Enabling better supply chain decisions through a generic model utilizing cause-effect mapping

Supply chains are critical to delivering components and products safely, affordably, and securely. However, these complex networks of suppliers, manufacturers, and customers are vulnerable to internal and external disruptions and subject to exploitation. This can result in adverse impacts to the system and inhibit value delivery. This paper presents a new generic electronics supply chain model that can reveal information regarding system vulnerabilities and opportunities for decision-makers to intervene. The model draws upon a previously-developed Cause-Effect Mapping (CEM) analytic technique and assists with making decisions affecting complex systems, including those operating in resource-constrained environments. Elements of System Security Engineering (SSE) and Trusted Systems and Networks (TSN) analysis are taken into consideration to provide a greater understanding of security concerns and impacts to a supply chain focusing on electronics for the defense industry. The model, adaptable to a diversity of systems and capable of recognizing non-obvious sources of vulnerability, can be used by systems engineers to provide a holistic view of a complex supply chain. The model facilitates the communication of information regarding supply chain vulnerabilities to decision-makers and other individuals, as described in specific use cases.

[1]  Donald D. Tippett,et al.  Project Risk Management Using the Project Risk FMEA , 2004 .

[2]  Enrico Zio,et al.  The role of network theory and object-oriented modeling within a framework for the vulnerability analysis of critical infrastructures , 2009, Reliab. Eng. Syst. Saf..

[3]  A. M. Ross,et al.  A taxonomy of perturbations: Determining the ways that systems lose value , 2012, 2012 IEEE International Systems Conference SysCon 2012.

[4]  S. Werbińska-Wojciechowska,et al.  Supply chain vulnerability assessment methods—possibilities and limitations , 2015 .

[6]  D. Waters Supply Chain Risk Management: Vulnerability and Resilience in Logistics , 2007 .

[7]  Enrico Zio,et al.  Vulnerable Systems , 2011 .

[8]  John Thomas,et al.  Modeling and Hazard Analysis Using Stpa , 2010 .

[9]  Rae Zimmerman Decision-making and the vulnerability of interdependent critical infrastructure , 2004, 2004 IEEE International Conference on Systems, Man and Cybernetics (IEEE Cat. No.04CH37583).

[10]  Joongsan Oh,et al.  A Model for Measuring Supplier Risk: Do Operational Capability Indicators Enhance the Prediction Accuracy of Supplier Risk? , 2011 .

[11]  K. Baldwin,et al.  The United States Department of Defense revitalization of system security engineering through program protection , 2012, 2012 IEEE International Systems Conference SysCon 2012.

[12]  Nathan L. Clarke,et al.  Risk Assessment for Mobile Devices , 2011, TrustBus.

[13]  Jean-Claude Hennet,et al.  An analysis of risks and vulnerabilities in supply networks , 2014 .

[14]  Matthias Hofmanna,et al.  Development of Indicators to Monitor Vulnerabilities in Power Systems , 2012 .

[15]  Robert H. Anderson,et al.  Finding and Fixing Vulnerabilities in Information Systems , 2004 .

[16]  Paul Popick,et al.  System security engineering vulnerability assessments for mission-critical systems and functions , 2015, 2015 Annual IEEE Systems Conference (SysCon) Proceedings.

[17]  G. Svensson A conceptual framework of vulnerability in firms’ inbound and outbound logistics flows , 2002 .

[18]  Y. Sheffi,et al.  Supply Chain Response to Global Terrorism: a Situation Scan , 2003 .

[19]  Brian Mekdeci,et al.  Managing the impact of change through survivability and pliability to achieve viable systems of systems , 2013 .

[20]  J. A. McDermid,et al.  Towards integrated safety analysis and design , 1994, SIAP.

[21]  Melinda Reed,et al.  Requirements Challenges in Addressing Malicious Supply Chain Threats , 2013 .