Systemic Analysis of the use of Artificial Intelligence (AI) In Regulating Terrorist Content on Social Media Ecosystem Using Functional Dependency Network Analysis (FDNA)

This research is a systemic analysis of emerging risks to the use Artificial Intelligence (AI) in regulating terrorist content on social media ecosystems using Functional Dependency Network Analysis (FDNA), a proven system-design-and-analysis tool). The research has three phases: 1) framing the problem by identifying and describing AI ecosystem elements as intended, implied and explicit objectives, discernible attributes, and performance indictors; 2) describing the idealized problem-solved scenario, which includes detailing ‘success’ states of the ecosystem; and 3) systemic risk analysis including identifying failure scenarios for each element and establishing causalities among elemental attributes leading to failure scenarios. This research contributes toward a sustainable and more robust solution to the issue of regulating one particular form of malicious content on social media platforms (i.e., terrorist content) based not on one perspective but on the entire ‘ecosystem’ using FDNA

Digital Transformation, Applications, and Vulnerabilities in Maritime and Shipbuilding Ecosystems

The evolution of maritime and shipbuilding supply chains toward digital ecosystems increases operational complexity and needs reliable communication and coordination. As labor and suppliers shift to digital platforms, interconnection, information transparency, and decentralized choices become ubiquitous. In this sense, Industry 4.0 enables "smart digitalization"in these environments. Many applications exist in two distinct but interrelated areas related to shipbuilding design and shipyard operational performance. New digital tools, such as virtual prototypes and augmented reality, begin to be used in the design phases, during the commissioning/quality control activities, and for training workers and crews. An application relates to using Virtual Prototypes and Augmented Reality during all the design and construction phases. Another application relates to the cybersecurity protection of operational networks that support shipbuilding supply chains that ensures the flow of material and labor to the shipyards. This protection requires a holistic approach to evaluate their vulnerability and understand ripple effects. This paper presents the applications of Industry 4.0 for the areas mentioned above. The first case in shipbuilding design is an example of how the virtual prototype of a ship, together with wearable devices enabling augmented reality, can be used for the quality control of the construction of ship systems. For the second case, we propose developing an artificial intelligence-based cybersecurity supply network framework that characterizes and monitors shipbuilding supply networks and determines ripple effects from disruptions caused by cyberattacks. This framework extends a novel risk management framework developed by Diaz and Smith and Smith and Diaz that considers complex tiered networks

Digital Transformation, Applications, and Vulnerabilities in Maritime and Shipbuilding Ecosystems

The evolution of maritime and shipbuilding supply chains toward digital ecosystems increases operational complexity and needs reliable communication and coordination. As labor and suppliers shift to digital platforms, interconnection, information transparency, and decentralized choices become ubiquitous. In this sense, Industry 4.0 enables smart digitalization in these environments. Many applications exist in two distinct but interrelated areas related to shipbuilding design and shipyard operational performance. New digital tools, such as virtual prototypes and augmented reality, begin to be used in the design phases, during the commissioning/quality control activities, and for training workers and crews. An application relates to using Virtual Prototypes and Augmented Reality during all the design and construction phases. Another application relates to the cybersecurity protection of operational networks that support shipbuilding supply chains that ensures the flow of material and labor to the shipyards. This protection requires a holistic approach to evaluate their vulnerability and understand ripple effects. This paper presents the applications of Industry 4.0 for the areas mentioned above. The first case in shipbuilding design is an example of how the virtual prototype of a ship, together with wearable devices enabling augmented reality, can be used for the quality control of the construction of ship systems. For the second case, we propose developing an artificial intelligence-based cybersecurity supply network framework that characterizes and monitors shipbuilding supply networks and determines ripple effects from disruptions caused by cyberattacks. This framework extends a novel risk management framework developed by Diaz and Smith and Smith and Diaz that considers complex tiered networks

Developing an Artificial Intelligence Framework to Assess Shipbuilding and Repair Sub-Tier Supply Chains Risk

The defense shipbuilding and repair industry is a labor-intensive sector that can be characterized by low-product volumes and high investments in which a large number of shared resources, technology, suppliers, and processes asynchronously converge into large construction projects. It is mainly organized by the execution of a complex combination of sequential and overlapping stages. While entities engaged in this large-scale endeavor are often knowledgeable about their first-tier suppliers, they usually do not have insight into the lower tiers suppliers. A sizable part of any supply chain disruption is attributable to instabilities in sub-tier suppliers. This research note conceptually delineates a framework that considers the elicitation of the existing associations between suppliers and sub-tier suppliers. This framework, Shipbuilding Risk Supply Chain (Ship-RISC), offers a simulation framework to leverage real-time and data using an Industry 4.0 approach to generate descriptive and prescriptive analytics based on the execution of simulation models that support risk management assessment and decision-making

Cybersecurity Acquisition Framework Based on Risk Management: Economics Perspective

Acquisition Research Program Sponsored Report SeriesSponsored Acquisition Research & Technical ReportsCyber attacks continuously target organizations, however, the mitigation actions taken for defense are not sufficiently effective. Ability to compute the cost of attacks is crucial to assess the effectiveness of countermeasure investments. In this study, we developed a framework to have a well-informed decision-making process in cybersecurity acquisition by evaluating the business impact caused by the operability losses of assets. We tested the developed framework using various attack and mitigation scenarios. The findings suggest that using a simulation approach to calculate the business impact of cyber attacks provides the ability to support decision-making process.Approved for public release; distribution is unlimited.Approved for public release; distribution is unlimited

Quantifying Impact of Cyber Actions on Missions or Business Processes: A Multilayer Propagative Approach

Ensuring the security of cyberspace is one of the most significant challenges of the modern world because of its complexity. As the cyber environment is getting more integrated with the real world, the direct impact of cybersecurity problems on actual business frequently occur. Therefore, operational and strategic decision makers in particular need to understand the cyber environment and its potential impact on business. Cyber risk has become a top agenda item for businesses all over the world and is listed as one of the most serious global risks with significant financial implications for businesses. Risk analysis is one of the primary tools used in this endeavor. Impact assessment, as an integral part of risk analysis, tries to estimate the possible damage of a cyber threat on business. It provides the main insight into risk prioritization as it incorporates business requirements into risk analysis for a better balance of security and usability. Moreover, impact assessment constitutes the main body of information flow between technical people and business leaders. Therefore, it requires the effective synergy of technological and business aspects of cybersecurity for protection against cyber threats. The purpose of this research is to develop a methodology to quantify the impact of cybersecurity events, incidents, and threats. The developed method addresses the issue of impact quantification from an interdependent system of systems point of view. The objectives of this research are (1) developing a quantitative model to determine the impact propagation within a layer of an enterprise (i.e., asset, service or business process layer); (2) developing a quantitative model to determine the impact propagation among different layers within an enterprise; (3) developing an approach to estimate the economic cost of a cyber incident or event. Although there are various studies in cybersecurity risk quantification, only a few studies focus on impact assessment at the business process layer by considering ripple effects at both the horizontal and vertical layers. This research develops an approach that quantifies the economic impact of cyber incidents, events and threats to business processes by considering the horizontal and vertical interdependencies and impact propagation within and among layers