This SpringerBrief introduces methodologies and tools for quantitative understanding and
assessment of supply chain risk to critical infrastructure systems. It unites system
reliability analysis optimization theory detection theory and mechanism design theory to
study vendor involvement in overall system security. It also provides decision support for risk
mitigation. This SpringerBrief introduces I-SCRAM a software tool to assess the risk. It
enables critical infrastructure operators to make risk-informed decisions relating to the
supply chain while deploying their IT OT and IoT systems. The authors present examples and
case studies on supply chain risk assessment mitigation of modern connected infrastructure
systems such as autonomous vehicles industrial control systems autonomous truck platooning
and more. It also discusses how vendors of different system components are involved in the
overall security posture of the system and how the risk can be mitigated through vendor
selection and diversification. The specific topics in this book include: Risk modeling and
analysis of IoT supply chains Methodologies for risk mitigation policy management
accountability and cyber insurance Tutorial on a software tool for supply chain risk
management of IoT These topics are supported by up-to-date summaries of the authors' recent
research findings. The authors introduce a taxonomy of supply chain security and discusses the
future challenges and directions in securing the supply chains of IoT systems. It also focuses
on the need for joint policy and technical solutions to counter the emerging risks where
technology should inform policy and policy should regulate technology development.This
SpringerBrief has self-contained chapters facilitating the readers to peruse individual topics
of interest. It provides a broad understanding of the emerging field of cyber supply chain
security in the context of IoT systems to academics industry professionals and government
officials.
