Skip to main content
SpringerLink
Log in

IoT and Supply Chain Security

  • Chapter
  • First Online:
IoT Supply Chain Security Risk Analysis and Mitigation

Part of the book series: SpringerBriefs in Computer Science ((BRIEFSCOMPUTER))

  • 378 Accesses

Abstract

Internet of things (IoT) applications rely on a variety of technological components that are manufactured and operated by different entities around the globe. Supply chain is emerging as the next frontier of threats in the rapidly evolving IoT ecosystem. It is fundamentally more complex compared to traditional information and communications technology (ICT) systems. This chapter highlights potential sources of supply chain risks in IoT systems and their unique aspects along with providing an overview of the fundamental challenges in supply chain risk assessment and mitigation.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. J. Farooq, Q. Zhu, Internet of Things-Enabled Systems and Infrastructure (Wiley, 2021), ch. 1, pp. 1–8. [Online]. Available: https://onlinelibrary.wiley.com/doi/abs/10.1002/9781119716112.ch1

  2. J. Farooq, Q. Zhu, Resource Management in IoT-Enabled Interdependent Infrastructure (Wiley, 2021), ch. 2, pp. 9–13. [Online]. Available: https://onlinelibrary.wiley.com/doi/abs/10.1002/9781119716112.ch2

  3. J. Farooq, Q. Zhu, Network Defense Mechanisms Against Malware Infiltration (Wiley, 2021), ch. 8, pp. 97–124. [Online]. Available: https://onlinelibrary.wiley.com/doi/abs/10.1002/9781119716112.ch8

  4. C. Kolias, G. Kambourakis, A. Stavrou, J. Voas, DDoS in the IoT: Mirai and other botnets. Computer 50(7), 80–84 (2017)

    Article  Google Scholar 

  5. R. Langner, Stuxnet: Dissecting a cyberwarfare weapon. IEEE Secur. Privacy 9(3), 49–51 (2011)

    Article  Google Scholar 

  6. J. Cashin, B. Lawson, Managing cyber supply chain risk - best practices for small entities, American Public Power Association, Washington, DC, Tech. Rep. (2018)

    Google Scholar 

  7. R. Spalding, Vulnerable 5G networks threaten world’s critical infrastructure, Asia Times, Tech. Rep. (2021). [Online]. Available: https://asiatimes.com/2021/12/vulnerable-5g-networks-threaten-worlds-critical-infrastructure/

  8. J. Kisielius, Breaking down the SolarWinds supply chain attack, SpyCloud, Tech. Rep. (2021). [Online]. Available: https://spycloud.com/solarwinds-attack-breakdown/

  9. G. Gereffi, What does the covid-19 pandemic teach us about global value chains? the case of medical supplies. J. Int. Business Policy 3(3), 287–301 (2020)

    Article  Google Scholar 

  10. B.K. Mohanta, D. Jena, S.S. Panda, S. Sobhanayak, Blockchain technology: A survey on applications and security privacy challenges. Internet Things 8, 100107 (2019)

    Article  Google Scholar 

  11. S.A. Abeyratne, R.P. Monfared, Blockchain ready manufacturing supply chain using distributed ledger. Int. J. Res. Eng. Technol. 5(9), 1–10 (2016)

    Article  Google Scholar 

  12. K. Korpela, J. Hallikas, T. Dahlberg, Digital supply chain transformation toward blockchain integration, in Proceedings of the 50th Hawaii International Conference on System Sciences (2017)

    Google Scholar 

  13. D.J. Trump, Presidential executive order on assessing and strengthening the manufacturing and defense industrial base and supply chain resiliency of the united states (2017)

    Google Scholar 

  14. J. Villasenor, Compromised by Design?: Securing the Defense Electronics Supply Chain (Center for Technology Innovation at Brookings, 2013)

    Google Scholar 

  15. M. Willett, Lessons of the solarwinds hack. Survival 63(2), 7–26 (2021)

    Article  Google Scholar 

  16. N. Manworren, J. Letwat, O. Daily, Why you should care about the target data breach. Business Horizons 59(3), 257–266 (2016)

    Article  Google Scholar 

  17. J. Tidy, Honda’s global operations hit by cyber-attack (2020). [Online]. Available: https://www.bbc.com/news/technology-52982427

  18. J. Boyens, C. Paulsen, R. Moorthy, N. Bartol, Supply chain risk management practices for federal information systems and organizations. National Institute of Standards and Technology, Gaithersburg, MD, Tech. Rep. (2015)

    Google Scholar 

  19. M.J. Farooq, Q. Zhu, Modeling, analysis, and mitigation of dynamic botnet formation in wireless IoT networks. IEEE Trans. Inf. Forens. Secur. 14(9), 2412–2426 (2019)

    Article  Google Scholar 

  20. Q. Zhu, Z. Xu, Cross-layer Design for Secure and Resilient Cyber-physical Systems (Springer, 2020)

    Google Scholar 

  21. Q. Zhu, S. Rass, B. Dieber, V.M. Vilches et al., Cybersecurity in robotics: Challenges, quantitative modeling, and practice. Found. Trends® Robot. 9(1), 1–129 (2021)

    Google Scholar 

  22. Q. Zhu, Control challenges, in Resilient Control Architectures and Power Systems (2021)

    Google Scholar 

  23. M.J. Farooq, Q. Zhu, On the secure and reconfigurable multi-layer network design for critical information dissemination in the Internet of battlefield things (IoBT). IEEE Trans. Wirel. Commun. 17(4), 2618–2632 (2018)

    Article  Google Scholar 

  24. Q. Zhu, S. Rass, On multi-phase and multi-stage game-theoretic modeling of advanced persistent threats. IEEE Access 6, 13958–13971 (2018)

    Article  Google Scholar 

  25. S. Rass, A. Alshawish, M.A. Abid, S. Schauer, Q. Zhu, H. De Meer, Physical intrusion games–optimizing surveillance by simulation and game theory. IEEE Access 5, 8394–8407 (2017)

    Article  Google Scholar 

  26. C. Folk, D.C. Hurley, W.K. Kaplow, J.F.X. Payne, The security implications of the Internet of things, AFCEA International Cyber Committee, Gaithersburg, MD, Tech. Rep. (2015)

    Google Scholar 

  27. T. Omitola, G. Wills, Towards mapping the security challenges of the Internet of things (IoT) supply chain. Procedia Comput. Sci. 126, 441–450, 2018. [Online]. Available: http://www.sciencedirect.com/science/article/pii/S1877050918312547

  28. K. Boeckl, M. Fagan, W. Fisher, N. Lefkovitz, K.N. Megas, E. Nadeau, B. Piccarreta, D.G. O’Rourke, K. Scarfone, Considerations for managing Internet of things (IoT) cybersecurity and privacy risks, National Institute of Standards and Technology, Gaithersburg, MD, Tech. Rep. (2019)

    Google Scholar 

  29. R.E. Hiromoto, M. Haney, A. Vakanski, A secure architecture for IoT with supply chain risk management, in 2017 9th IEEE International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications (IDAACS), vol. 1 (2017), pp. 431–435

    Google Scholar 

  30. Strategic principles for securing the Internet of things, U.S. Department of Homeland Security, Gaithersburg, MD, Tech. Rep. 2016. [Online]. Available: https://www.dhs.gov/sites/default/files/publications/Strategic_Principles_for_Securing_the_Internet_of_Things-2016-1115-FINAL_v2-dg11.pdf

  31. N. Bartol, Cyber supply chain risk management for utilities - roadmap for implementation, Utilities Telecom Council, Washington, DC, Tech. Rep. (2015)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. New York University, Brooklyn, USA

    Tim Kieras

  2. University of Michigan-Dearborn, Dearborn, USA

    Junaid Farooq

  3. New York University, Brooklyn, USA

    Quanyan Zhu

Authors
  1. Tim Kieras
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Junaid Farooq
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Quanyan Zhu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Tim Kieras , Junaid Farooq or Quanyan Zhu .

Rights and permissions

Reprints and permissions

Copyright information

© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Kieras, T., Farooq, J., Zhu, Q. (2022). IoT and Supply Chain Security. In: IoT Supply Chain Security Risk Analysis and Mitigation. SpringerBriefs in Computer Science. Springer, Cham. https://doi.org/10.1007/978-3-031-08480-5_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-08480-5_1

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-08479-9

  • Online ISBN: 978-3-031-08480-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation