The co-evolution of competition and parasitism in the resource-based view:a risk model of product counterfeiting

The primary concern in the resource-based view of the firm has been competition. For many firms, however, the relevant ecology includes parasites as well as competitors – notably product counterfeiters who parasitically exploit a firm’s reputational resource. This parasitic process both diminishes the reputational resource it exploits, and produces significant risk of harm as a by-product. This article extends the resource-based view, presenting an account of the mechanism by which competition and parasitism co-evolve and produce a distinctive form of resource erosion. It does so using a model which, because a firm’s reputational resource exists distributedly in the minds of mutually-influencing but not centrally-coordinated consumers, takes an agent-based approach. This model then naturally forms a basis for the probabilistic risk assessment of the consequences of parasitism – particularly the harm that arises from the counterfeiting of safety critical products such as pharmaceuticals. The intended contribution is to show how the resource-based view can be extended to reflect the fact that heterogeneous resource distribution is implicated in parasitism as much as competition, and to show how a model of the underlying mechanisms can support risk analysis

Modelling security risk in critical utilities:the system at risk as a three player game and agent society

It becomes essential when reasoning about the security risks to critical utilities such electrical power and water distribution to recognize that the interests of producers and consumers do not fully coincide. They may have incentives to behave strategically towards each other, as well as toward some third party adversary. We therefore argue for the need to extend the prior literature, which has concentrated on the strategic, adaptive game between adversary and defender, towards 3-player games. But it becomes hard to justify modelling a population of consumers as a single, decision making actor. So we also show how we can model consumers as a group of mutually-influencing, yet not centrally co-ordinated, heterogeneous agents. And we suggest how this representation can be integrated into a game-theoretic framework. This requires a framework in which payoffs are known by the players only stochastically. We present some basic models and demonstrate the nature of the modelling commitments that need to be made in order to reason about utilities’ security risk

Verification of Resilience Policies that Assist Attribute Based Access Control

Access control offers mechanisms to control and limit the actions or operations that are performed by a user on a set of resources in a system. Many access control models exist that are able to support this basic requirement. One of the properties examined in the context of these models is their ability to successfully restrict access to resources. Nevertheless, considering only restriction of access may not be enough in some environments, as in critical infrastructures. The protection of systems in this type of environment requires a new line of enquiry. It is essential to ensure that appropriate access is always possible, even when users and resources are subjected to challenges of various sorts. Resilience in access control is conceived as the ability of a system not to restrict but rather to ensure access to resources. In order to demonstrate the application of resilience in access control, we formally define an attribute based access control model (ABAC) based on guidelines provided by the National Institute of Standards and Technology (NIST). We examine how ABAC-based resilience policies can be specified in temporal logic and how these can be formally verified. The verification of resilience is done using an automated model checking technique, which eventually may lead to reducing the overall complexity required for the verification of resilience policies and serve as a valuable tool for administrators

Rationalizing violation:ordered accounts of intentionality in the making and breaking of safety rules

Regulative rules are central to the efforts made in organizations to ensure orderliness in the presence of physical danger. The reportedly routine violation of safety rules in organizations therefore brings into question the longstanding association of rules with organizational order, and the literature is sharply divided on whether rule violation represents a dangerous disorder or a reasonable way of getting by. This study is an attempt to carry out a more interpretive analysis, looking at how organizational members construct a sense of order in the presence of rule violation – and in particular how they do so by using a concept of intentionality to maintain accountability yet avoid rules becoming taboos. We find that the way people explain intentions attests to several senses of order that otherwise appear to be lost when rules are violated, such as predictability, purposefulness and progressiveness. This indicates that rules do not maintain, symbolize and constitute order simply because they are normative restraints on behaviour – but act as nuclei for discourses that can repair order even when they are violated. The order that is repaired in this way is both a mechanistic and a moral one

On the role of latent design conditions in cyber-physical systems security

As cyber-physical systems (CPS) become prevalent in everyday life, it is critical to understand the factors that may impact the security of such systems. In this paper, we present insights from an initial study of historical security incidents to analyse such factors for a particular class of CPS: industrial control systems (ICS). Our study challenges the usual tendency to blame human fallibility or resort to simple explanations for what are often complex issues that lead to a security incident. We highlight that (i) perception errors are key in such incidents (ii) latent design conditions -- e.g., improper specifications of a system's borders and capabilities -- play a fundamental role in shaping perceptions, leading to security issues. Such design-time considerations are particularly critical for ICS, the life-cycle of which is usually measured in decades. Based on this analysis, we discuss how key characteristics of future smart CPS in such industrial settings can pose further challenges with regards to tackling latent design flaws

The relationship between risk control imperative and perceived causation:the case of product counterfeiting in China

The counterfeiting of safety critical products such as pharmaceuticals is a significant risk to public safety, but the literature suggests that much of the causation of counterfeiting is endogenous: the decisions of legitimate producers and consumers facilitate or incentivize the manufacture of counterfeits. This study examined what effect the perceived causation of counterfeiting risk (both the causes of counterfeiting, and the consequences caused by counterfeiting) had on the risk control imperative: the belief that more resources should be allocated to controlling this risk. This involved a questionnaire survey of individuals in China, asking them to respond to the risks arising from the counterfeiting of specific safety-critical product types. The study found that although some causes of counterfeiting were emphasized much more strongly than others (notably the failure of the authorities, profiteering among legitimate producers and the presence of criminal organizations), the less emphasized causes were still judged as being relevant. The study found that the association between the risk control imperative and both the perceived scale of risk and its causal origins varied across different product types. In one case, the scale of risk was virtually unrelated to control imperative, but in all cases, at least one of the causal factors, and at least one of the consequential factors, explained variation in control imperative. A qualitative comparative analysis also indicated specifically that control imperative was lower if an actor who was strongly implicated in the cause of the risks was also a bearer of the risks

Analysis of affordance, time and adaptation in the assessment of industrial control system cybersecurity risk

Industrial control systems increasingly use standard communication protocols and are increasingly connected to public networks—creating substantial cybersecurity risks, especially when used in critical infrastructures such as electricity and water distribution systems. Methods of assessing risk in such systems have recognized for some time the way in which the strategies of potential adversaries and risk managers interact in defining the risk to which such systems are exposed. But it is also important to consider the adaptations of the systems’ operators and other legitimate users to risk controls, adaptations that often appear to undermine these controls, or shift the risk from one part of a system to another. Unlike the case with adversarial risk analysis, the adaptations of system users are typically orthogonal to the objective of minimizing or maximizing risk in the system. We argue that this need to analyze potential adaptations to risk controls is true for risk problems more generally, and we develop a framework for incorporating such adaptations into an assessment process. The method is based on the principle of affordances, and we show how this can be incorporated in an iterative procedure based on raising the minimum period of risk materialization above some threshold. We apply the method in a case study of a small European utility provider and discuss the observations arising from this

Supply chain resilience in a developing country context:A case study on the interconnectedness of threats, strategies, and outcomes

Purpose In few prior empirical studies on supply chain resilience (SCRES), the focus has been on the developed world. Yet, organisations in developing countries constitute a significant part of global supply chains and have also experienced the disastrous effects of supply chain failures. The purpose of this paper is therefore to empirically investigate SCRES in a developing country context and to show that this also provides theoretical insights into the nature of what is meant by resilience. Design/methodology/approach Using a case study approach, a supply network of 20 manufacturing firms in Uganda is analysed based on a total of 45 interviews. Findings The perceived threats to SCRES in this context are mainly small-scale, chronic disruptive events rather than discrete, large-scale catastrophic events typically emphasised in the literature. The data reveal how threats of disruption, resilience strategies and outcomes are inter-related in complex, coupled and non-linear ways. These interrelationships are explained by the political, cultural and territorial embeddedness of the supply network in a developing country. Further, this embeddedness contributes to the phenomenon of supply chain risk migration, whereby an attempt to mitigate one threat produces another threat and/or shifts the threat to another point in the supply network. Practical implications Managers should be aware, for example, of potential risk migration from one threat to another when crafting strategies to build SCRES. Equally, the potential for risk migration across the supply network means managers should look at the supply chain holistically because actors along the chain are so interconnected. Originality/value The paper goes beyond the extant literature by highlighting how SCRES is not only about responding to specific, isolated threats but about the continuous management of risk migration. It demonstrates that resilience requires both an understanding of the interconnectedness of threats, strategies and outcomes and an understanding of the embeddedness of the supply network. Finally, this study’s focus on the context of a developing country reveals that resilience should be equally concerned both with smaller in scale, chronic disruptions and with occasional, large-scale catastrophic events

Threat awareness for critical infrastructures resilience

Utility networks are part of every nation’s critical infrastructure, and their protection is now seen as a high priority objective. In this paper, we propose a threat awareness architecture for critical infrastructures, which we believe will raise security awareness and increase resilience in utility networks. We first describe an investigation of trends and threats that may impose security risks in utility networks. This was performed on the basis of a viewpoint approach that is capable of identifying technical and non-technical issues (e.g., behaviour of humans). The result of our analysis indicated that utility networks are affected strongly by technological trends, but that humans comprise an important threat to them. This provided evidence and confirmed that the protection of utility networks is a multi-variable problem, and thus, requires the examination of information stemming from various viewpoints of a network. In order to accomplish our objective, we propose a systematic threat awareness architecture in the context of a resilience strategy, which ultimately aims at providing and maintaining an acceptable level of security and safety in critical infrastructures. As a proof of concept, we demonstrate partially via a case study the application of the proposed threat awareness architecture, where we examine the potential impact of attacks in the context of social engineering in a European utility company

Modeling social risk amplification during recall crises

Public response to risk is socially shaped in a way that often severely over- or under-estimates expert risk assessments. One of the main theoretical tools to examine public risk responses of this kind is the social amplification of risk framework. An important finding is that social amplification is strongly influenced by the conduct of those managing a risk. This study models social risk amplification as a collective response to risks that are significant at a societal level but which materialize in a distributed way across a population. It uses the context of product contamination risks and product recalls to show how organizational decision making and the multiple roles of the media can be represented by the model. It shows how a model can be partially calibrated with a consumer survey, and shows which are the most important aspects of the model in shaping social risk amplification