Добірка наукової літератури з теми "Software Supply Chain Security"

Оформте джерело за APA, MLA, Chicago, Harvard та іншими стилями

Оберіть тип джерела:

Ознайомтеся зі списками актуальних статей, книг, дисертацій, тез та інших наукових джерел на тему "Software Supply Chain Security".

Біля кожної праці в переліку літератури доступна кнопка «Додати до бібліографії». Скористайтеся нею – і ми автоматично оформимо бібліографічне посилання на обрану працю в потрібному вам стилі цитування: APA, MLA, «Гарвард», «Чикаго», «Ванкувер» тощо.

Також ви можете завантажити повний текст наукової публікації у форматі «.pdf» та прочитати онлайн анотацію до роботи, якщо відповідні параметри наявні в метаданих.

Статті в журналах з теми "Software Supply Chain Security"

1

Morkūnas, Mangirdas, Elzė Rudienė, and Aleksander Ostenda. "CAN CLIMATE-SMART AGRICULTURE HELP TO ASSURE FOOD SECURITY THROUGH SHORT SUPPLY CHAINS? A SYSTEMATIC BIBLIOMETRIC AND BIBLIOGRAPHIC LITERATURE REVIEW." Journal Business, Management and Economics Engineering 20, no. 02 (July 14, 2022): 207–23. http://dx.doi.org/10.3846/bmee.2022.17101.

Повний текст джерела
Анотація:
Purpose – This paper aims to reveal potential research possibilities for enhancing climate-smart agriculture through short supply chains. Research question – How can short supply chains assure food security and the promotion of climate-smart agriculture? Research methodology – Bibliographic and bibliometric coupling techniques were employed using data from 1990–2022. The raw data was processed using the VOSviewer 1.6.18 software version. Findings – The results confirm the positive effect of the systemically important relationship between the short supply chain and food security. Research limitations – Climate-smart agriculture is a complex and multifaceted phenomenon. Additional variables may have moderating and mediating effects on the impact of short supply chains on food security. Practical implications – The results establish the importance of having a short supply chain for food security in different aspects of the process from the harvest to the table. Originality and value – This study confirms the rationale for developing shorter food supply chains to assure food security and climate-smart agriculture when possible.
Стилі APA, Harvard, Vancouver, ISO та ін.
2

P.N., Sindhuja. "The impact of information security initiatives on supply chain robustness and performance: an empirical study." Information & Computer Security 29, no. 2 (June 10, 2021): 365–91. http://dx.doi.org/10.1108/ics-07-2020-0128.

Повний текст джерела
Анотація:
Purpose Information security is an essential element in all business activities. The damage to businesses from information security breaches has become pervasive. The scope of information security has widened as information has become a critical supply chain asset, making it more important to protect the organization’s data. Today’s global supply chains rely upon the speedy and robust dissemination of information among supply chain partners. Hence, processing of accurate supply chain information is quintessential to ensure the robustness and performance of supply chains. An effective information security management (ISM) is deemed to ensure the robustness of supply chains. The purpose of the paper is to examine the impact of information security initiatives on supply chain robustness and performance. Design/methodology/approach Based on extant literature, a research model was developed and validated using a questionnaire survey instrument administered among information systems/information technology managers. Data collected were analyzed using exploratory and confirmatory factor analysis. Further, to test the hypotheses and to fit the theoretical model, Structural equation modeling techniques were used. Findings Results of this study indicated that information security initiatives are positively associated with supply chain robustness and performance. These initiatives are likely to enhance the robustness and performance of the supply chains. Originality/value With the advancements in internet technologies and capabilities as well as considering the dynamic environment of supply chains, this study is relevant in terms of the capability that an organization needs to acquire with regards to ISM. Benefiting from the resource dependency theory, information security initiatives could be considered as a critical resource having an influence on the internal and external environment of supply chains.
Стилі APA, Harvard, Vancouver, ISO та ін.
3

Kaczorowski, Maya, Falcon Momot, George V. Neville-Neil, and Chris McCubbin. "OSS Supply-chain Security: What Will It Take?" Queue 20, no. 5 (October 31, 2022): 86–102. http://dx.doi.org/10.1145/3570923.

Повний текст джерела
Анотація:
While enterprise security teams naturally tend to turn their focus primarily to direct attacks on their own infrastructure, cybercrime exploits now are increasingly aimed at easier targets upstream. This has led to a perfect storm, since virtually all significant codebase repositories at this point include at least some amount of open-source software. But opportunities also abound there for the authors of malware. The broader cybercrime world, meanwhile, has noted that open-source supply chains are generally easy to penetrate. What's being done at this point to address the apparent risks?
Стилі APA, Harvard, Vancouver, ISO та ін.
4

Barabanov, Alexander V., Alexey S. Markov, and Valentin L. Tsirlov. "Information security systematics of software supply chains." Bezopasnost informacionnyh tehnology 26, no. 3 (September 2019): 68–79. http://dx.doi.org/10.26583/bit.2019.3.06.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
5

Turjo, Manoshi Das, Mohammad Monirujjaman Khan, Manjit Kaur, and Atef Zaguia. "Smart Supply Chain Management Using the Blockchain and Smart Contract." Scientific Programming 2021 (September 28, 2021): 1–12. http://dx.doi.org/10.1155/2021/6092792.

Повний текст джерела
Анотація:
The manufacture of raw materials to deliver the product to the consumer in a traditional supply chain system is a manual process with insufficient data and transaction security. It also takes a significant amount of time, making the entire procedure lengthy. Overall, the undivided process is ineffective and untrustworthy for consumers. If blockchain and smart contract technologies are integrated into traditional supply chain management systems, data security, authenticity, time management, and transaction processes will all be significantly improved. Blockchain is a revolutionary, decentralized technology that protects data from unauthorized access. The entire supply chain management (SCM) will be satisfied with the consumer once smart contracts are implemented. The plan becomes more trustworthy when the mediator is contracted, which is doable in these ways. The tags employed in the conventional SCM process are costly and have limited possibilities. As a result, it is difficult to maintain product secrecy and accountability in the SCM scheme. It is also a common target for wireless attacks (reply attacks, eavesdropping, etc.). In SCM, the phrase “product confidentiality” is very significant. It means that only those who have been validated have access to the information. This paper emphasizes reducing the involvement of third parties in the supply chain system and improving data security. Traditional supply chain management systems have a number of significant flaws. Lack of traceability, difficulty maintaining product safety and quality, failure to monitor and control inventory in warehouses and shops, rising supply chain expenses, and so on, are some of them. The focus of this paper is on minimizing third-party participation in the supply chain system and enhancing data security. This improves accessibility, efficiency, and timeliness throughout the whole process. The primary advantage is that individuals will feel safer throughout the payment process. However, in this study, a peer-to-peer encrypted system was utilized in conjunction with a smart contract. Additionally, there are a few other features. Because this document makes use of an immutable ledger, the hacker will be unable to get access to it. Even if they get access to the system, they will be unable to modify any data. If the goods are defective, the transaction will be halted, and the customer will be reimbursed, with the seller receiving the merchandise. By using cryptographic methods, transaction security will be a feasible alternative for recasting these issues. Finally, this paper will demonstrate how to maintain the method with the maximum level of safety, transparency, and efficiency.
Стилі APA, Harvard, Vancouver, ISO та ін.
6

Ehsan, Ibtisam, Muhammad Irfan Khalid, Laura Ricci, Jawaid Iqbal, Amerah Alabrah, Syed Sajid Ullah, and Taha M. Alfakih. "A Conceptual Model for Blockchain-Based Agriculture Food Supply Chain System." Scientific Programming 2022 (February 28, 2022): 1–15. http://dx.doi.org/10.1155/2022/7358354.

Повний текст джерела
Анотація:
In agriculture supply chain management, traceability is a crucial aspect to ensure food safety for increasing customer loyalty and satisfaction. Lack of quality assurance in centralized data storage makes us move towards a new approach based on a decentralized system in which transparency and quality assurance is guaranteed throughout the supply chain from producer to consumer. The current supply chain model has some disadvantages like a communication gap between the entities of the supply chain and no information about the travel history and origin of the product. The use of technology improves the communication and relation between various farmers and stakeholders. Blockchain technology acquires transparency and traceability in the supply chain, provides transaction records traceability, and enhances security for the whole supply chain. In this paper, we present a blockchain-based, fully decentralized traceability model that ensures the integrity and transparency of the system. This new model eliminated most of the disadvantages of the traditional supply chain. For the coordination of all transactions in the supply chain, we proposed a decentralized supply chain model along with a smart contract.
Стилі APA, Harvard, Vancouver, ISO та ін.
7

Wang, Lai-Wang, Chen-Chih Hung, and Ching-Tang Hsieh. "Security Strategy Optimization and Algorithm Based on 3D Economic Sustainable Supply Chain." Scientific Programming 2022 (September 10, 2022): 1–11. http://dx.doi.org/10.1155/2022/9972658.

Повний текст джерела
Анотація:
Based on the background of system intelligence in the Internet of things era, this paper applied the design field of interaction design and user experience in the early days, and conducted further in-depth investigation through a large number of case studies and the use of quantitative and qualitative investigation methods. Based on this, the theories and strategies of the interaction design between enterprise members and intelligent machines were put forward and tested by actual design. At present, air pollution, energy shortage, and other issues are becoming more and more prominent, and calls for energy conservation, emission reduction, strengthening corporate social responsibility, and reducing the impact of economic development on the environment and society are growing. Therefore, companies must rethink their strategies and adapt their supply chains. Based on limited resources, enterprise machines have traditionally acted as a tool or a communication tool for a person. Yet, at the same time as the economy develops, the direct interaction between human and machine gradually emerges, and the economic development of an enterprise is bound to contradict environmental protection and social responsibility. Therefore, for enterprises, in different periods, different priority strategies will be adopted for the three dimensions of economy, environment, and society. The results showed that the economic benefit has increased by about 30% or more, and the ecological pollution has been reduced by about 40% on the original basis. Under the action of a sustainable supply chain, consumer satisfaction tends to be full and can be maintained at about 97%. In this context, the comparative analysis of the strategic optimization of enterprises in the supply chain is the focus of this thesis.
Стилі APA, Harvard, Vancouver, ISO та ін.
8

Marjanovic, Jelena, Nikola Dalcekovic, and Goran Sladic. "Blockchain-based model for tracking compliance with security requirements." Computer Science and Information Systems, no. 00 (2022): 60. http://dx.doi.org/10.2298/csis210923060m.

Повний текст джерела
Анотація:
The increasing threat landscape in Industrial Control Systems (ICS) brings different risk profiles with comprehensive impacts on society and safety. The complexity of cybersecurity risk assessment increases with a variety of third-party software components that comprise a modern ICS supply chain. A central issue in software supply chain security is the evaluation whether the secure development lifecycle process (SDL) is being methodologically and continuously practiced by all vendors. In this paper, we investigate the possibility of using a decentralized, tamper-proof system that will provide trustworthy visibility of the SDL metrics over a certain period, to any authorized auditing party. Results of the research provide a model for creating a blockchain-based approach that allows inclusion of auditors through a consortium decision while responding to SDL use cases defined by this paper. The resulting blockchain architecture successfully responded to requirements mandated by the security management practice as defined by IEC 62443-4-1 standard.
Стилі APA, Harvard, Vancouver, ISO та ін.
9

Kusumastuti, Ratna Yulia, Heti Mulyati, and Gendut Suprayitno. "Disclosure Integration of Lean Six Sigma Principles in Sustainable Supply Chain in Poultry Industry." Indonesian Interdisciplinary Journal of Sharia Economics (IIJSE) 4, no. 1 (October 6, 2021): 300–312. http://dx.doi.org/10.31538/iijse.v4i1.1706.

Повний текст джерела
Анотація:
The poultry industry has been in the spotlight for its enormous potential economic development. However, poultry industry is still not implementing the concept of sustainability properly. There are still many wastes that have not been managed properly and there are still many problems in the supply chain that require more systematic handling. Many studies have shown that the implementation of Lean Six Sigma (LSS) and sustainability has positive results on the company's bottom line performance. This research tried to integrate the application of LSS principles and sustainability along the supply chain in the poultry industry in Indonesia. Data were collected from 4 listed poultry firms in Indonesia. The research method used SEM PLS with SmartPLS software. The results showed that supply chain security management system disclosure as the principle of LSS had a positive effect on the collaboration of supply chain disclosure and collaboration of supply chain disclosure had a positive effect on sustainability. The results also showed that risk management disclosure had a negative effect on the collaboration of supply chain disclosure and economic sustainability had a negative effect on environmental sustainability, but social sustainability had a positive effect on environmental sustainability. Based on the results of this study, there is a need to improve supply chain security management system and supply chain collaboration in order to advance sustainable poultry industry.
Стилі APA, Harvard, Vancouver, ISO та ін.
10

Куликов, Сергей Сергеевич, Владимир Иванович Белоножкин, and Николай Алексеевич Ююкин. "ANALYSIS OF INFORMATION SECURITY THREATS, ASSOCIATED WITH SUPPLY CHAIN ATTACKS." ИНФОРМАЦИЯ И БЕЗОПАСНОСТЬ, no. 1(-) (April 5, 2022): 135–40. http://dx.doi.org/10.36622/vstu.2022.25.1.011.

Повний текст джерела
Анотація:
В данной статье представлен анализ угроз информационной безопасности, связанных с атаками на цепи поставок, которые могут использоваться для нарушения информационной безопасности организации без прямых воздействий на ее информационно-технологическую инфраструктуру. В контексте информационной безопасности, атака на цепь поставки предполагает целенаправленные злоумышленные воздействия на активы поставщика с целью последующего нарушения информационной безопасности потребителя. Этот тип атак сегодня приобретает особую актуальность как наиболее эффективный среди всего множества угроз информационной безопасности ввиду принципиальных особенностей, существенно затрудняющих противодействие им: возможность злоумышленника по выбору наиболее незащищенного элемента для атаки, необходимость координации действий нескольких организационных структур для противодействия таким атакам, устранения последствий от их реализации и расследования их причин. Также приведен анализ научной, методической и технической литературы, описывающей сценарии известных атак на цепи поставок программного и аппаратного обеспечения. This article presents an analysis of information security threats associated with attacks on the supply chain, which can be used to violate the information security of an organization without direct impacts on its information technology infrastructure. In the context of information security, an attack on the supply chain involves targeted malicious impacts on the supplier's assets with the aim of further violating the consumer's information security. This type of attacks is becoming particularly relevant today as the most effective among all the many threats to information security due to the fundamental features that significantly complicate countering them: the possibility of choosing the most unprotected element of the chain for an attack, the need to coordinate the actions of several organizational structures to counter such attacks, eliminate the consequences of their implementation and investigate their causes. The analysis of scientific, methodological and technical literature describing scenarios of known attacks on the supply chain of software and hardware is also given.
Стилі APA, Harvard, Vancouver, ISO та ін.

Дисертації з теми "Software Supply Chain Security"

1

Vu, Duc Ly. "Towards Understanding and Securing the OSS Supply Chain." Doctoral thesis, Università degli studi di Trento, 2022. http://hdl.handle.net/11572/333508.

Повний текст джерела
Анотація:
Free and Open-Source Software (FOSS) has become an integral part of the software supply chain in the past decade. Various entities (automated tools and humans) are involved at different stages of the software supply chain. Some actions that occur in the chain may result in vulnerabilities or malicious code injected in a published artifact distributed in a package repository. At the end of the software supply chain, developers or end-users may consume the resulting artifacts altered in transit, including benign and malicious injection. This dissertation starts from the first link in the software supply chain, ‘developers’. Since many developers do not update their vulnerable software libraries, thus exposing the user of their code to security risks. To understand how they choose, manage and update the libraries, packages, and other Open-Source Software (OSS) that become the building blocks of companies’ completed products consumed by end-users, twenty-five semi-structured interviews were conducted with developers of both large and small-medium enterprises in nine countries. All interviews were transcribed, coded, and analyzed according to applied thematic analysis. Although there are many observations about developers’ attitudes on selecting dependencies for their projects, additional quantitative work is needed to validate whether behavior matches or whether there is a gap. Therefore, we provide an extensive empirical analysis of twelve quality and popularity factors that should explain the corresponding popularity (adoption) of PyPI packages was conducted using our tool called py2src. At the end of the software supply chain, software libraries (or packages) are usually downloaded directly from the package registries via package dependency management systems under the comfortable assumption that no discrepancies are introduced in the last mile between the source code and their respective packages. However, such discrepancies might be introduced by manual or automated build tools (e.g., metadata, Python bytecode files) or for evil purposes (malicious code injects). To identify differences between the published Python packages in PyPI and the source code stored on Github, we developed a new approach called LastPyMile . Our approach has been shown to be promising to integrate within the current package dependency management systems or company workflow for vetting packages at a minimal cost. With the ever-increasing numbers of software bugs and security vulnerabilities, the burden of secure software supply chain management on developers and project owners increases. Although automated program repair approaches promise to reduce the burden of bug-fixing tasks by suggesting likely correct patches for software bugs, little is known about the practical aspects of using APR tools, such as how long one should wait for a tool to generate a bug fix. To provide a realistic evaluation of five state-of-the-art APR tools, 221 bugs from 44 open-source Java projects were run within a reasonable developers’ time and effort.
Стилі APA, Harvard, Vancouver, ISO та ін.
2

Massimino, Brett J. "Operational Factors Affecting the Confidentiality of Proprietary Digital Assets." The Ohio State University, 2014. http://rave.ohiolink.edu/etdc/view?acc_num=osu1405683732.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
3

Sichel, Alexander R. (Alexander Russell). "Supply chain security along the Columbia River : an analysis of maritime supply chain security with respect to communication between security experts." Thesis, Massachusetts Institute of Technology, 2005. http://hdl.handle.net/1721.1/33589.

Повний текст джерела
Анотація:
Thesis (S.M.)--Massachusetts Institute of Technology, Dept. of Ocean Engineering, 2005.
Includes bibliographical references (leaves 74-75).
The amount of cargo that enters the US border is at an all time high. Cargo containers and vessel shipments enter the US from all over the world. Tracking these shipments from their origin to destination requires professional expertise. Security organizations, such as the Regional Maritime Security Coalition of the Columbia River, realize the potential of these professionals, who track and coordinate cargo containers as they move through a supply chain, to enhance security of maritime cargo. In order to utilize these supply chain logistic professionals in a security coalition, proper training and certification would be required to comply with the US Federal Code on Liability Protection. This study examines the requirements that are necessary to certify supply chain logistic professionals as certified volunteers in an information sharing, security communication network to prevent terrorist activity, smuggling, theft, and to assist in general crisis mitigation. The thesis studies how the RMSC is currently developing its security communication system around supply chain logistic professionals, and the requirements and training that would be necessary to certify them under the US Federal Code.
by Alexander R. Sichel.
S.M.
Стилі APA, Harvard, Vancouver, ISO та ін.
4

Park, Hong. "Impact of supply chain security orientation on port performance." Thesis, Cardiff University, 2013. http://orca.cf.ac.uk/52117/.

Повний текст джерела
Анотація:
The terrorist attack at September 11, 2001 in the United States of America had a huge impact on the security of international cargo transportation. In order to minimize the threat of terrorism and secure the movement of goods in the supply chain, security initiatives such as ISPS code and CSI are adopted by the United Nations and the United States. Also, the term ‘security’ has emerged as an independent area of study in supply chain management studies after the 2000s. The objective of this study is to examine the impact of Supply Chain Security Orientation on Port Performance in the context of Korea. In order to explore the causal relationships, this study utilized Structural Equation Modelling (SEM) to examine the relationships. Also, a multi-group analysis between port group (port A and B) and port user group (shipping companies, forwarding companies, etc) was conducted to investigate the differences of the perceptions in two groups. This is to fill the gaps from previous studies by conducting quantitative and confirmatory research in the field of supply chain security. This study develops a conceptual model by literature review and semi-structured interviews in order to identify the impact of the constructs: Antecedents, Supply Chain Security Orientation, and Port Performance. There are 11 variables in total, and in-depth analysis of the inter-relationships among variables is identified. In conclusion, this study empirically develops a structural model and identified the importance of Financial Resources (FR), Supply Chain Security Initiatives (SCSI), Security Preparation and Planning (SPP), Security Related Partnership (SRP), Security Dedicated Communication and Technology (SDCT), Security Culture (SC), and Security Education (SE) on Port Performance. Also, the differences in perceptions between port group and port user group of the variables in the construct were also explored.
Стилі APA, Harvard, Vancouver, ISO та ін.
5

Garshasbi, Farzam, and Ebrahimi Shahram Pasha. "Supply Chain Security Programs Comparing TAPA FSR with ISPS." Thesis, Högskolan i Borås, Institutionen Ingenjörshögskolan, 2012. http://urn.kb.se/resolve?urn=urn:nbn:se:hb:diva-16642.

Повний текст джерела
Анотація:
In this era, where international outsourcing and global distribution systems are thriving, providing the security of products in the logistic system is very crucial now. For corporates, it is highly vital to know how secure high-tech products and materials are handled, warehoused and transported as they move throughout the globe. Different international security standards have been introduced, two of which are TAPA FSR and ISPS. TAPA FSR (Freight Security Requirements) defines the smallest required security standards for goods travelling throughout the supply chain and the suitable approaches in keeping those standards. ISPS (International Ship and Port Facility Security) is another security standard which identifies the tasks of governments, shipping companies, shipboard personnel, and port/facility personnel to find security threats and take preemptive actions against security events influencing ships or port facilities used in global business. This research attempts to study the literature on security of transportation in supply chain. By comparing the requirements of TAPA FSR and ISPS, we aim to find their basic differences and to analyze to what extent the two standards respond to the crucial concepts of security in the supply chain.
Program: BSc in Industrial Engineering - International Business Engineering
Стилі APA, Harvard, Vancouver, ISO та ін.
6

Holt, Christopher Michael Taylor 1968. "Supply chain simulator : an approach for development of software and methodology for simulation of supply chain management." Thesis, Massachusetts Institute of Technology, 1999. http://hdl.handle.net/1721.1/9495.

Повний текст джерела
Анотація:
Thesis (M.Eng.)--Massachusetts Institute of Technology, Dept. of Civil and Environmental Engineering, 1999.
Includes bibliographical references (leaves 94-97).
Many companies see how new strategies and technologies can enable more efficient and adaptive supply chains-but they struggle to understand how these technologies overlay with existing processes and personnel issues both during and after implementation. This thesis investigates the concept of a simulated environment where multiple constituents whether they are different parts of a company's organization or different companies within a supply chain-can come together to design and experiment with new supply chain structures. The thesis explores the argument that the supply chain can be simulated, and evaluates different approaches to developing such a simulation that would allow low-risk experimentation and accelerated learning for supply chain managers. The thesis begins with an executive summary that provides a high level treatment of the challenges and recommendations associated with supply chain simulation, then proceeds to present a definition of the elaborate interrelationships between companies, technologies and business processes that collectively shape an industry's supply chain. This is followed by a discussion of complexity theory and general simulation techniques that could be applicable to the development of a software simulation environment in this area. Then, a review of efforts to date to simulate management of the supply chain, including approach, resources required, and eventual results is followed by a recommendation and justification of the thesis' approach to supply chain simulation. Finally, operating methods are presented for development and management of the learning and decision-making processes required to best utilize the software. The conclusion of the thesis is that because of the emergence of new technologies, the supply chain can be simulated for practical experimentation and learning. It is apparent that significant supply chain performance improvement can be identified and quantified through simulation. The thesis recommends using agent-based modeling, specifically a software package called Swarm, as the software environment. The software should be supported by operating methods that can maximize its capabilities while encouraging the likelihood of adoption of solutions identified.
by Christopher Michael Taylor Holt.
M.Eng.
Стилі APA, Harvard, Vancouver, ISO та ін.
7

Malinowski, Mateusz Ksawery. "CargoNet : micropower sensate tags for supply-chain management and security." Thesis, Massachusetts Institute of Technology, 2007. http://hdl.handle.net/1721.1/41654.

Повний текст джерела
Анотація:
Thesis (M. Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2007.
Includes bibliographical references (p. 109-113).
This thesis describes the development of a system of sensate active RFID tags for supply-chain management and security applications, necessitated by the current lack of commercial platforms capable of monitoring the state of shipments at the crate and case level. To make a practical prototype, off-the-shelf components and custom-designed circuits that minimize power consumption and cost were assembled and integrated into an interrupt-driven, quasi-passive system that can monitor, log, and report environmental conditions inside a shipping crate while consuming only 23.7 microwatts of average power. To prove the feasibility of the system, the tags were tested in the laboratory and aboard transport conveyances.
by Mateusz Ksawery Malinowski.
M.Eng.
Стилі APA, Harvard, Vancouver, ISO та ін.
8

Barcelos, Mariana Alexandra Aleixo de. "Towards a security framework for the semiconductor supply chain environment." Master's thesis, Universidade de Aveiro, 2018. http://hdl.handle.net/10773/23555.

Повний текст джерела
Анотація:
Mestrado em Engenharia Eletrónica e Telecomunicações
Hoje em dia, a troca de informação entre os parceiros da cadeia de forne-cimento de semicondutores pode ser alvo de muitas ameaças de segurança conhecidas e desconhecidas no ambiente interno/externo dos parceiros. Particularmente, estas vulnerabilidades, no ambiente da cadeia de fornecimento de semicondutores, podem ser exploradas por atacantes com um amplo espectro de motivações que vão desde intenções criminais, visando o ganho financeiro, até à espionagem industrial e a cyber-sabotagem. Os atacantes podem comprometer a comunicação de dados entre parceiros na cadeia de fornecimento e, portanto, podem prejudicar o fornecimento de serviços pelos parceiros, bem como a continuidade da prestação de serviços. Como resultado, os parceiros da cadeia de fornecimento de semicondutores poderão sofrer repercussões nocivas que podem causar perdas significativas de receita, destruição da sua marca e atrasos no avanço das suas tecnologias. Consequentemente, uma plataforma de segurança para o ambiente da cadeia de fornecimento de semicondutores é de extrema importância. Assim, a intenção desta tese é fornecer uma base para uma plataforma de segurança para comunicação segura de dados entre todos os parceiros da cadeia de fornecimento de semicondutores.
Nowadays, data communication across the partners in the semiconductor supply chain can be the target of many known and unknown security threats exploiting security vulnerabilities in the internal/external environment of the partners. Particularly, these vulnerabilities in the semiconductor supply chain environment can be exploited by attackers with a wide spectrum of motivations ranging from criminal intents aimed at nancial gain to industrial espionage and cyber-sabotage. Attackers can compromise the data communication between legitimate parties in the supply chain and thus can jeopardize the delivery of services across the partners as well as the continuity of the service provision. As a result, semiconductor supply chain partners will su er from damaging repercussions which can cause signi cant revenue loss, destroy their brand and eventually hinder their advancement. Consequently, a security framework for the semiconductor supply chain environment is of utmost importance. Hence, the intent of this thesis is to provide a foundation for a security framework for secure data communication across the partners in the semiconductor supply chain.
Стилі APA, Harvard, Vancouver, ISO та ін.
9

Williams, Zachary. "Supply chain security an institutional approach to strategies and outcomes /." Diss., Mississippi State : Mississippi State University, 2008. http://library.msstate.edu/etd/show.asp?etd=etd-03312008-163918.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
10

Sheinbein, Rachel Felice 1975. "Applying supply chain methodology to a centralized software licensing strategy." Thesis, Massachusetts Institute of Technology, 2004. http://hdl.handle.net/1721.1/34781.

Повний текст джерела
Анотація:
Thesis (M.B.A.)--Massachusetts Institute of Technology, Sloan School of Management; and, (S.M.)--Massachusetts Institute of Technology, Dept. of Civil and Environmental Engineering; in conjunction with the Leaders for Manufacturing Program at MIT, 2004.
Includes bibliographical references (p. 76).
Eleven percent of companies spend between $150K and $200K per year per engineer on software development tools and nine percent spend more than $200K, according to a Silicon Integration Initiative/Gartner/EE Times study from 2002. For Agilent Technologies, these costs result in spending tens of millions of dollars each year on software, and for Motorola, the costs are more than $100M each year. From the current trends in software spending, one can infer that companies will pay even more for software in the future, because the cost of the software itself is rising and because of the complexity of the technology needed for innovation. In order to understand whether the total spending on software is appropriate and necessary, Agilent sponsored this project to create a model that analyzes the trade-offs between the cost of software and the cost of software unavailability. The model treats software licenses as supplies to the development of a product, and thus, supply chain methodologies such as inventory (cost of licenses), stock outs (cost of unavailability) and service level are applied. The goal of the model is to minimize software costs while maintaining a satisfactory level of service. The thesis explains the model and then shows the results from applying it to four software products that Agilent currently uses. The results show that in the absence of this type of analysis, Agilent spends more than necessary for software licenses. In fact, Agilent can reduce costs by at least 5%. This model can be used by Agilent and other companies to optimize software purchases.
by Rachel Felice Sheinbein.
S.M.
M.B.A.
Стилі APA, Harvard, Vancouver, ISO та ін.

Книги з теми "Software Supply Chain Security"

1

Thomas, Andrew R., and Sebastian Vaduva, eds. Global Supply Chain Security. New York, NY: Springer New York, 2015. http://dx.doi.org/10.1007/978-1-4939-2178-2.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
2

Halak, Basel, ed. Hardware Supply Chain Security. Cham: Springer International Publishing, 2021. http://dx.doi.org/10.1007/978-3-030-62707-2.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
3

Alfonso, Cristina M., Jason P. Sullivan, Cristina M. Alfonso, and Jason P. Sullivan. Cargo containers and supply chain security. New York: Nova Science Publishers, 2011.

Знайти повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
4

Nicholson, Anna, Evan Randall, Lisa Brown, Carolyn Shore, and Benjamin Kahn, eds. The Security of America's Medical Product Supply Chain. Washington, D.C.: National Academies Press, 2021. http://dx.doi.org/10.17226/26137.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
5

Kieras, Timothy, Junaid Farooq, and Quanyan Zhu. IoT Supply Chain Security Risk Analysis and Mitigation. Cham: Springer International Publishing, 2022. http://dx.doi.org/10.1007/978-3-031-08480-5.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
6

Burges, Dan. Cargo theft, loss prevention, and supply chain security. Waltham, MA: Butterworth-Heinemann, 2012.

Знайти повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
7

Enterprise software delivery: Bringing agility and efficiency to the global software supply chain. Upper Saddle River, NJ: Addison-Wesley, 2013.

Знайти повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
8

Koepsel, Kirsten M., ed. The Aerospace Supply Chain and Cyber Security - Challenges Ahead. Warrendale, PA: SAE International, 2018. http://dx.doi.org/10.4271/t-133.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
9

Essig, Michael. Supply Chain Safety Management: Security and Robustness in Logistics. Berlin, Heidelberg: Springer Berlin Heidelberg, 2013.

Знайти повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
10

Willis, Henry H. Evaluating the security of the global containerized supply chain. Santa Monica, CA: RAND Corporation, 2004.

Знайти повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.

Частини книг з теми "Software Supply Chain Security"

1

Yang, Jeong, Young Lee, and Arlen P. McDonald. "SolarWinds Software Supply Chain Security: Better Protection with Enforced Policies and Technologies." In Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing, 43–58. Cham: Springer International Publishing, 2022. http://dx.doi.org/10.1007/978-3-030-92317-4_4.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
2

Barabanov, Alexander, Alexey Markov, and Valentin Tsirlov. "On Systematics of the Information Security of Software Supply Chains." In Software Engineering Perspectives in Intelligent Systems, 115–29. Cham: Springer International Publishing, 2020. http://dx.doi.org/10.1007/978-3-030-63322-6_9.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
3

Zomer, Gerwin. "Supply Chain Security." In Operations, Logistics and Supply Chain Management, 575–92. Cham: Springer International Publishing, 2018. http://dx.doi.org/10.1007/978-3-319-92447-2_25.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
4

Collier, Zachary A., and Shital A. Thekdi. "Supply Chain Security." In The Palgrave Handbook of Supply Chain Management, 1–24. Cham: Springer International Publishing, 2022. http://dx.doi.org/10.1007/978-3-030-89822-9_30-1.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
5

Seaman, Jim. "Securing Your Supply Chain." In Protective Security, 439–85. Berkeley, CA: Apress, 2021. http://dx.doi.org/10.1007/978-1-4842-6908-4_11.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
6

Szymonik, Andrzej, and Robert Stanisławski. "Conclusions." In Supply Chain Security, 271–74. New York: Productivity Press, 2022. http://dx.doi.org/10.4324/9781003286110-10.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
7

Szymonik, Andrzej, and Robert Stanisławski. "Safety Determinants for the Needs of the Delivery Chain." In Supply Chain Security, 1–24. New York: Productivity Press, 2022. http://dx.doi.org/10.4324/9781003286110-2.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
8

Szymonik, Andrzej, and Robert Stanisławski. "Reverse Logistics in Supply Chains:." In Supply Chain Security, 193–206. New York: Productivity Press, 2022. http://dx.doi.org/10.4324/9781003286110-7.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
9

Szymonik, Andrzej, and Robert Stanisławski. "Technologies Supporting Supply Chain Safety Management." In Supply Chain Security, 159–92. New York: Productivity Press, 2022. http://dx.doi.org/10.4324/9781003286110-6.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
10

Szymonik, Andrzej, and Robert Stanisławski. "Contemporary Conditions of Supply Chains." In Supply Chain Security, 25–66. New York: Productivity Press, 2022. http://dx.doi.org/10.4324/9781003286110-3.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.

Тези доповідей конференцій з теми "Software Supply Chain Security"

1

Ellison, Robert J., and Carol Woody. "Supply-Chain Risk Management: Incorporating Security into Software Development." In 2010 43rd Hawaii International Conference on System Sciences. IEEE, 2010. http://dx.doi.org/10.1109/hicss.2010.355.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
2

Nakano, Yuto, Toru Nakamura, Yasuaki Kobayashi, Takashi Ozu, Masahito Ishizaka, Masayuki Hashimoto, Hiroyuki Yokoyama, Yutaka Miyake, and Shinsaku Kiyomoto. "Automatic Security Inspection Framework for Trustworthy Supply Chain." In 2021 IEEE/ACIS 19th International Conference on Software Engineering Research, Management and Applications (SERA). IEEE, 2021. http://dx.doi.org/10.1109/sera51205.2021.9509040.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
3

Axelrod, C. Warren. "Assuring software and hardware security and integrity throughout the supply chain." In 2011 IEEE International Conference on Technologies for Homeland Security (HST). IEEE, 2011. http://dx.doi.org/10.1109/ths.2011.6107848.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
4

Ohm, Marc, Arnold Sykosch, and Michael Meier. "Towards detection of software supply chain attacks by forensic artifacts." In ARES 2020: The 15th International Conference on Availability, Reliability and Security. New York, NY, USA: ACM, 2020. http://dx.doi.org/10.1145/3407023.3409183.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
5

Hejderup, Joseph. "On the Use of Tests for Software Supply Chain Threats." In CCS '22: 2022 ACM SIGSAC Conference on Computer and Communications Security. New York, NY, USA: ACM, 2022. http://dx.doi.org/10.1145/3560835.3564557.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
6

Martin, Robert Alan. "Visibility & Control: Addressing Supply Chain Challenges to Trustworthy Software-Enabled Things." In 2020 IEEE Systems Security Symposium (SSS). IEEE, 2020. http://dx.doi.org/10.1109/sss47320.2020.9174365.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
7

Vu, Duc Ly, Ivan Pashchenko, Fabio Massacci, Henrik Plate, and Antonino Sabetta. "Towards Using Source Code Repositories to Identify Software Supply Chain Attacks." In CCS '20: 2020 ACM SIGSAC Conference on Computer and Communications Security. New York, NY, USA: ACM, 2020. http://dx.doi.org/10.1145/3372297.3420015.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
8

Okafor, Chinenye, Taylor R. Schorlemmer, Santiago Torres-Arias, and James C. Davis. "SoK: Analysis of Software Supply Chain Security by Establishing Secure Design Properties." In CCS '22: 2022 ACM SIGSAC Conference on Computer and Communications Security. New York, NY, USA: ACM, 2022. http://dx.doi.org/10.1145/3560835.3564556.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
9

Martin, Robert Alan. "Assurance for CyberPhysical Systems: Addressing Supply Chain Challenges to Trustworthy Software-Enabled Things." In 2020 IEEE Systems Security Symposium (SSS). IEEE, 2020. http://dx.doi.org/10.1109/sss47320.2020.9174201.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
10

Keller, Joseph, Shuva Paul, Santiago Grijalva, and Vincent J. Mooney. "Experimental Setup for Grid Control Device Software Updates in Supply Chain Cyber-Security." In 2022 North American Power Symposium (NAPS). IEEE, 2022. http://dx.doi.org/10.1109/naps56150.2022.10012179.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.

Звіти організацій з теми "Software Supply Chain Security"

1

Chandramouli, Ramaswamy. Securing the Artifacts in Software Supply Chain for Building Cloud-Native Microservices Applications. Gaithersburg, MD: National Institute of Standards and Technology, 2023. http://dx.doi.org/10.6028/nist.sp.800-204d.ipd.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
2

Visker, Edward R. Improving the DoD Supply Chain Can Commercial Supply Chain Management Software Do the Job"". Fort Belvoir, VA: Defense Technical Information Center, April 2000. http://dx.doi.org/10.21236/ada378230.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
3

Hund, Gretchen. Walk the Talk: Progress in Building a Supply Chain Security Culture. Office of Scientific and Technical Information (OSTI), August 2016. http://dx.doi.org/10.2172/1329456.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
4

Edwards, Frances, Joseph Szyliowicz, Dan Goodrich, William Medigovich, Liz Lange, and Autumn Anderton. Surface Transportation Supply Chain Security: Creating a Blueprint for Future Research. Mineta Transportation Institute, April 2021. http://dx.doi.org/10.31979/mti.2021.1937.

Повний текст джерела
Анотація:
Ninety percent of the world’s trade goods travel by surface transportation, using maritime, road and rail assets. The security of the goods in transit, the infrastructure supporting the movement, and the vehicles, are required to ensure that international commerce proceeds successfully. Much has been written about the surface supply chain itself, but little has focused on the security of these components. This report provides a guide for those wanting an increased understanding of the security issues that supply chain surface transportation systems confront and a blueprint to guide their future research.
Стилі APA, Harvard, Vancouver, ISO та ін.
5

Hund, Gretchen. Walk the Talk: How PNNL is developing a Supply Chain Security Culture. Office of Scientific and Technical Information (OSTI), September 2015. http://dx.doi.org/10.2172/1334055.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
6

Khan, Saif M., Alexander Mann, and Dahlia Peterson. The Semiconductor Supply Chain: Assessing National Competitiveness. Center for Security and Emerging Technology, January 2021. http://dx.doi.org/10.51593/20190016.

Повний текст джерела
Анотація:
Semiconductors are a key component in fueling scientific progress, promoting economic advancement, and ensuring national security. This issue brief summarizes each component of the semiconductor supply chain and where the United States and its allies possess the greatest leverage. A related policy brief, “Securing Semiconductor Supply Chains,” recommends policy actions to ensure the United States maintains this leverage and uses it to promote the beneficial use of emerging technologies, such as artificial intelligence.
Стилі APA, Harvard, Vancouver, ISO та ін.
7

Lindquist, Joachim, and Henning de Haas. Creating Supply Chain Resilience Through Scenario Planning: How a Digital Twin Can Be Used To Enhance Supply Chain Resilience Through Scenario Planning. Aarhus University Library, 2021. http://dx.doi.org/10.7146/aul.435.

Повний текст джерела
Анотація:
This book focusses on the concept of supply chain disruptions and how supply chain resilience can contribute to both preparing for and reacting to the event causing disruption. For building a digital twin of a supply chain, a software named Supply Chain Guru has been used. The software is a supply chain design tool which can be used for different kinds of supply chain network optimisation. The book outlines four scenarios: Covid-19 lockdown, Brexit without deal, Conflagration at a dairy and Political regulations on transport. The scenarios all contain a problem that needs to be solved. This problem is considered as the main disruption for the supply chain. Running the scenario in Supply Chain Guru, constraints are added to the AS-IS model. The constraints are identified as implications of the event in the scenarios. By adding the constraints and running the model, Supply Chain Guru identifies suggestions to solve the problems which were described. The solutions within the scenarios are held up against the theory of supply chain resilience, to describe how the scenario planning can be used to enhance supply chain resilience. Finally, the book discuss how scenario planning can be related to supply chain resilience as well as how scenario planning can be used to increase supply chain resilience.
Стилі APA, Harvard, Vancouver, ISO та ін.
8

Boyens, Jon M. Cybersecurity Supply Chain Risk Management for Systems and Organizations. Gaithersburg, MD: National Institute of Standards and Technology, 2022. http://dx.doi.org/10.6028/nist.sp.800-161r1.

Повний текст джерела
Анотація:
Organizations are concerned about the risks associated with products and services that may contain potentially malicious functionality, are counterfeit, or are vulnerable due to poor manufacturing and development practices within the supply chain. These risks are associated with an enterprise’s decreased visibility into, and understanding of, how the technology they acquire is developed, integrated, and deployed, or the processes, procedures, standards, and practices used to ensure the security, resilience, reliability, safety, integrity, and quality of the products and services. This publication provides guidance to organizations on identifying, assessing, and mitigating cybersecurity risks throughout the supply chain at all levels of their organizations. The publication integrates cybersecurity supply chain risk management (C-SCRM) into risk management activities by applying a multilevel, C-SCRM-specific approach, including guidance on development of C-SCRM strategy implementation plans, C-SCRM policies, C-SCRM plans, and risk assessments for products and services
Стилі APA, Harvard, Vancouver, ISO та ін.
9

Rowland, Michael, and Benjamin Karch. Security Evaluation of Smart Cards and Secure Tokens: Benefits and Drawbacks for Reducing Supply Chain Risks of Nuclear Power Plants. Office of Scientific and Technical Information (OSTI), August 2022. http://dx.doi.org/10.2172/1884928.

Повний текст джерела
Стилі APA, Harvard, Vancouver, ISO та ін.
10

Hicks, Julie, Laurin Yates, and Jackie Pettway. Mat Sinking Unit supply study : Mississippi River revetment. Engineer Research and Development Center (U.S.), September 2021. http://dx.doi.org/10.21079/11681/41867.

Повний текст джерела
Анотація:
The Mississippi Valley Division (MVD) has maintained the Mississippi River banks for over 80 years. The Mat Sinking Unit (MSU), built in 1946, was considered state-of-the-art at the time. This system is still in operation today and has placed over 1,000 miles of Articulated Concrete Mats along the Mississippi River from Head of Passes, LA, to Cairo, IL. A new MSU has been designed and is expected to be fully mission capable and operational by the 2023 season, which is expected to increase the productivity from 2,000 squares/day up to 8,000 squares/day with double shifts and optimal conditions. This MSU supply study identifies and optimizes the supply chain logistics for increased production rates from the mat fields to the MSU. The production rates investigated for this effort are 2,000 squares/day, 4,000 squares/day, and 6,000 squares/day. RiskyProject® software, which utilizes a Monte Carlo method to determine a range of durations, manpower, and supplies based on logical sequencing is used for this study. The study identifies several potential supply and demand issues with the increased daily production rates. Distance to casting fields, number of barges, and square availability are the major issues to supply increased placement rates identified by this study.
Стилі APA, Harvard, Vancouver, ISO та ін.
Ми пропонуємо знижки на всі преміум-плани для авторів, чиї праці увійшли до тематичних добірок літератури. Зв'яжіться з нами, щоб отримати унікальний промокод!

До бібліографії