Abstract
Internet of things (IoT) applications rely on a variety of technological components that are manufactured and operated by different entities around the globe. Supply chain is emerging as the next frontier of threats in the rapidly evolving IoT ecosystem. It is fundamentally more complex compared to traditional information and communications technology (ICT) systems. This chapter highlights potential sources of supply chain risks in IoT systems and their unique aspects along with providing an overview of the fundamental challenges in supply chain risk assessment and mitigation.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
J. Farooq, Q. Zhu, Internet of Things-Enabled Systems and Infrastructure (Wiley, 2021), ch. 1, pp. 1–8. [Online]. Available: https://onlinelibrary.wiley.com/doi/abs/10.1002/9781119716112.ch1
J. Farooq, Q. Zhu, Resource Management in IoT-Enabled Interdependent Infrastructure (Wiley, 2021), ch. 2, pp. 9–13. [Online]. Available: https://onlinelibrary.wiley.com/doi/abs/10.1002/9781119716112.ch2
J. Farooq, Q. Zhu, Network Defense Mechanisms Against Malware Infiltration (Wiley, 2021), ch. 8, pp. 97–124. [Online]. Available: https://onlinelibrary.wiley.com/doi/abs/10.1002/9781119716112.ch8
C. Kolias, G. Kambourakis, A. Stavrou, J. Voas, DDoS in the IoT: Mirai and other botnets. Computer 50(7), 80–84 (2017)
R. Langner, Stuxnet: Dissecting a cyberwarfare weapon. IEEE Secur. Privacy 9(3), 49–51 (2011)
J. Cashin, B. Lawson, Managing cyber supply chain risk - best practices for small entities, American Public Power Association, Washington, DC, Tech. Rep. (2018)
R. Spalding, Vulnerable 5G networks threaten world’s critical infrastructure, Asia Times, Tech. Rep. (2021). [Online]. Available: https://asiatimes.com/2021/12/vulnerable-5g-networks-threaten-worlds-critical-infrastructure/
J. Kisielius, Breaking down the SolarWinds supply chain attack, SpyCloud, Tech. Rep. (2021). [Online]. Available: https://spycloud.com/solarwinds-attack-breakdown/
G. Gereffi, What does the covid-19 pandemic teach us about global value chains? the case of medical supplies. J. Int. Business Policy 3(3), 287–301 (2020)
B.K. Mohanta, D. Jena, S.S. Panda, S. Sobhanayak, Blockchain technology: A survey on applications and security privacy challenges. Internet Things 8, 100107 (2019)
S.A. Abeyratne, R.P. Monfared, Blockchain ready manufacturing supply chain using distributed ledger. Int. J. Res. Eng. Technol. 5(9), 1–10 (2016)
K. Korpela, J. Hallikas, T. Dahlberg, Digital supply chain transformation toward blockchain integration, in Proceedings of the 50th Hawaii International Conference on System Sciences (2017)
D.J. Trump, Presidential executive order on assessing and strengthening the manufacturing and defense industrial base and supply chain resiliency of the united states (2017)
J. Villasenor, Compromised by Design?: Securing the Defense Electronics Supply Chain (Center for Technology Innovation at Brookings, 2013)
M. Willett, Lessons of the solarwinds hack. Survival 63(2), 7–26 (2021)
N. Manworren, J. Letwat, O. Daily, Why you should care about the target data breach. Business Horizons 59(3), 257–266 (2016)
J. Tidy, Honda’s global operations hit by cyber-attack (2020). [Online]. Available: https://www.bbc.com/news/technology-52982427
J. Boyens, C. Paulsen, R. Moorthy, N. Bartol, Supply chain risk management practices for federal information systems and organizations. National Institute of Standards and Technology, Gaithersburg, MD, Tech. Rep. (2015)
M.J. Farooq, Q. Zhu, Modeling, analysis, and mitigation of dynamic botnet formation in wireless IoT networks. IEEE Trans. Inf. Forens. Secur. 14(9), 2412–2426 (2019)
Q. Zhu, Z. Xu, Cross-layer Design for Secure and Resilient Cyber-physical Systems (Springer, 2020)
Q. Zhu, S. Rass, B. Dieber, V.M. Vilches et al., Cybersecurity in robotics: Challenges, quantitative modeling, and practice. Found. Trends® Robot. 9(1), 1–129 (2021)
Q. Zhu, Control challenges, in Resilient Control Architectures and Power Systems (2021)
M.J. Farooq, Q. Zhu, On the secure and reconfigurable multi-layer network design for critical information dissemination in the Internet of battlefield things (IoBT). IEEE Trans. Wirel. Commun. 17(4), 2618–2632 (2018)
Q. Zhu, S. Rass, On multi-phase and multi-stage game-theoretic modeling of advanced persistent threats. IEEE Access 6, 13958–13971 (2018)
S. Rass, A. Alshawish, M.A. Abid, S. Schauer, Q. Zhu, H. De Meer, Physical intrusion games–optimizing surveillance by simulation and game theory. IEEE Access 5, 8394–8407 (2017)
C. Folk, D.C. Hurley, W.K. Kaplow, J.F.X. Payne, The security implications of the Internet of things, AFCEA International Cyber Committee, Gaithersburg, MD, Tech. Rep. (2015)
T. Omitola, G. Wills, Towards mapping the security challenges of the Internet of things (IoT) supply chain. Procedia Comput. Sci. 126, 441–450, 2018. [Online]. Available: http://www.sciencedirect.com/science/article/pii/S1877050918312547
K. Boeckl, M. Fagan, W. Fisher, N. Lefkovitz, K.N. Megas, E. Nadeau, B. Piccarreta, D.G. O’Rourke, K. Scarfone, Considerations for managing Internet of things (IoT) cybersecurity and privacy risks, National Institute of Standards and Technology, Gaithersburg, MD, Tech. Rep. (2019)
R.E. Hiromoto, M. Haney, A. Vakanski, A secure architecture for IoT with supply chain risk management, in 2017 9th IEEE International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications (IDAACS), vol. 1 (2017), pp. 431–435
Strategic principles for securing the Internet of things, U.S. Department of Homeland Security, Gaithersburg, MD, Tech. Rep. 2016. [Online]. Available: https://www.dhs.gov/sites/default/files/publications/Strategic_Principles_for_Securing_the_Internet_of_Things-2016-1115-FINAL_v2-dg11.pdf
N. Bartol, Cyber supply chain risk management for utilities - roadmap for implementation, Utilities Telecom Council, Washington, DC, Tech. Rep. (2015)
Author information
Authors and Affiliations
Corresponding authors
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this chapter
Cite this chapter
Kieras, T., Farooq, J., Zhu, Q. (2022). IoT and Supply Chain Security. In: IoT Supply Chain Security Risk Analysis and Mitigation. SpringerBriefs in Computer Science. Springer, Cham. https://doi.org/10.1007/978-3-031-08480-5_1
Download citation
DOI: https://doi.org/10.1007/978-3-031-08480-5_1
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-08479-9
Online ISBN: 978-3-031-08480-5
eBook Packages: Computer ScienceComputer Science (R0)