Modeling and assessment of IoT supply chain security risks: The role of structural and parametric uncertainties

Timothy Kieras, Muhammad Junaid Farooq, Quanyan Zhu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Supply chain security threats pose new challenges to security risk modeling techniques for complex ICT systems such as the IoT. With established techniques drawn from attack trees and reliability analysis providing needed points of reference, graph-based analysis can provide a framework for considering the role of suppliers in such systems. We present such a framework here while highlighting the need for a component-centered model. Given resource limitations when applying this model to existing systems, we study various classes of uncertainties in model development, including structural uncertainties and uncertainties in the magnitude of estimated event probabilities. Using case studies, we find that structural uncertainties constitute a greater challenge to model utility and as such should receive particular attention. Best practices in the face of these uncertainties are proposed.

Original languageEnglish (US)
Title of host publicationProceedings - 2020 IEEE Symposium on Security and Privacy Workshops, SPW 2020
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages163-170
Number of pages8
ISBN (Electronic)9781728193465
DOIs
StatePublished - May 2020
Event2020 IEEE Symposium on Security and Privacy Workshops, SPW 2020 - Virtual, San Francisco, United States
Duration: May 21 2020 → …

Publication series

NameProceedings - 2020 IEEE Symposium on Security and Privacy Workshops, SPW 2020

Conference

Conference2020 IEEE Symposium on Security and Privacy Workshops, SPW 2020
Country/TerritoryUnited States
CityVirtual, San Francisco
Period5/21/20 → …

Keywords

  • Information technology
  • Internet of things
  • Operational technology
  • Risk assessment
  • Security
  • Supply chain

ASJC Scopus subject areas

  • Artificial Intelligence
  • Computer Networks and Communications
  • Civil and Structural Engineering
  • Safety, Risk, Reliability and Quality
  • Analysis

Fingerprint

Dive into the research topics of 'Modeling and assessment of IoT supply chain security risks: The role of structural and parametric uncertainties'. Together they form a unique fingerprint.

Cite this