Framework and methodology for supply chain lifecycle analytics
Abstract
The various technologies presented herein relate to pertaining to identifying and mitigating risks and attacks on a supply chain. A computer-implemented representation of a supply chain is generated comprising nodes (locations) and edges (objects, information). Risk to attack and different attack vectors can be defined for the various nodes and edges, and further, based upon the risks and attacks, (difficulty, consequence) pairs can be determined. One or more mitigations can be generated to increase a difficulty of attack and/or reduce consequence of an attack. The one or more mitigations can be constrained, e.g., by cost, time, etc., to facilitate determination of how feasible a respective mitigation is to implement with regard to finances available, duration to implement, etc. A context-free grammar can be utilized to identify one or more attacks in the supply chain. Further, the risks can undergo a ranking to enable mitigation priority to be determined.
- Inventors:
- Issue Date:
- Research Org.:
- Sandia National Laboratories (SNL), Albuquerque, NM, and Livermore, CA (United States)
- Sponsoring Org.:
- USDOE
- OSTI Identifier:
- 1455194
- Patent Number(s):
- 9992219
- Application Number:
- 14/940,005
- Assignee:
- National Technology & Engineering Solutions of Sandia, LLC (Albuquerque, NM)
- Patent Classifications (CPCs):
-
G - PHYSICS G06 - COMPUTING G06F - ELECTRIC DIGITAL DATA PROCESSING
G - PHYSICS G06 - COMPUTING G06Q - DATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES
- DOE Contract Number:
- AC04-94AL85000
- Resource Type:
- Patent
- Resource Relation:
- Patent File Date: 2015 Nov 12
- Country of Publication:
- United States
- Language:
- English
- Subject:
- 97 MATHEMATICS AND COMPUTING
Citation Formats
Hamlet, Jason, Eames, Brandon K., Kao, Gio K., Lin, Han Wei, Helinski, Ryan, and Michalski, John T. Framework and methodology for supply chain lifecycle analytics. United States: N. p., 2018.
Web.
Hamlet, Jason, Eames, Brandon K., Kao, Gio K., Lin, Han Wei, Helinski, Ryan, & Michalski, John T. Framework and methodology for supply chain lifecycle analytics. United States.
Hamlet, Jason, Eames, Brandon K., Kao, Gio K., Lin, Han Wei, Helinski, Ryan, and Michalski, John T. Tue .
"Framework and methodology for supply chain lifecycle analytics". United States. https://www.osti.gov/servlets/purl/1455194.
@article{osti_1455194,
title = {Framework and methodology for supply chain lifecycle analytics},
author = {Hamlet, Jason and Eames, Brandon K. and Kao, Gio K. and Lin, Han Wei and Helinski, Ryan and Michalski, John T.},
abstractNote = {The various technologies presented herein relate to pertaining to identifying and mitigating risks and attacks on a supply chain. A computer-implemented representation of a supply chain is generated comprising nodes (locations) and edges (objects, information). Risk to attack and different attack vectors can be defined for the various nodes and edges, and further, based upon the risks and attacks, (difficulty, consequence) pairs can be determined. One or more mitigations can be generated to increase a difficulty of attack and/or reduce consequence of an attack. The one or more mitigations can be constrained, e.g., by cost, time, etc., to facilitate determination of how feasible a respective mitigation is to implement with regard to finances available, duration to implement, etc. A context-free grammar can be utilized to identify one or more attacks in the supply chain. Further, the risks can undergo a ranking to enable mitigation priority to be determined.},
doi = {},
journal = {},
number = ,
volume = ,
place = {United States},
year = {Tue Jun 05 00:00:00 EDT 2018},
month = {Tue Jun 05 00:00:00 EDT 2018}
}
Works referenced in this record:
Network attack modeling, analysis, and response
patent, March 2011
- Jajodia, Sushil; Noel, Steven E.; Kalapa, Pramod
- US Patent Document 7,904,962
Method for evaluating a network
patent, September 2012
- Lotem, Amnon; Choen, Gideon; Meiseles, Moshe
- US Patent Document 8,272,061
Enterprise information security management software for prediction modeling with interactive graphs
patent, August 2013
- Bennett, Jeff; Stager, Mike; Shevlin, Gordon
- US Patent Document 8,516,594
Methods for supply chain management incorporating uncertainty
patent, December 2013
- Srinivasa, Prasanna Gorur Narayana; Bagchi, Abhishek; Agarwal, Ankit
- US Patent Document 8,620,729
Graphical models for cyber security analysis in enterprise networks
patent, November 2014
- Levy, Renato; Li, Hongjun; Liu, Peng
- US Patent Document 8,881,288
Availability risk assessment, resource simulation
patent, April 2017
- Adogla, Eden G.; Agarwal, Manish
- US Patent Document 9,619,772
System and method for risk detection and analysis in a computer network
patent-application, September 2005
- Cohen, Gideon; Meiseles, Moshe; Reshef, Eran
- US Patent Document 11/118308; 20050193430
Threats and Countermeasures Schema
patent-application, August 2007
- Meier, John D.; Vasireddy, Srinath; Dunner, Michael
- US Patent Document 11/382857; 20070192344
Tactical And Strategic Attack Detection And Prediction
patent-application, September 2007
- Gilbert, Logan; Morgan, Robert J.; Keen, Arthur A.
- US Patent Application 11/688540; 20070226796
Event Detection Method and Device
patent-application, February 2008
- Cao, Bin; Wang, Yong
- US Patent Document 11/753716; 20080052780
System and apparatus for enterprise resilience
patent-application, June 2008
- Jalinous, Mady
- US Patent Document 11/978616; 20080133300
Method and apparatus for a processing risk assessment and operational oversight framework
patent-application, June 2008
- Wade, Claude E.
- US Patent Document 11/982562; 20080154679
Value-Adaptive Security Threat Modeling and Vulnerability Ranking
patent-application, March 2009
- Chen, Yue; Boehm, Barry W.; Sheppard, Luke
- US Patent Document 12/047293; 20090077666
Risk Profiling for Enterprise Risk Management
patent-application, September 2009
- Foley, Simon N.; Moss, Harold B.
- US Patent Document 12/044296; 20090228316
Risk assessment forecasting in a supply chain
patent-application, October 2009
- Shah, Mitul; Owusu, Gilbert Kwame; Kern, Mathias
- US Patent Document 12/078190; 20090248488
System and Method for Supply Chain Data Mining and Analysis
patent-application, April 2010
- Shah-Hosseini, Amin
- US Patent Document 12/579106; 20100095158
Critically/vulnerability/risk logic analysis methodology for business enterprise and cyber security
patent-application, June 2010
- Guinta, Lawrence R.; Frantzve, Lori A.
- US Patent Document 11/792983; 20100153156
System and Method for Infrastructure Risk Assessment and/or Mitigation
patent-application, March 2011
- Frantzve, Lori; Guinta, Lawrence R.
- US Patent Document 12/760400; 20110071872
Risk Assessment and Management
patent-application, August 2013
- Bilello, Ubaldo G.; Eickelmann, Hans-Juergen; Fabrize, Ricardo L.
- US Patent Document 13/407627; 20130226652
Dashboards for Displaying Threat Insight Information
patent-application, December 2013
- Hagar, David Eric; Eddy, Steve
- US Patent Document 13/913231; 20130333028
Method and System for Collecting Supply Chain Performance Information
patent-application, January 2014
- Linton, Thomas K.; Fong, Gary; Whipple, Mark
- US Patent Document 13/935114; 20140018949