• Home
  • Safeguarding Critical System Supply Chains Against Compromise (Networks, Processes, Parts, Materials, Software, and Information)

Safeguarding Critical System Supply Chains Against Compromise (Networks, Processes, Parts, Materials, Software, and Information)

A National Science Foundation Sponsored Workshop

(Final Report for the Workshop has been released, to view --> Click Here)

 
Date: July 14, 2022
Type: In-person
Time: 9 a.m. to 5 p.m. (US EDT)
Location: START, University of Maryland  
Cost: Free 
 
“Critical systems” are systems associated with human safety (transportation, medical), the delivery of critical services (infrastructure, energy generation), important humanitarian and military missions, and global economic stability. The risk of supply chains being compromised is a significant problem for critical systems due to the system’s long manufacturing and support life. Compromise of a system component means that its content, function, quality and/or reliability has been modified in some way (either with, or without malicious intent) to be something other than what the system expected (i.e., was qualified for).

The supply chains for system components can be compromised by natural events or the active introduction of manipulated parts, materials, software, or information, as well as interferences with networks and processes. Compromise impacts the quality, reliability, and/or security of a final system. Compromise can occur, for example, when the customer receives components that are compromised and those compromised items lead to a compromised system. In this case, a component could refer to hardware, material, software, data, algorithms, human, etc.
 
Sourcing components for critical systems is a challenge because the supply chains for the components diverge from mainstream commercial supply chains over time. As a result, the operators of critical systems impose a myriad of restrictions on how components can be sourced in order to minimize the risk of compromised components finding their way into critical systems. Similarly, the information that these systems depend on to operate can be compromised impacting the system’s support and/or manufacturing. These requirements limit the available sources and can make the process time-consuming and expensive and on the other hand, open opportunities for impostors to enter the supply chain.
 
This workshop will focus on the unique issues posed by compromised components (hardware, material, software, data, algorithms, humans), and how they can be predicted and mitigated. This is a convergent workshop whose participants will include academics, industry practitioners, and stakeholders from the critical systems community whose concern is disruption and compromise of the technology and supply chain for critical systems.
 
The workshop will address the following topics: 
  • Blockchain for supply chain (Panel Chair: Prof. Ujjwal Guin, Auburn University) 
    • Near-term proposed approaches (pros, cons, practicality)
    • How can it be used
    • Aging of distributed ledgers (long-term practicality and value)
  • Trust- establishing and eroding trust (Panel Chair: Dr. Jeremy Muldavin, Global Foundries)
    • Zero-trust approach application to information and supply chains
    • Quantifying trust
    • What can be scaled from cybersecurity to the security of “everything else”?
  • Human aspects of compromise (Panel Chair: Dr. Steve S. Sin, START, University of Maryland)
    • Workforces and workforce environments
    • Cognitive security
  • Public and organizational policies (Panel Chair: Dr. Charles Harry, University of Maryland)
    • Assessing risk
    • Effectiveness in managing compromise risk
    • Testing policies
  • Modelling – Optimizing Critical Systems Management (Panel Chair: Dr. Timothy Sprock, ARLIS, University of Maryland)
    • Disruption planning
    • System Dynamics
    • Agent-Based Modeling (ABM)

For more information about the workshop, please contact Dr. Diganta Das and Prof. Peter Sandborn.

 

► All times shown are in US Eastern Time Zone

Planned Agenda and Panelists
9.00 am        Welcome and Introductions Prof. Peter Sandborn, CALCE, University of Maryland
9.10 am Morning Keynote Christopher Nissen
9.50 am Break
10.00 am Blockchain for Supply Chain

Panel Chair: Prof. Ujjwal Guin, Auburn University

Panelists:

  • Hale Summers (Sikorsky
  • Radu Diaconescu (Swissmic SA)
  • Harvey Reed (MITRE)
11.00 am Trust: establishing and eroding trust 

Panel Chair: Dr. Jeremy Muldavin, GSA TIES and GlobalFoundaries

Panelists:

  • Candace Moix, START, University of  Maryland
  • Eileen Dombrowski, GlobalFoundaries
  • Sylvere Krima, NIST
12.00 pm Lunch
12.45 pm Afternoon Keynote Bill Stephens, ARLIS
1.15 pm Human Aspects of Compromise

Panel Chair: Dr. Steve S. Sin, START, University of Maryland

Panelists: 

  • Bill Stephens, ARLIS
  • Anthony (Tony) Kraemer, Cape Fox Shared Services
  • Juliet Aiken, Conducere
2.15 pm Break
2.30 pm Public and Organizational Policies

Panel Chair: Dr. Charles Harry, University of Maryland

Panelists

  • Bruce Kaplan, LMI
  • TJ Zitkevitz, Lockheed Martin
  • Kirsten Koepsel, McKinsey and Company
3.30 pm Modeling, Analytics and Data

Panel Chair: Dr. Timothy Sprock, ARLIS, University of Maryland

Panelists

  • Neil Brock, Draper
  • Prof. Peter Sandborn, CALCE, UMD
4.30 pm Wrap Up

 

REGISTRATION IS NOW CLOSED - CONTACT DR. DIGANTA DAS (DIGANTA@UMD.EDU) IF YOU ARE INTERESTED IN ATTENDING. WE MAY BE ABLE TO ACCOMMODATE A FEW PEOPLE IF THERE ARE CANCELLATIONS.

 


Top