@inbook{94ade9970526483ab86c280d1cb822a7,
title = "Policy Management",
abstract = "Supply chain security has become a growing concern in the security risk analysis of IoT systems. Their highly connected structures have significantly enlarged the attack surface, making it difficult to track the source of the risk posed by malicious or compromised suppliers. This chapter presents a system-scientific framework to study the accountability in IoT supply chains and provides a holistic risk analysis technologically and socio-economically. We develop stylized models and quantitative approaches to evaluate the accountability of the suppliers. Two case studies are used to illustrate accountability measures for scenarios with single and multiple agents. Finally, we present the contract design and cyber insurance as economic solutions to mitigate supply chain risks. They are incentive-compatible mechanisms that encourage truth-telling of the supplier and facilitate reliable accountability investigation for the buyer.",
author = "Tim Kieras and Junaid Farooq and Quanyan Zhu",
note = "Publisher Copyright: {\textcopyright} 2022, The Author(s), under exclusive license to Springer Nature Switzerland AG.",
year = "2022",
doi = "10.1007/978-3-031-08480-5_4",
language = "English (US)",
series = "SpringerBriefs in Computer Science",
publisher = "Springer",
pages = "57--106",
booktitle = "SpringerBriefs in Computer Science",
}