DOE Patents title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: Framework and methodology for supply chain lifecycle analytics

Abstract

The various technologies presented herein relate to pertaining to identifying and mitigating risks and attacks on a supply chain. A computer-implemented representation of a supply chain is generated comprising nodes (locations) and edges (objects, information). Risk to attack and different attack vectors can be defined for the various nodes and edges, and further, based upon the risks and attacks, (difficulty, consequence) pairs can be determined. One or more mitigations can be generated to increase a difficulty of attack and/or reduce consequence of an attack. The one or more mitigations can be constrained, e.g., by cost, time, etc., to facilitate determination of how feasible a respective mitigation is to implement with regard to finances available, duration to implement, etc. A context-free grammar can be utilized to identify one or more attacks in the supply chain. Further, the risks can undergo a ranking to enable mitigation priority to be determined.

Inventors:
; ; ; ; ;
Issue Date:
Research Org.:
Sandia National Laboratories (SNL), Albuquerque, NM, and Livermore, CA (United States)
Sponsoring Org.:
USDOE
OSTI Identifier:
1455194
Patent Number(s):
9992219
Application Number:
14/940,005
Assignee:
National Technology & Engineering Solutions of Sandia, LLC (Albuquerque, NM)
Patent Classifications (CPCs):
G - PHYSICS G06 - COMPUTING G06F - ELECTRIC DIGITAL DATA PROCESSING
G - PHYSICS G06 - COMPUTING G06Q - DATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES
DOE Contract Number:  
AC04-94AL85000
Resource Type:
Patent
Resource Relation:
Patent File Date: 2015 Nov 12
Country of Publication:
United States
Language:
English
Subject:
97 MATHEMATICS AND COMPUTING

Citation Formats

Hamlet, Jason, Eames, Brandon K., Kao, Gio K., Lin, Han Wei, Helinski, Ryan, and Michalski, John T. Framework and methodology for supply chain lifecycle analytics. United States: N. p., 2018. Web.
Hamlet, Jason, Eames, Brandon K., Kao, Gio K., Lin, Han Wei, Helinski, Ryan, & Michalski, John T. Framework and methodology for supply chain lifecycle analytics. United States.
Hamlet, Jason, Eames, Brandon K., Kao, Gio K., Lin, Han Wei, Helinski, Ryan, and Michalski, John T. Tue . "Framework and methodology for supply chain lifecycle analytics". United States. https://www.osti.gov/servlets/purl/1455194.
@article{osti_1455194,
title = {Framework and methodology for supply chain lifecycle analytics},
author = {Hamlet, Jason and Eames, Brandon K. and Kao, Gio K. and Lin, Han Wei and Helinski, Ryan and Michalski, John T.},
abstractNote = {The various technologies presented herein relate to pertaining to identifying and mitigating risks and attacks on a supply chain. A computer-implemented representation of a supply chain is generated comprising nodes (locations) and edges (objects, information). Risk to attack and different attack vectors can be defined for the various nodes and edges, and further, based upon the risks and attacks, (difficulty, consequence) pairs can be determined. One or more mitigations can be generated to increase a difficulty of attack and/or reduce consequence of an attack. The one or more mitigations can be constrained, e.g., by cost, time, etc., to facilitate determination of how feasible a respective mitigation is to implement with regard to finances available, duration to implement, etc. A context-free grammar can be utilized to identify one or more attacks in the supply chain. Further, the risks can undergo a ranking to enable mitigation priority to be determined.},
doi = {},
journal = {},
number = ,
volume = ,
place = {United States},
year = {2018},
month = {6}
}

Works referenced in this record:

Network attack modeling, analysis, and response
patent, March 2011


Supply-chain management system
patent, August 2011


Method for evaluating a network
patent, September 2012


Methods for supply chain management incorporating uncertainty
patent, December 2013


Graphical models for cyber security analysis in enterprise networks
patent, November 2014


Availability risk assessment, resource simulation
patent, April 2017


System and method for risk detection and analysis in a computer network
patent-application, September 2005


Threats and Countermeasures Schema
patent-application, August 2007


Tactical And Strategic Attack Detection And Prediction
patent-application, September 2007


Event Detection Method and Device
patent-application, February 2008


System and apparatus for enterprise resilience
patent-application, June 2008


Value-Adaptive Security Threat Modeling and Vulnerability Ranking
patent-application, March 2009


Risk Profiling for Enterprise Risk Management
patent-application, September 2009


Risk assessment forecasting in a supply chain
patent-application, October 2009


System and Method for Supply Chain Data Mining and Analysis
patent-application, April 2010


Critically/vulnerability/risk logic analysis methodology for business enterprise and cyber security
patent-application, June 2010


System and Method for Infrastructure Risk Assessment and/or Mitigation
patent-application, March 2011


Risk Assessment and Management
patent-application, August 2013


Dashboards for Displaying Threat Insight Information
patent-application, December 2013


Method and System for Collecting Supply Chain Performance Information
patent-application, January 2014