Abstract
Securing the supply chain of information and communications technology (ICT) has recently emerged as a critical concern for national security and integrity. With the proliferation of Internet of Things (IoT) devices and their increasing role in controlling real world infrastructure, there is a need to analyze risks in networked systems beyond established security analyses. Existing methods in literature typically leverage attack and fault trees to analyze malicious activity and its impact. In this chapter, we develop a security risk assessment framework borrowing from system reliability theory to incorporate the supply chain. We also analyze the impact of grouping within suppliers that may pose hidden risks to the systems from malicious supply chain actors. The results show that the proposed analysis is able to reveal hidden threats posed to the IoT ecosystem from potential supplier collusion.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
Hierarchical decomposition refers to a process that takes a component in a system and considers it as a system in itself, returning subsystems and additional components.
- 2.
In other words, given two dependencies a, b ∈ D, there may be some node x such that x ∈ Da and x ∈ Db. In such a case it would be invalid to compute ℓ(D) simply from the suppliers of a and b, denoted by sa and sb respectively, because sa and sb are not independent.
- 3.
The precise legal relationships that may constitute a supplier group are left unspecified here, but may include ownership, partnership, or membership in joint ventures or cartels whether legally recognized or not.
References
C.K. Wu, K.F. Tsang, Y. Liu, H. Zhu, Y. Wei, H. Wang, T.T. Yu, Supply chain of things: A connected solution to enhance supply chain productivity. IEEE Communications Magazine 57(8), 78–83 (2019)
C. Folk, D.C. Hurley, W.K. Kaplow, J.F.X. Payne, The security implications of the Internet of things, AFCEA International Cyber Committee, Gaithersburg, MD, Tech. Rep. (2015)
A. Levite, ICT supply chain integrity: Principles for governmental and corporate policies (2019)
C.S. Tang, Perspectives in supply chain risk management. Int. J. Prod. Econ. 103(2), 451–488 (2006)
T. Omitola, G. Wills, Towards mapping the security challenges of the Internet of things (IoT) supply chain. Procedia Comput. Sci. 126, 441–450 (2018)
R.E. Hiromoto, M. Haney, A. Vakanski, A secure architecture for IoT with supply chain risk management, in 9th IEEE International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications (IDAACS 2017), vol. 1 (2017), pp. 431–435
C. Nissen, J. Gronager, R. Metzger, H. Rishikof, Deliver uncompromised: A strategy for supply chain security and resilience in response to the changing character of war, Mitre Corporation, Tech. Rep. (2018)
J. Boyens, C. Paulsen, R. Moorthy, N. Bartol, Supply chain risk management practices for federal information systems and organizations, National Institute of Standards and Technology, Gaithersburg, MD, Tech. Rep. (2015)
K. Boeckl, M. Fagan, W. Fisher, N. Lefkovitz, K.N. Megas, E. Nadeau, B. Piccarreta, D.G. O’Rourke, K. Scarfone, Considerations for managing Internet of things (IoT) cybersecurity and privacy risks, National Institute of Standards and Technology, Gaithersburg, MD, Tech. Rep. (2019)
Strategic principles for securing the Internet of things, U.S. Department of Homeland Security, Gaithersburg, MD, Tech. Rep. (2016). [Online]. Available: https://www.dhs.gov/sites/default/files/publications/Strategic_Principles_for_Securing_the_Internet_of_Things-2016-1115-FINAL_v2-dg11.pdf
B. Kordy, L. Piètre-Cambacédès, P. Schweitzer, DAG-based attack and defense modeling: Don’t miss the forest for the attack trees. Comput. Sci. Rev. 13, 1–38 (2014)
W. Xiong, R. Lagerström, Threat modeling–a systematic literature review. Comput. Secur. 84, 53 (2019)
R. Zimmerman, Q. Zhu, F. de Leon, Z. Guo, Conceptual modeling framework to integrate resilient and interdependent infrastructure in extreme weather. J. Infrastructure Syst. 23(4), 04017034 (2017)
R. Zimmerman, Q. Zhu, C. Dimitri, Promoting resilience for food, energy, and water interdependencies. J. Environ. Stud. Sci. 6(1), 50–61 (2016)
R. Zimmerman, Q. Zhu, C. Dimitri, A network framework for dynamic models of urban food, energy and water systems (fews). Environ. Prog. Sustain. Energy 37(1), 122–131 (2018)
L. Huang, J. Chen, Q. Zhu, A large-scale Markov game approach to dynamic protection of interdependent infrastructure networks, in International Conference on Decision and Game Theory for Security (Springer, 2017), pp. 357–376
L. Huang, J. Chen, Q. Zhu, Distributed and optimal resilient planning of large-scale interdependent critical infrastructures, in 2018 Winter Simulation Conference (WSC) (IEEE, 2018), pp. 1096–1107
L. Huang, J. Chen, Q. Zhu, A factored MDP approach to optimal mechanism design for resilient large-scale interdependent critical infrastructures, in 2017 Workshop on Modeling and Simulation of Cyber-Physical Energy Systems (MSCPES) (IEEE, 2017), pp. 1–6
B. Schneier, Attack trees: A formal, methodical way of describing the security of systems, based on varying attacks. Dr. Dobb’s J. 12, 21 (1999)
E.G. Amoroso, Fundamentals of Computer Security Technology (PTR Prentice Hall, Englewood Cliffs, 1994)
A. Roy, D.S. Kim, and K.S. Trivedi, Attack countermeasure trees (ACT): towards unifying the constructs of attack and defense trees. Secur. Commun. Netw. 5(8), 929–943 (2012)
J. Homer, S. Zhang, X. Ou, D. Schmidt, Y. Du, S.R. Rajagopalan, A. Singhal, Aggregating vulnerability metrics in enterprise networks using attack graphs. J. Comput. Secur. 21(4), 561–597 (2013)
L. Wang, T. Islam, T. Long, A. Singhal, S. Jajodia, An attack graph-based probabilistic security metric, in IFIP Annual Conference on Data and Applications Security and Privacy (Springer, 2008), pp. 283–296
M. Gribaudo, M. Iacono, S. Marrone, Exploiting bayesian networks for the analysis of combined attack trees. Electron. Notes Theoret. Comput. Sci. 310, 91–111 (2015)
N. Poolsappasit, R. Dewri, I. Ray, Dynamic security risk management using Bayesian attack graphs. IEEE Trans. Dependable Secure Comput. 9(1), 61–74 (2011)
O. Sheyner, J. Haines, S. Jha, R. Lippmann, J.M. Wing, Automated generation and analysis of attack graphs, in Proceedings IEEE Symposium on Security and Privacy (2002), pp. 273–284
X. Ou, W.F. Boyer, M.A. McQueen, A scalable approach to attack graph generation, in Proceedings of the 13th ACM Conference on Computer and Communications Security (2006), pp. 336–345
Z. Qian, J. Fu, Q. Zhu, A receding-horizon MDP approach for performance evaluation of moving target defense in networks, in 2020 IEEE Conference on Control Technology and Applications (CCTA) (IEEE, 2020), pp. 1–7
L. Huang, Q. Zhu, Farsighted risk mitigation of lateral movement using dynamic cognitive honeypots, in International Conference on Decision and Game Theory for Security (Springer, 2020), pp. 125–146
S. Mauw, M. Oostdijk, Foundations of attack trees, in International Conference on Information Security and Cryptology (Springer, 2005), pp. 186–198
S. Jha, O. Sheyner, J. Wing, Two formal analyses of attack graphs, in Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15 (2002), pp. 49–63
M. Rausand, A. Høyland, System Reliability Theory: Models, Statistical Methods, and Applications, vol. 396 (Wiley, 2003)
S. Contini, V. Matuzas, Analysis of large fault trees based on functional decomposition. Reliab. Eng. Syst. Saf. 96(3), 383–390 (2011)
F. Baiardi, C. Telmon, D. Sgandurra, Hierarchical, model-based risk management of critical infrastructures. Reliab. Eng. Syst. Saf. 94(9), 1403–1415 (2009)
D.W. Coit, E. Zio, The evolution of system reliability optimization, Reliab. Eng. Syst. Saf. 192, 106259 (2018)
M. Todinov, Methods for analysis of complex reliability networks, in Risk-Based Reliability Analysis and Generic Principles for Risk Reduction (Elsevier, 2007), pp. 31–58
N. Leveson, Engineering a Safer World: Systems Thinking Applied to Safety (MIT Press, 2011)
D.W. Goodall, A new similarity index based on probability. Biometrics 22(4), 882–907 (1966). [Online]. Available: http://www.jstor.org/stable/2528080
NIST SP 800–30: Guide for conducting risk assessments, National Institute of Standards and Technology, Gaithersburg, MD, Tech. Rep. (2012)
J. Fussell, E. Henry, N. Marshall, MOCUS: A computer program to obtain minimal sets from fault trees, Aerojet Nuclear Co., Idaho Falls, Idaho (USA), Tech. Rep. (1974)
W.S. Lee, D.L. Grosh, F.A. Tillman, C.H. Lie, Fault tree analysis, methods, and applications: A review. IEEE Trans. Reliab. 34(3), 194–203 (1985)
A. Rauzy, Toward an efficient implementation of the MOCUS algorithm. IEEE Trans. Reliab. 52(2), 175–180 (2003)
Author information
Authors and Affiliations
Corresponding authors
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this chapter
Cite this chapter
Kieras, T., Farooq, J., Zhu, Q. (2022). Risk Modeling and Analysis. In: IoT Supply Chain Security Risk Analysis and Mitigation. SpringerBriefs in Computer Science. Springer, Cham. https://doi.org/10.1007/978-3-031-08480-5_2
Download citation
DOI: https://doi.org/10.1007/978-3-031-08480-5_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-08479-9
Online ISBN: 978-3-031-08480-5
eBook Packages: Computer ScienceComputer Science (R0)