Visible to the public Modeling and Assessment of IoT Supply Chain Security Risks: The Role of Structural and Parametric UncertaintiesConflict Detection Enabled

TitleModeling and Assessment of IoT Supply Chain Security Risks: The Role of Structural and Parametric Uncertainties
Publication TypeConference Paper
Year of Publication2020
AuthorsKieras, Timothy, Farooq, Muhammad Junaid, Zhu, Quanyan
Conference Name2020 IEEE Security and Privacy Workshops (SPW)
Date PublishedMay
AbstractSupply chain security threats pose new challenges to security risk modeling techniques for complex ICT systems such as the IoT. With established techniques drawn from attack trees and reliability analysis providing needed points of reference, graph-based analysis can provide a framework for considering the role of suppliers in such systems. We present such a framework here while highlighting the need for a component-centered model. Given resource limitations when applying this model to existing systems, we study various classes of uncertainties in model development, including structural uncertainties and uncertainties in the magnitude of estimated event probabilities. Using case studies, we find that structural uncertainties constitute a greater challenge to model utility and as such should receive particular attention. Best practices in the face of these uncertainties are proposed.
DOI10.1109/SPW50608.2020.00043
Citation Key9283832