Critical Management Issues for Implementing RFID in Supply Chain Management

The benefits of radio frequency identification (RFID) technology in the supply chain are fairly compelling. It has the potential to revolutionise the efficiency, accuracy and security of the supply chain with significant impact on overall profitability. A number of companies are actively involved in testing and adopting this technology. It is estimated that the market for RFID products and services will increase significantly in the next few years. Despite this trend, there are major impediments to RFID adoption in supply chain. While RFID systems have been around for several decades, the technology for supply chain management is still emerging. We describe many of the challenges, setbacks and barriers facing RFID implementations in supply chains, discuss the critical issues for management and offer some suggestions. In the process, we take an in-depth look at cost, technology, standards, privacy and security and business process reengineering related issues surrounding RFID technology in supply chains

Critical Infrastructure Protection Approaches: Analytical Outlook on Capacity Responsiveness to Dynamic Trends

Overview: Critical infrastructures (CIs) – any asset with a functionality that is critical to normal societal functions, safety, security, economic or social wellbeing of people, and disruption or destruction of which would have a very significant negative societal impact. CIs are clearly central to the normal functioning of a nation’s economy and require to be protected from both intentional and unintentional sabotages. It is important to correctly discern and aptly manage security risks within CI domains. The protection (security) of CIs and their networks can provide clear benefits to owner organizations and nations including: enabling the attainment of a properly functioning social environment and economic market, improving service security, enabling integration to external markets, and enabling service recipients (consumers, clients, and users) to benefit from new and emerging technological developments. To effectively secure CI system, firstly, it is crucial to understand three things - what can happen, how likely it is to happen, and the consequences of such happenings. One way to achieve this is through modelling and simulations of CI attributes, functionalities, operations, and behaviours to support security analysis perspectives, and especially considering the dynamics in trends and technological adoptions. Despite the availability of several security-related CI modelling approaches (tools and techniques), trends such as inter-networking, internet and IoT integrations raise new issues. Part of the issues relate to how to effectively (more precisely and realistically) model the complex behavior of interconnected CIs and their protection as system of systems (SoS). This report attempts to address the broad goal around this issue by reviewing a sample of critical infrastructure protection approaches; comprising tools, techniques, and frameworks (methodologies). The analysis covers contexts relating to the types of critical infrastructures, applicable modelling techniques, risk management scope covered, considerations for resilience, interdependency, and policy and regulations factors. Key Findings: This research presents the following key findings: 1. There is not a single specific Critical Infrastructure Protection (CIP) approach – tool, technique, methodology or framework – that exists or emerges as a ‘fit-for-all’; to allow the modelling and simulation of cyber security risks, resilience, dependency, and impact attributes in all critical infrastructure set-ups. 2. Typically, two or more modelling techniques can be (need to be) merged to cover a broader scope and context of modelling and simulation applications (areas) to achieve desirable highlevel protection and security for critical infrastructures. 3. Empirical-based, network-based, agent-based, and system dynamics-based modelling techniques are more widely used, and all offer gains for their use. 4. The deciding factors for choosing modelling techniques often rest on; complexity of use, popularity of approach, types and objectives of user Organisation and sector. 5. The scope of modelling functions and operations also help to strike the balance between ‘specificity’ and ‘generality’ of modelling technique and approach for the gains of in-depth analysis and wider coverage respectively. 6. Interdependency and resilience modelling and simulations in critical infrastructure operations, as well as associated security and safety risks; are crucial characteristics that need to be considered and explored in revising existing or developing new CIP modelling approaches. Recommendations: Key recommendations from this research include: 1. Other critical infrastructure sectors such as emergency services, food & agriculture, and dams; need to draw lessons from the energy and transportation sectors for the successive benefits of: i. Amplifying the drive and efforts towards evaluating and understanding security risks to their infrastructure and operations. ii. Support better understanding of any associated dependencies and cascading impacts. iii. Learning how to establish effective security and resilience. iv. Support the decision-making process linked with measuring the effectiveness of preparedness activities and investments. v. Improve the behavioural security-related responses of CI to disturbances or disruptions. 2. Security-related critical infrastructure modelling approaches should be developed or revised to include wider scopes of security risk management – from identification to effectiveness evaluations, to support: i. Appropriate alignment and responsiveness to the dynamic trends introduced by new technologies such as IoT and IIoT. ii. Dynamic security risk management – especially the assessment section needs to be more dynamic than static, to address the recurrent and impactful risks that emerge in critical infrastructures

Who should pay for interdependent risk? Policy implications for security interdependence among airports

We study interdependent risks in security, and shed light on the economic and policy implications of increasing security interdependence in presence of reactive attackers. We investigate the impact of potential public policy arrangements on the security of a group of interdependent organizations, namely, airports. Focusing on security expenditures and costs to society, as assessed by a social planner, to individual airports and to attackers, we first develop a game‐theoretic framework, and derive explicit Nash equilibrium and socially optimal solutions in the airports network. We then conduct numerical experiments mirroring real‐world cyber scenarios, to assess how a change in interdependence impact the airports' security expenditures, the overall expected costs to society, and the fairness of security financing. Our study provides insights on the economic and policy implications for the United States, Europe, and Asia

Using complex network theory to model supply chain network resilience: a review of current literature

Traditionally, supply networks are modelled as multi-agent systems, in order to represent explicit communications between various entities involved. However, due to the increasingly complex and interconnected nature of the global supply networks, a recent trend of research work has focussed on modelling supply networks as complex adaptive systems. This approach has enabled researchers to investigate various topological properties which give rise to resilience characteristics in a given supply network. This paper presents a critical review of the published research work on this field. Key insights provided by this paper include; (1) the importance of defining the concepts of ‘resilience’ and ‘disruptions’ as measurable variables; (2) the limitations of existing network models to realistically represent supply networks; (3) potential improvements to the currently used growth mechanisms, which rely on node ‘degree’ to derive attachment probability instead of the more realistic and relevant node ‘fitness’; (4) importance of incorporating operational aspects, such as flows, costs, and capacities of connections between the nodes as well as topological aspects; and (5) derivation of a new set of resilience metrics capturing operational as well as topological aspects. Finally, a conceptual approach incorporating the above improvements to the existing supply network modelling approach is presented

Modeling IT Availability Risks in Smart Factories

In the course of the ongoing digitalization of production, production environments have become increasingly intertwined with information and communication technology. As a consequence, physical production processes depend more and more on the availability of information networks. Threats such as attacks and errors can compromise the components of information networks. Due to the numerous interconnections, these threats can cause cascading failures and even cause entire smart factories to fail due to propagation effects. The resulting complex dependencies between physical production processes and information network components in smart factories complicate the detection and analysis of threats. Based on generalized stochastic Petri nets, the paper presents an approach that enables the modeling, simulation, and analysis of threats in information networks in the area of connected production environments. Different worst-case threat scenarios regarding their impact on the operational capability of a close-to-reality information network are investigated to demonstrate the feasibility and usability of the approach. Furthermore, expert interviews with an academic Petri net expert and two global leading companies from the automation and packaging industry complement the evaluation from a practical perspective. The results indicate that the developed artifact offers a promising approach to better analyze and understand availability risks, cascading failures, and propagation effects in information networks in connected production environments