salamai, Abdullah, Hussain, Omar, Saberi, Morteza.  2019.  Decision Support System for Risk Assessment Using Fuzzy Inference in Supply Chain Big Data. 2019 International Conference on High Performance Big Data and Intelligent Systems (HPBD IS). :248–253.

Currently, organisations find it difficult to design a Decision Support System (DSS) that can predict various operational risks, such as financial and quality issues, with operational risks responsible for significant economic losses and damage to an organisation's reputation in the market. This paper proposes a new DSS for risk assessment, called the Fuzzy Inference DSS (FIDSS) mechanism, which uses fuzzy inference methods based on an organisation's big data collection. It includes the Emerging Association Patterns (EAP) technique that identifies the important features of each risk event. Then, the Mamdani fuzzy inference technique and several membership functions are evaluated using the firm's data sources. The FIDSS mechanism can enhance an organisation's decision-making processes by quantifying the severity of a risk as low, medium or high. When it automatically predicts a medium or high level, it assists organisations in taking further actions that reduce this severity level.

Akinrolabu, Olusola, New, Steve, Martin, Andrew.  2019.  Assessing the Security Risks of Multicloud SaaS Applications: A Real-World Case Study. 2019 6th IEEE International Conference on Cyber Security and Cloud Computing (CSCloud)/ 2019 5th IEEE International Conference on Edge Computing and Scalable Cloud (EdgeCom). :81–88.

Cloud computing is widely believed to be the future of computing. It has grown from being a promising idea to one of the fastest research and development paradigms of the computing industry. However, security and privacy concerns represent a significant hindrance to the widespread adoption of cloud computing services. Likewise, the attributes of the cloud such as multi-tenancy, dynamic supply chain, limited visibility of security controls and system complexity, have exacerbated the challenge of assessing cloud risks. In this paper, we conduct a real-world case study to validate the use of a supply chaininclusive risk assessment model in assessing the risks of a multicloud SaaS application. Using the components of the Cloud Supply Chain Cyber Risk Assessment (CSCCRA) model, we show how the model enables cloud service providers (CSPs) to identify critical suppliers, map their supply chain, identify weak security spots within the chain, and analyse the risk of the SaaS application, while also presenting the value of the risk in monetary terms. A key novelty of the CSCCRA model is that it caters for the complexities involved in the delivery of SaaS applications and adapts to the dynamic nature of the cloud, enabling CSPs to conduct risk assessments at a higher frequency, in response to a change in the supply chain.

Hou, Ye, Such, Jose, Rashid, Awais.  2019.  Understanding Security Requirements for Industrial Control System Supply Chains. 2019 IEEE/ACM 5th International Workshop on Software Engineering for Smart Cyber-Physical Systems (SEsCPS). :50–53.

We address the need for security requirements to take into account risks arising from complex supply chains underpinning cyber-physical infrastructures such as industrial control systems (ICS). We present SEISMiC (SEcurity Industrial control SysteM supply Chains), a framework that takes into account the whole spectrum of security risks - from technical aspects through to human and organizational issues - across an ICS supply chain. We demonstrate the effectiveness of SEISMiC through a supply chain risk assessment of Natanz, Iran's nuclear facility that was the subject of the Stuxnet attack.

Robert, Henzel, Georg, Herzwurm.  2018.  A preliminary approach towards the trust issue in cloud manufacturing using grounded theory: Defining the problem domain. 2018 4th International Conference on Universal Village (UV). :1–6.
In Cloud Manufacturing trust is an important, under investigated issue. This paper proceeds the noncommittal phase of the grounded theory method approach by investigating the trust topic in several research streams, defining the problem domain. This novel approach fills a research gap and can be treated as a snapshot and blueprint of research. Findings were accomplished by a structured literature review and are able to help future researchers in pursuing the integrative phase in Grounded Theory by building on the preliminary result of this paper.
Xu, L., Chen, L., Gao, Z., Chang, Y., Iakovou, E., Shi, W..  2018.  Binding the Physical and Cyber Worlds: A Blockchain Approach for Cargo Supply Chain Security Enhancement. 2018 IEEE International Symposium on Technologies for Homeland Security (HST). :1–5.

Maritime transportation plays a critical role for the U.S. and global economies, and has evolved into a complex system that involves a plethora of supply chain stakeholders spread around the globe. The inherent complexity brings huge security challenges including cargo loss and high burdens in cargo inspection against illicit activities and potential terrorist attacks. The emerging blockchain technology provides a promising tool to build a unified maritime cargo tracking system critical for cargo security. However, most existing efforts focus on transportation data itself, while ignoring how to bind the physical cargo movements and information managed by the system consistently. This can severely undermine the effectiveness of securing cargo transportation. To fulfill this gap, we propose a binding scheme leveraging a novel digital identity management mechanism. The digital identity management mechanism maps the best practice in the physical world to the cyber world and can be seamlessly integrated with a blockchain-based cargo management system.

Akcay, A., Martagan, T., Corlu, C. G..  2018.  RISK ASSESSMENT IN PHARMACEUTICAL SUPPLY CHAINS UNDER UNKNOWN INPUT-MODEL PARAMETERS. 2018 Winter Simulation Conference (WSC). :3132–3143.
We consider a pharmaceutical supply chain where the manufacturer sources a customized product with unique attributes from a set of unreliable suppliers. We model the likelihood of a supplier to successfully deliver the product via Bayesian logistic regression and use simulation to obtain the posterior distribution of the unknown parameters of this model. We study the role of so-called input-model uncertainty in estimating the likelihood of the supply failure, which is the probability that none of the suppliers in a given supplier portfolio can successfully deliver the product. We investigate how the input-model uncertainty changes with respect to the characteristics of the historical data on the past realizations of the supplier performances and the product attributes.
Hassan, M. H., Mostafa, S. A., Mustapha, A., Wahab, M. H. Abd, Nor, D. Md.  2018.  A Survey of Multi-Agent System Approach in Risk Assessment. 2018 International Symposium on Agent, Multi-Agent Systems and Robotics (ISAMSR). :1–6.
Risk Assessment is a foundation of decision-making about a future project behaviour or action. The related decision made might entail further analyzes to perform risk- reduction. The risk is a general phenomenon that takes different depicts and types. Static risk and its circumstances do not significantly change over time while dynamic risk arises out of the changes in interrelated circumstances. A Multi-Agent System (MAS) approach has become a popular tool to tackle different problems that relate to risk. The MAS helps in the decision aid processes and when responding to the consequences of the risk. This paper surveys some of the existing methods and techniques of risk assessment in different application domains. The survey focuses on the employment of MAS approach in risk assessment. The survey outcomes an illustration of the roles and contributions of the MAS in the Dynamic Risk Assessment (DRA) field.
Lesisa, T. G., Marnewick, A., Nel, H..  2018.  The Identification of Supplier Selection Criteria Within a Risk Management Framework Towards Consistent Supplier Selection. 2018 IEEE International Conference on Industrial Engineering and Engineering Management (IEEM). :913–917.
The aim of the study is to evaluate the consistency of supplier risk assessment performed during the supplier selection process. Existing literature indicates that current supplier selection processes yield inconsistent results. Consistent supplier selection cannot be accomplished without stable risk assessment performed during the process. A case study was conducted in a train manufacturer in South Africa, and document analysis, interviews and questionnaires were employed to source information and data. Triangulation and pattern matching enabled a comparative study between literature and practice from which findings were derived. The study suggests selection criteria that may be considered when performing supplier risk assessment during the selection process. The findings indicate that structured supplier risk assessment with predefined supplier selection criteria may eliminate inconsistencies in supplier assessment and selection.
Winter, A., Deniaud, I., Marmier, F., Caillaud, E..  2018.  A risk assessment model for supply chain design. Implementation at Kuehne amp;\#x002B; Nagel Luxembourg. 2018 4th International Conference on Logistics Operations Management (GOL). :1–8.
Every company may be located at the junction of several Supply Chains (SCs) to meet the requirements of many different end customers. To achieve a sustainable competitive advantage over its business rivals, a company needs to continuously improve its relations to its different stakeholders as well as its performance in terms of integrating its decision processes and hence, its communication and information systems. Furthermore, customers' growing awareness of green and sustainable matters and new national and international regulations force enterprises to rethink their whole system. In this paper we propose a model to quantify the identified potential risks to assist in designing or re-designing a supply chain. So that managers may take adequate decisions to have the continuing ability of satisfying customers' requirements. A case study, developed at kuehne + nagel Luxembourg is provided.
Wang, Yuxin, Hulstijn, Joris, Tan, Yao-hua.  2018.  Regulatory Supervision with Computational Audit in International Supply Chains. Proceedings of the 19th Annual International Conference on Digital Government Research: Governance in the Data Age. :1:1–1:10.
Nowadays, as international trade with cross-border logistics increases, the administrative burden of regulatory authorities has been dramatically raised. In order to reduce repetitive and redundant supervisory controls and promote automatic administration procedures, electronic data interchange (EDI)1 and other forms of information sharing are introduced and implemented. Compliance monitoring ensures data quality for information exchange and audit purpose. However, failure to be compliant with various regulations is still a general phenomenon globally among stakeholders in supply chains, leading to more problems such as delay of goods delivery, missing inventory, and security issues. To address these problems, traditional physical auditing methods are widely used but turned out to be time-consuming and costly, especially when multiple stakeholders are involved. Since there is limited empirical research on compliance monitoring for regulatory supervision in international supply chains, we propose a compliance monitoring framework that can be applied with data sharing and analytics. The framework implementation is validated by an extensive case study on customs supervision in the Netherlands using process mining techniques. Practically, both public and private sectors will benefit from our descriptive and prescriptive analytics for audit purposes. Theoretically, our control strategies developed at the operational level facilitates mitigation of risks at root causes.
Matta, R. de, Miller, T..  2018.  A Strategic Manufacturing Capacity and Supply Chain Network Design Contingency Planning Approach. 2018 IEEE Technology and Engineering Management Conference (TEMSCON). :1–6.

We develop a contingency planning methodology for how a firm would build a global supply chain network with reserve manufacturing capacity which can be strategically deployed by the firm in the event actual demand exceeds forecast. The contingency planning approach is comprised of: (1) a strategic network design model for finding the profit maximizing plant locations, manufacturing capacity and inventory investments, and production level and product distribution; and (2) a scenario planning and risk assessment scheme to analyze the costs and benefits of alternative levels of manufacturing capacity and inventory investments. We develop an efficient heuristic procedure to solve the model. We show numerically how a firm would use our approach to explore and weigh the potential upside benefits and downside risks of alternative strategies.

Ma, Y..  2018.  Constructing Supply Chains in Open Source Software. 2018 IEEE/ACM 40th International Conference on Software Engineering: Companion (ICSE-Companion). :458–459.

The supply chain is an extremely successful way to cope with the risk posed by distributed decision making in product sourcing and distribution. While open source software has similarly distributed decision making and involves code and information flows similar to those in ordinary supply chains, the actual networks necessary to quantify and communicate risks in software supply chains have not been constructed on large scale. This work proposes to close this gap by measuring dependency, code reuse, and knowledge flow networks in open source software. We have done preliminary work by developing suitable tools and methods that rely on public version control data to measure and comparing these networks for R language and emberjs packages. We propose ways to calculate the three networks for the entirety of public software, evaluate their accuracy, and to provide public infrastructure to build risk assessment and mitigation tools for various individual and organizational participants in open sources software. We hope that this infrastructure will contribute to more predictable experience with OSS and lead to its even wider adoption.

Palmer, D., Fazzari, S., Wartenberg, S..  2017.  A virtual laboratory approach for risk assessment of aerospace electronics trust techniques. 2017 IEEE Aerospace Conference. :1–8.

This paper describes a novel aerospace electronic component risk assessment methodology and supporting virtual laboratory structure designed to augment existing supply chain management practices and aid in Microelectronics Trust Assurance. This toolkit and methodology applies structure to the unclear and evolving risk assessment problem, allowing quantification of key risks affecting both advanced and obsolete systems that rely on semiconductor technologies. The impacts of logistics & supply chain risk, technology & counterfeit risk, and faulty component risk on trusted and non-trusted procurement options are quantified. The benefits of component testing on part reliability are assessed and incorporated into counterfeit mitigation calculations. This toolkit and methodology seek to assist acquisition staff by providing actionable decision data regarding the increasing threat of counterfeit components by assessing the risks faced by systems, identifying mitigation strategies to reduce this risk, and resolving these risks through the optimal test and procurement path based on the component criticality risk tolerance of the program.