them fear that a supplier-chain partner will take advantage of private information, that information will leak to a .... methods would be as impractical as for the case when all sides are cooperatively computing the same function. ...... Thus, the re
tion has the potential to improve supply-chain management practice, and, by removing one ... 0219560 from the National Science Foundation, Contract N00014-02-1-. 0364 from the Office of .... with their suppliers. Song and Zipkin  develop.
Nov 12, 2012 - ance knowledge-sharing network: The Toyota case, Strategic ..... P. Romano, Co-ordination and integration mechanisms to manage logistics ...
Supply Chain Resource Planning Systems: A. Scenario of Future Enterprise Systems. Kai Reimers. RWTH Aachen University, [email protected] Xunhua Guo. Research Center for Contemporary Management, School of Economics and Management, Tsinghua Un
January 29, 2009 by Kai Hypko - Plantronics ... Plantronics Supply Chain Challenges. â¢ SCORE Project. â¢ Project ..... Update documentation. Continue roll outs.
Methods for making your supply chain Agile,. Adaptable and Aligned ... Supply Chain. Strategy. Competitive Strategy. Pricing. Transportation. Inventory. Sourcing. Information. Cross Functional Drivers. Logistical Drivers. Efficiency. Responsiveness.
Keyword:- Supply chain, Preliminary Distribution model , Cross-Dock and Direct Shipment Models ... management spans all movement and storage of raw.
Mark Barratt, (2004),"Understanding the meaning of collaboration in the supply chain", Supply Chain Management: An. International Journal .... businesses. These definitions are very broad, and it can be difficult to differentiate this term with other
A Supply Chain Paradox. Anson Li. Department of ISOM. Business School. University of Auckland. Level 4, OGGB. 12 Grafton Rd, Auckland. New Zealand ... Simulation. Introduction. Supply Chain Management promotes efficiency in production and delivery of
One of the major sources of inefficiency in managing supply chains is ..... assembled by one of several contract manufacturers (e.g., Solectron, Flextronics). The.
Specifically, the following research questions are addressed: how does stage of the product/process life cycle ... stage could notably impact other stages, thus, the âbullwhip effectâ (Lee, Padmanabhan & Whang,. 1997) ... add other reasons to bal
Feb 1, 2009 - Criticality refers to how sensitive cer- tain pieces ... ishment (CPFR) process. Next to the ..... We define the rule for selecting the pivot column s to.
capabilities to enable tighter supply chain coordination between partners (Peterson 1999). Through their support of joint planning initiatives such as CPFR, SCM ...
Dec 27, 2000 - Clearly, the optimal objective value of the L.P. relaxation is a ..... similar to that of Lemma 1, it can be shown that. FBATCH s + 1. H. X h=2 snh. 0.
Sep 12, 2011 - models, stochastic analytical models, and simulation models, coupled ... Supply Chain Management Systems Advanced Control: MPC on SCM.
b College of Business and Innovation, The University of Toledo, 2801W. Bancroft Street .... the information processing view of the firm (Galbraith, 1973). Exemplified by ... this view looks at organizations as information processing entities that.
monly observe a decentralized coordination mechanism (referred to as ... (CPFR) process. Next to ..... For a first mapping we define a linear mapping function f(c).
while satisfying service level requirements (Simchi Levi et al. ). Recently, however, there has been an increasing attention placed on the performance, design, ...
digital supply chains. We explain how supply chain integration through the blockchain technology can achieve disruptive transformation in digital supply chains and networks. 1. ... to move all stakeholders jointly toward standardized integration of b
September 14-17, 1997, Sacramento, California ... between multiple supply chain components, including business entities .... become active and are violated.
chain management (SCM) incorporating web mapping services to enhance the supply chain process. ... materials supply chain management (SCM) to evolve over time to optimize production and materials management. ... for an e-commerce application to assis
1Escuela Universitaria de Ingeniería Industrial Informática y de Sistemas. Universidad de ... Entender las disrupciones y su propagación a lo largo de las cadenas de suministro se ha vuelto crítico para el diseño ... información real, capaz de establ
Sep 1, 2010 - the list to have a focus on supply chain performance measurement. .... performance evaluation of. SCOR sourcing process pp p. 19. Kanji,. G.
have actively introduced RFID technology into their daily logistics operations and product distributions. ... Definition and Unique Characteristics of Supply Chain Management ...... The survey was developed with multiple choice questions.
Toward a Secure Supply Chain: A System’s Perspective Xiangyang Li a* and Charu Chandrab a
* Corresponding Author. Department of Industrial and Manufacturing Systems Engineering, University of Michigan-
Department of Industrial and Manufacturing Systems Engineering, University of Michigan-Dearborn, USA.
Xiangyang Li is Assistant Professor with the Department of Industrial and Manufacturing Systems Engineering of the University of Michigan – Dearborn. His research interests include quality and security of complex enterprise and information systems, knowledge discovery and engineering, system modeling and simulation, and human machine studies.
Charu Chandra is Associate Professor in the Department of Industrial and Manufacturing Systems Engineering at the University of Michigan-Dearborn. His research focuses on studying complex systems with the aim of developing cooperative models to represent coordination and integration in an enterprise.
Abstract Security management has become a critical topic that supply systems have to handle on a daily basis. An integrated view is not in place yet, despite that related studies have existed in disparate pieces and keep on emerging. This
paper seeks an essential paradigm shift to design/management for security (DMfSec) within the context of supply chain management. The first part is devoted to defining a new discipline of security centric supply chain management (SecSCM). We identify its fundamental tasks and requirements aided by a metaphor borrowed from information security. The second part is a discussion of a potential technical roadmap. Vital and integral to this initiative, we firstly propose the referential taxonomy that systematically accounts for security constraints, requirements, instruments and management, and investigate its relationship to underlying supply chain constructs. Secondly, with the taxonomy in hand, we present modeling issues based on dependency representation and probabilistic analysis, which are suitable for security management. Lastly we consider key tasks in DMfSec and SecSCM. With an emphasis on elaboration of challenges and requirements and employing a process and system oriented perspective, this paper intends to start rather than conclude an adventure into this vast interdisciplinary field. Keywords Supply chain management (SCM), security management (SecM), security centric supply chain management (SecSCM), design/management for security (DMfSec)
1 Introduction The development of novel technology and unconventional business model catalyzes new logistics and enterprise systems. Rapid expansion of modern enterprises and markets has evolved into complex supply chain networks with broader geographical reach, offering a larger product variety with extensive product models or lines. We use SCN as an abbreviation for supply chain/network hereafter in this paper. The importance of building up closer partnership has been extensively studied and accepted in order to survive and grow under increasing competition in a globalized economic system . These systems rely on a globalized economy boosted by information infrastructure grids, aiming at productivity improvement by connective techniques and open architectures to cut down time delays and operation overheads. Closer relationships between businesses in the search for competitive edge raise dependency to a higher level among supply chain constructs including plants, distribution centers, and transportation facilities. Complexity becomes an inherent feature of these SCNs, as revealed in at least three aspects: (1) huge system mass represented by their geographical size and participants, (2) complicated dependency and correlation among these participants, and (3) adaptive dynamics shown in emerging states in terms of participants, configurations and structure, evolving constantly in both temporal and spatial dimensions. 1.1 Modern Supply Systems and Security Management SCNs, similar to civil transportation, goods retailing or military logistics have been facing greater security threats. These threats are by way of natural disasters such as hurricane, fire, flood, earthquake, and other disastrous weather conditions, or man-made event such as quality issues, labor shortage, market uncertainty and fluctuation, computer infrastructure attack, and other man-made emergencies. These can be categorized into external and internal threats according to the boundary of the SCN under consideration. These can further be classified into controllable or observable threat categories. Controllable threats come from manageable factors, such as technical issues in product design and manufacturing or staffing issues in capacity scheduling, while observable threat examples are often environmental and external, such as rising raw material price or various natural disasters. Threats may emerge in complicated forms that blur the line in the above classifications. For example, one natural disaster of flood or fire may in turn cause other man-made threats, such as labor shortage and transportation delay; observable threats may become controllable once these threats are better understood as part of the overall SCN. As a considerable development in SCN threats, terrorist activities pose an omnipresent concern to national infrastructures and supply systems after the 9/11 event. The Department of Homeland Security emerges as a major player
in charge of a centralized anti-terrorist architecture. SCNs now have to deal with various procedures and rules of audit and control in transportation, production and customer service processes. Laws and official rules such as Sarbanes Oxley Act  and Health Insurance Portability and Accountability Act (HIPAA)  are passed to regulate various security aspects of business processes. This range of new institutions, procedures and regulations, on the one hand, provide new mechanisms to facilitate security management of an enterprise, but on the other hand, significantly uplift security constraints and requirements on threat countermeasures and security management at each stage in the life of a supply system. Supply chain security management becomes an unavoidable research mandate when we start to watch that the last mile from manufacturer to customer is being filled in the service sector. Security challenges and effects are amplified in service operations and processes that are deployed around individual customers or enterprises, as in commercial transportation, health care delivery, electronic marketing, and product maintenance and customer service. These service sectors have unique security concerns and requirements. For example, privacy is the main concern for health care systems where sensitive information about patients is stored and exchanged continuously, and unfortunately suffers frequently in information leakage cases. Integrity, including transaction non-repudiation and data verification/validation may be the top concern for electronic commerce. These types of security requirements are not well addressed by studies on risk management, where the traditional time and cost measures are still major concerns. Handling security risks becomes the normal SCM operational state now. If not well predicted, assessed and handled in a timely manner, these events can cause interruptions to supply chain operations by way of increased production costs and devaluation of stock share values . At the same time, various threats and security concerns prove too much to be still considered as a trivial or peripheral part of SCM. Coupled with the complexity of size, dependency and dynamics inherent in modern SCNs, it is appropriate to adopt a systematic perspective to carefully examine relevant studies and push forward a rigorous research agenda for an integrated security management paradigm. 1.2 Motivation and Organization An obvious gap exists between the research frontiers of SCM and the pressing security analysis and management need. Recent research in SCM focuses on important topics of physical location configuration, demand response analysis, dynamic pricing and contract management, and challenges in e-commerce, etc. [34, 47] Security should be a genuinely integral part of all of them, especially within distributed and dynamic non-traditional settings exemplified by today’s supply chains. However, largely isolated, none or very few efforts take a security-centric view in tackling corresponding
topics. Essential insight into constraints, requirements, and support of secure supply chain is lacking. A common and complete working terminology for potential players in design and management of secure supply chains does not even exist. Scale and complexity of such systems defines a vast complicated research field that did not exist before with so many artifacts and techniques interacting with each other and exposed together to potential malicious activities. Tremendous nonlinear and adaptive dynamics in such systems foretells the new research area of secure supply chain as full of challenges. We have witnessed the history of information system security where security considerations became obvious in the design matrices of information systems only after unbearable threats, including viruses, worms, malware, spyware, phishing and hackers, emerged constantly. It is threat-driven, not vision-inspired. We need to plan ahead for security in SCM, avoiding becoming victims forced to catch up with increasing disasters, emergencies, terrorism events, interruptions, etc. Therefore, we propose to initiate an exploration into a vast field, coined security centric supply chain management (SecSCM). This field stimulates SCM researches for innovative theories, models and tools, while at the same time guarantees enormous return on investment. In this paper, as the first step, a study to examine systematic taxonomy, challenges and requirements faced by modeling and management of secured supply chains is critical and an imminent necessity. Success in this exploration can benefit supply chain or enterprise management with essential knowledge for various usages. Modern enterprises will have a clearer understanding of the compliance obligation of various security regulations, even for a basic task such as assessment of security assurance. Performance measures that modern SCM researchers use more and more, such as reliability or robustness, transparency or visibility, scalability, and flexibility (e.g. delegation and adaptability) will have a more solid foundation after we examine their interaction with security management. Moreover, the long term goal of such exploration is to seek practical methodologies and tools. We imagine an exciting vision where aided by computer tools, design/management for security (DMfSec) paradigms configure diverse and complex SCN systems with the efficiency that does not exist currently. This study aims to lead to design and development of secure supply chain systems. We propose a technical roadmap to navigate the labyrinth with an emphasis on generic constraints, requirements and methods in this vast field. Firstly, the future research requires a comprehensive reference taxonomy that covers security issues, requirements, and operations, offering guidelines and a working language for essential design and management tasks. Secondly, the integral design and management of secured supply systems calls for efficient modeling technologies that can represent and analyze
security in supply systems for various tasks both qualitatively and quantitatively, ideally embedded in the overall SCM framework. 1.3 Scope of the Discussion in this Paper We provide the context within which supply chain terminology has been used in this paper: A supply chain or network spans the entire product life-cycle involving a confluence of systems belonging to the members of the extended enterprise, i.e., supplier, supplier’s supplier, customer, and customer’s customer. Therefore, it exceeds beyond the narrow scope of logistics systems to encompass a comprehensive system-of-systems view of enterprise. Security Management (SecM) for this complex enterprise is more than mere physical protection of its assets. We take a comprehensive view of security entailing events likely to adversely impact supply chain operations, leading to potential legal liabilities and loss of business. Therefore, we do not just focus on risks traditionally related to time, cost and quality issues of product and process although in a broader sense we do not need to distinguish these issues from security. We consider security centric supply chain management with a view to identify and assess the presence of security risks in and to mitigate their impact on a supply chain through the design, deployment and management life-cycle of this supply chain. [Figure 1 Here] Fig. 1 The positioning of security management paradigms As shown in Figure 1, the discussion in this paper is essentially positioned as the intersection between the knowledge bodies of SCM and system & cyber security. This intersection starts to witness emerging interests in practitioners while devoted efforts from researchers are sparse and not enough. 2 The State of the Knowledge of Security Management in SCM Traditionally, risk assessment and management in SCM studies consider risks in many forms, viz., business risk, financial risk, technological risk, and physical risk. The first three types of security needs have been extensively studied in supply chain risk management literature. Some examples of these are risks of stock outs due to inventory policies, risk due to investments in facilities, risks of losing market share due to adoption of a particular product manufacturing strategy [2, 4, 7, 8, 14, 33, 42, 51]. Recently, there have been a few research works with emerging topics that reach out for broader applications, including disruption modeling and management, risk analysis, disaster response, information sharing and privacy, trust service and support, transportation security inspection, and so on. Atallah et al.  use secure multiparty computation from information cryptography to design supply chain collaboration protocols that can reduce information asymmetry while
maintaining privacy. Thomas  analyze reliability of a supply chain when it is under contingency impact, e.g. by unexpected disasters. Pai et al  provides the conceptual modeling and analysis framework for assessing business risk using Bayesian networks. In a paper on security and trust management in supply chain, Kolluru and Meredith  discuss the different security requirement and service for different levels of collaboration among companies. Blackhurst at al  summarizes the common themes and issues around supply chain disruption based on interaction with industry practitioners. Hale and Moberg  utilize a set cover location model to identify the minimum number and possible locations of off-site storage facilities for supplies in disaster preparation. Lee and Whang  compare the security inspection for goods, such as explosives in transportation with total quality management in manufacturing. A technical report by RAND Corporation focuses on the impact of terrorist attacks to global container supply chain performance and advocates the importance of fault-tolerant or resilience in supply chains . However, these emerging researches are sparse and isolated, without a common terminology or a clear agenda which does not foresee a security-centric design paradigm. Most of these studies are conceptual and qualitative. The lag in research will become more obvious and significant when latest enterprise paradigms, including the system-of-systems in supply alliance and the reconfigurable supply chains are increasingly implemented. 3 Comparison of Supply Chain Security with Information System Security Modern service enterprises without exception are built on advanced cyberinfrastructure and technology. Nowadays security modeling and management faces increasing challenges largely from the key commodity consumed in a supply chain: information. We can describe the scope of security taxonomy by examining the security challenges at different phases including incompleteness and inaccuracy of data in information sources due to the reliability issue of acquisition instrument and the privacy and security concern , information distortion, e.g. the bullwhip effect  in a supply chain, in information transmission, and various security aspects in terms of integrity, availability, confidentiality and privacy in information exchange and processing. 3.1 Information Security Information security has been a field attracting vast interests from researchers and practitioners relevant to computer and information systems. Disciplines contributing a variety of methodologies and practices include computer science and engineering, mathematics, social science, human computer interaction, management information systems, electrical engineering, industrial engineering, system engineering, etc. Information security is long past the original narrow view focusing on just password protection, security policy, and encryption/decryptions .
After a long history of rigorous study in information security, a comprehensive and still evolving reference notation and classification system is now in place to guide various studies and support efficient communication among researchers with different background. •
Constraints – System assets, vulnerabilities, and threats are genuine constraints that literally make information security an issue to any information infrastructure. Assets are physical hardware or software that supports the normal functionality of an information infrastructure. Vulnerabilities describe the security strength of an asset. Threats are potential attacks, and are what we protect the assets from. In addition, security measures are defined and categorized to describe the classes of security problems, such as the CIA triplets, i.e. confidentiality, integrity, and availability.
Requirements – The above security constraints require mechanisms, services, and policies to handle security problems. They can either eliminate threats or fix vulnerabilities. Security services apply security mechanisms to improve security of data processing and information transfer in an organization. Generic security services include authentication, authorization, non-repudiation, privacy, intrusion-tolerance, etc., while security mechanisms include specific techniques like encryption, digital signatures, traffic padding, routing control, access control, firewall, redundancy, etc. Policy defines high level of trust, assumptions, and rules for certain security goal, such as the confidentiality model in military systems and the integrity model in commercial systems.
Tasks and operations – Based on security constraints and requirements, various decisions on tasks and operations can be determined, including choosing security tools, standards, and legal regulations to support specific business functions and processes. [Figure 2 Here] Fig. 2 An illustration of information assurance tasks and operations On the basis of this taxonomy, we can position and analyze all essential information security management, called
information assurance tasks by referring to the above classification. Information assurance largely consists of a set of essential tasks including instruction prevention, detection and diagnosis, reaction, and evaluation of the security level of the information system, as shown in Figure 2. These tasks can relate to and connect various security components in all the above dimensions. For example, in prevention; various security mechanisms, services and policies are utilized to counter a broad spectrum of attacks. These facilities remove vulnerabilities that those attacks can exploit. Thus a variety of key subtasks can be defined in intrusion prevention efforts, such as risk assessment, vulnerability management, etc. Each of
these subtasks may involve more than one security components. For example, risk assessment takes into consideration the potential threats, the assets to be protected and their associated vulnerabilities, as well as security measures, such as availability, integrity and confidentiality. Taxonomy is an ontology map that defines and describes the generic elements of a system or process. It is more than a classification or a dictionary because dynamic behaviors of the elements are also captured. A comprehensive referential taxonomy has many advantages. The taxonomy helps research and development by positioning problems and identifying gaps. It can greatly aid developing systematic solutions for security engineering. It helps foster standardization and security tools. The information security taxonomy is always evolving with the development of information security frontier. Given any information security issues and applications, we can easily navigate through the entire process of information security assurance and the above security taxonomy components. Take computer intrusion detection as the example here. Since the seminal rule-based pattern matching model by Denning , a variety of intrusion detection techniques and systems applying diverse theories, computational algorithms, and models of computer systems and computer users have evolved. One classic classification organizes existing intrusion detection techniques into anomaly detection and misuse detection, according to the assumption for the definition of “intrusions” . Anomaly detection considers any deviation or difference from the normal patterns or profiles as an anomaly and a possible intrusion. On the other hand, patterns summarized about known attack types can function as intrusion “profiles” and be used to match patterns in misuse detection or signature recognition. Obviously these two types of intrusion detection techniques have advantages and disadvantages respectively. In response to the requirement of high detection rate and zero false alarms, hybrid systems are developed to combine multiple detection engines using both techniques in sequential connection . Studies on new intrusion detection systems do not need to reinvent the terms and redefine data formats. Researchers can focus their efforts on their core research and development issues by exploring and expanding existing security taxonomy. 3.2 Supply Chain Security and Information Security We have easily seen the similarity of the information security topic to security management in SCNs. Looking at the development of information security, the counterparts of these security artifacts and tasks in the latter topic can in many cases be easily identified. Actually, an initial taxonomy, or at least a knowledge map, of supply chain security management could be analogous to the above for information security, as given in the later section. At the same time, we have to be careful in using the notations of information security and supply chain security.
(1) Isolating information security management from the rest of supply chain security. In the organizational structure of many companies, information security is only taken care of by the IT department while separate risk management departments may exist in other divisions. Because the cyberinfrastructure is now so essential to any operations of corporations, especially those with distributed supply chains and global presence, this isolation inevitably causes constant problems, disrupting value-added functions. (2) Replacing supply chain security with information security. This happens when some professionals limit the meaning of the term “security” in enterprises to information security. But, security in a supply chain is much broader than just the security in the underlying information infrastructure. It includes those reviewed in the previous section, and emerging topics and new issues. One such example is the significance of terrorism. To clearly show their relationship, we offer three examples below, where the two way interaction between these two is obvious. (a) A denial of service computer network attack outbreak to the online portal impacts operations of an e-commerce company. (b) When a company goes global, it requires new control solutions of information assurance solutions for access control of its computer intra-network. (c) Terrorists launch organized efforts of physical damages and cyber attacks to the national infrastructures of a country. 4 A Security Centric Supply Chain Management (SecSCM) Paradigm It is time for us to put together all the relevant pieces in existing studies, from SCM to information security to system engineering, to push forward the security intelligence of enterprise systems. The supply chain artifacts are linked to each other, where their inter- and intra-dependencies inevitably increase complexities of security management. This follows the bi-directional coupling between the physical constructs and the security artifacts in place. An isolated and static view to consider security management can not suffice the requirement of efficient and operational solutions in such uncertain and complex systems. Such a solution very likely misses the crucial coupling and thus is prone to failure. We plan to pursue an integrated approach to design/management of security (DMfSec) for supply systems. As shown in Figure 3, the impact of all threat types will be analyzed as these threats propagate along the dependency links within the supply constructs and the management/assurance tasks. Accordingly, we view DMfSec as pertaining to (a) safety and protection of physical assets such as plants, assembly sites, storage facilities etc., (b) identifying and
implementing rules for collection, storage, and assimilation of data and other value flows, (c) ensuring that the transmitted data is valid, reliable and conveys the same intended meaning the sender perceived it to be, and (d) defining rules and controls that ensure integrity of input and output of information and other value flows shared among decision making entities. The rationale behind our proposition is built on the premise that the design of security should not be an afterthought, rather it should be an intrinsic part of the overall supply chain design life cycle. The impact of all risk types should be analyzed, and interlinked as part of the integrated SecSCM decision-making models, through modeling the dependency present among the supply chain artifacts, the security concerns, and the operational decisions. The design for security in supply chain parallels the product design life cycle, whereby customer needs are mapped onto functional requirements and design parameters of the product. These parameters are designed as process variables as input to a decision model in which security is intrinsically considered as one or more of the performance measures in selecting the best design. [Figure 3 Here] Fig. 3 Illustration of the life cycle and the structural dependency of SecSCM In addition to the security taxonomy, we need an integrated knowledge engineering framework that supports qualitative dependency modeling and quantitative analysis by probabilistic inference and/or simulation techniques for adaptive knowledge integration in a variety of security design/management tasks. This knowledge management framework is necessary for the following capabilities: (a) a high-fidelity representation to capture and model any type of supply network and to reflect security concerns in the proposed taxonomy, (b) a quantitative analysis model that supports the practical implementation of various tasks in security management, and (c) quality assurance that is capable of handling uncertainty and complexity through feedback control of the knowledge integration process. 5 New Challenges to Supply Chain Security Management Modern supply chains have enabled enterprises to improve their performance by coordinating activities among supply chain members. Supply chain configuration is a result of this cooperation, defining supply chain members and physical and logical links among them. However, successful configurations encounter many challenges. Customer demand uncertainty is one of the primary one, showing up due to increasing customer expectations for price, quality and delivery performance; customized products, shortened product life cycle, and erratic demand behavior. These challenges are related to increasing global competition and technology development because these drivers encourage customers to raise their
expectations of desired products and services. The technology development challenge offers less time to get acquainted with new technologies. On the other hand, it increases manufacturing and service operations flexibility. 5.1 Reconfigurable Supply Chain As noted above, supply chain must be able to respond to changing customer demands and operating environments through reinforcement and modification of its configuration. Reconfigurable supply chain is a network of independent enterprises possessing flexibility of altering its structure with relatively minor resource requirements, without loosing its operational efficiency in response to changing customer demands and operating environment. Static and reconfigurable supply chains can be compared according to the role of tactical planning in the supply chain management process. At this planning level, configuration of the static supply chain is assumed as fixed  and it defines constraints within which planning is performed. Reconfigurability, however, implies that strategic planning defines supply chain competitiveness and customer service targets, as well as the structural basis of the supply chain (i.e., key units and links), and tactical planning can alter decisions with which supply chain partners can achieve set targets. The main aspects of reconfigurable supply chain problem are as follows. The decision-making aspect determines what activities related to supply chain configuration are required. The logical implementation aspect concerns utilization of physical implementation to achieve supply chain configuration and overall supply chain management objectives. It is also governed by the supply chain configuration decisions. The decision-making and logical implementation aspects mainly suffer from organizational difficulties and lack of knowledge. These deficiencies can be addressed by developing systematic and comprehensive decision-making and implementation procedures. Physical implementation is constrained by limited flexibility of available manufacturing technologies and high time and investment requirements. However, increasing use of outsourcing and third-party services in many situations eliminates the need for building an investmentheavy infrastructure. Similar improvements have also been achieved concerning manufacturing technologies. 5.2 Requirements for Reconfigurability To achieve reconfigurability, following requirements must be met. Technological requirements concern aspect such as IT infrastructure, product design, and manufacturing and logistics technologies. IT infrastructure requirements imply that supply chain units should be able to exchange information and integrate processes using IT. The product design requirements imply that product structure can be flexibly altered following changes in the supply chain configuration. Manufacturing requirements imply that manufacturing technologies facilitate flexibility to change product mix and
production volume. Logistics requirements imply that material and product distribution channels can be switched and that their capabilities are adjustable. Significant progress has been made in meeting technological requirements for supporting reconfigurability. Product design and manufacturing and logistics technologies issues are discussed in [3, 32, 48]. Modular product design allows replacing product components and substitution of suppliers more easily. Similarly, manufacturing automation systems enable quicker adjustment to new properties of materials used, and products demanded by customers, as well as reallocating manufacturing to other facilities. Finally, utilization of third-party logistics services allows flexibility in choosing transportation channels, thus enabling cooperation with partners and offering the requisite delivery responsiveness. Satisfaction of business requirements is a challenging problem that requires: a commitment by supplier chain entities; data and process integration; joint decision-making, implementation, and monitoring capabilities. 5.3 Integrated Frameworks for Reconfigurability The framework for supply chain configuration is an instantiation of a more general supply chain management problem-solving framework, as both share common principles and requirements. However, the supply chain configuration framework is more focused, which allows analysts to lower the complexity of the problem without loosing overall supply chain perspective. The main differences occur at the framework’s application level, where knowledge, models, and tools are specifically designed to address supply chain configuration needs. The integrated framework in the published literature is developed to achieve extended enterprise integration, where decision making is advanced as one of the main beneficiaries . Delen and Benjamin  and Delen and Pratt  actively promote a general integrated modeling framework that links enterprise description models, enterprise analysis models, and enterprise knowledge base. 6 Critical Research Topics and Technical Roadmap 6.1 Taxonomy The preliminary SecSCM taxonomy has four types (groups) of security components as shown in Figure 4, each having various components involved in supply chain security. These four groups completely cover all the relevant terms and concepts used in security management of supply systems. [Figure 4 here] Fig. 4 The initial taxonomy of security artifacts in SecSCM
These security components are dependent on each other within each group. For example, any security vulnerability is always specific to a SCN construct while a threat exploits certain vulnerability. Security will not be a problem if any of these three is not in place. In the security requirement, a security policy puts in place the foundation of the specification of security service and mechanism. Security services are supported by one or several security mechanisms while one security mechanism can support more than one service. The security mechanism is generally an enhanced version of a general technology. The components in the security management group offer guidelines or support to each other. Dependency is also bidirectional between two groups. For example, analysis of constraints provides insight into key security breaches and thus supports the requirement analysis and definition; at the same time, requirement definition results may change the priority of constraints. The requirement definition limits the available management options while the top-down decomposition of management operations generates another input to requirement specification. This initial taxonomy just outlines necessary and essential security components and mostly the “words” in a SecSCM “language.” Using these words, the mature taxonomy should provide more knowledge structure, effectively supporting the design and management tasks. In the order of ascending magnitude of meaning and knowledge, the taxonomy can deliberate useful domain and security knowledge at different semantic levels. This referential taxonomy has the potential to function as the starting point of a DMfSec methodology, leading directly to qualitative structures in modeling. The key study topic is to draw the complete terminology and taxonomy, and fill in any missing entries. We also need to investigate based on this taxonomy, the dependency among various components and groups. In pursuing this mission, a good strategy is to focus on the components special to supply chain security while comparing them to information security and general system security. 6.2 Modeling and Analysis A SCN is a typical temporal-spatial system where the synchronization of data over time and the integration of distributed data, often heterogeneous, can be an enormous challenge. Uncertainty and complexity may prevent us from deriving an efficient solving strategy and such a complex system induces inevitably a NP-hard problem. An efficient supply chain security modeling and analysis solution must support effective representation and efficient information fusion to handle “system-of-systems” and “adaptivity” of the underlying system structure and its security components. First, the starting representation must be able to support a family of models at different levels of
detail, and be able to accommodate integration of useful analysis techniques. So for different application purposes and design stages, these security models can vary in representation scales . Second, the approach has to provide baselines for the initial qualitative models and support parameterization for quantitative analysis. Therefore, it is able to aid practical deployment and optimization of security management. Finally, it should posses all the above within the context of complex and dynamic settings. Essential knowledge bases of dependency modeling, computational probabilistic and stochastic analysis engines, and information/utility theory can be employed. Decomposition of supply systems can generically roll out a dependency network to capture its components and their behavior. Dependency comes from flow of control, cash, information, material, and transportation/logistics among constructs at different level. Physical business facilities/entities include facilities, processes and people. States and transitions of such objects are described in informative data, generated when the supply chain fulfills the designated functions. These data become knowledge in the form of algorithm and rule used in business decision-making, optimization and other IT tools. Such decomposition reduces the complexity of representation and analysis and makes the dependency among components more obvious, as in another decomposition of the global container supply chain into logistics, transaction, and oversight layers . Dependency network models are directed graphs that use nodes (vertexes) to represent system variables and links (edges) to represent relationships and dependencies among these variables . Figure 5 depicts different types of dependencies, e.g., causality, support, impact, traffic, information/material flows, transportation and logistic links. The weight associated with the dependence link can represent probability, confidence, severity, etc., especially useful when developing computational models from such dependency models. Each node (variable) in the dependency model may be further decomposed into sub-nodes and its dependency flows into sub-flows. The decomposition continues until the lowest level fathomable is reached. [Figure 5 Here] Fig. 5 Dependency models in different forms Quantitative modeling and analysis is a knowledge integration task in SecSCM. Knowledge integration propagates evidences about the states at different system variables for better composite beliefs of the states of all variables. The states of a node can be simply yes/no for presence of a threat or normal/abnormal for the function of a supply chain construct. We are especially interested in hypothesis variables, e.g., of which the states describe the different impacts on a supply chain construct by the threats from its environment and the vulnerabilities within the system. Such computing models include
deterministic models such as rule based system  and case/instance based learning, and statistical/probabilistic models such as fuzzy rules , neural networks , Bayesian networks , hidden Markov model (HMM) , and DempsterShafer theory  in various application fields. Largely an appropriate framework can integrate various types of dependency models, and probabilistic models, such as Bayesian network , HMM model, Monte-Carlo simulation , Generalized Semi-Markov Processes simulation  etc., aided by multi-agent architectures connected through soft evidence update  to handle the following. •
Uncertainty. Inherent probabilistic representation and inference is able to deal with uncertainty dominant in these systems. The uncertainty is represented by the probability assigned to variable states and their dependency weights.
Dynamic evolvement. Many such probabilistic models have built-in mechanisms to deal with the dynamic change and temporal evolvement, such as in dynamic Bayesian networks and Markov process models.
Complexity. Many of these models can be implemented into agent-based architectures because of the independence present in the SCN and the model nodes. These agents can run inference in parallel and then synchronize their results, if necessary. Future studies should focus on automated learning for the generation of high-fidelity dependency models and their
conversion to the computational models, the comprehensive quality assurance methods, and efficient inference approximation to explore model structural features. 6.3 Design and Management for Security (DMfSec) More importantly, we aim at a practical DMfSec paradigm, where security management should be an integral part of supply chain design/configuration. An integral life cycle model shows the positioning of security taxonomy components, the SCN assurance, and the SCN life cycle activities in Figure 6. The location of security components also roughly represents the volume of their usage in the corresponding activities and tasks. For example, security constraints will be the majority of considered security components in both the requirement and analysis, and the risk assessment and surveillance. [Figure 6 Here] Fig. 6 Positioning of security components within SecSCM A system and process oriented perspective should be followed to fully understand and develop the paradigm. In the process view, we can naturally map the security taxonomy into the two most significant stages, i.e. requirement/analysis 16
and design/implementation. At the same time, we can also map them into the various SCN assurance activities, including risk assessment, prevention, detection, and reaction. In the system view, we take into account all constructs of a SCN at physical, data and knowledge layers in modeling and analysis. Analysis and design are then correlated to supply chain constructs at all the layers, and at the same time the dependency propagates back and forth between the SCN constructs and the security components along the identified dependency hierarchy. Therefore, we can follow both a bottom-up approach and a top-down approach in the design process. Interaction among all the supply chain constructs, design phases and security components can be better identified and examined in a set of design matrices. For example, a matrix can stipulate the assignment of security instrument and management components, including policy, service, mechanism, or technology, to supply chain constructs, including physical location, networking facility, or scheduling/planning applications. We can also define the performance/cost function for different design/management alternatives. Then, mature system design technologies, such as the group technology can be applied to prioritize and optimize the design/management. An open and multi-agent architecture of implementation while handling the security is necessary to balance the service of the security management to business goals and its independence. On the one hand, security management in supply systems is still a secondary task to SCM and should accommodate other facilities and protocols in direct support of the mission-critical business. On the other hand, security management always has the tendency to advocate “independent,” “separate” or “seclusive” solutions because such solutions simplify control, and information and material flows. These two considerations can cause conflicts, if the solution is not discreetly analyzed and designed. For example, an enterprise that relies on real-time response to customer demand may prioritize the speed of collecting and analyzing transactional data. However, the security management solution may require that every transaction undergoes a separate security assurance process before it is aggregated into a customer relation management database. This inevitably delays the compiling process and, therefore, the availability of data for feedback control. In another example, a healthcare delivery system has to have privacy protection as the core business value. But the detection of information leakage can become an impossible mission in a business solution that does not centralize and certify information flows before they go into individual processes. Lastly, a list of preliminarily topics has been identified, of which those having an asterisk symbol are identified as the key and basic research topics that should be investigated at the beginning. The efforts on these key topics will lay out a good foundation for further development and integration. •
Security modeling and simulation*. Implemented as computer aided design tools, security modeling and analysis provides the critical capabilities of automated design and optimization.
Security risk assessment and vulnerability penetration*. Risk assessment is the fundamental task to guide other tasks. Vulnerability penetration can be an embedded module to identify security flaws in existing SCNs.
Procedural framework for SCN security assurance*. A generic and practical assurance process is essential to SCM practitioners, similar to those recommendations for pandemic emergence control by the Center of Disease Control and for information assurance by the Computer Emergence Response Team.
Security auditing and surveillance*. Before threat emergency detection and response can be done, auditing and surveillance facilities and processes should be in place and standardized together with other business compliance requirements.
Emergency detection and diagnosis. There should be efficient models and tools to detect emergency in real time and to identify their nature and location.
Emergency mitigation and its automation. Mitigation plan of threat emergency should be laid out and enforced into automated facilities and procedures with various techniques and resources.
Threat tolerance and resilience. There is the need for novel SCN structures and practices that can tolerate threat emergencies. This is especially crucial to military and other mission critical SCN systems.
Security and interoperability standardization. Last, but not least, standardization of the above efforts can provide a helpful breeding ground for practical services and tools.
7 Conclusions In this paper, we summarize the vision of a research field that pushes for a security-centered SCM. All aspects of security in a supply chain are considered as intrinsic to its effective design and modeling. We argue that supply chain security and the security of information exchanged in it by its various members are complementary to each other. This is particularly significant due to the fact that a supply chain has to be reconfigurable in order to adapt to its fast changing decision-making environment. In such an environment, it is important that the security needs of the supply chain are adaptable to the new emerging supply chain structure. References 
M.C.E. Agostinho and G. Teixeira, Co-creating a self-organizing management system: A Brazilian experience,
Complexity, Ethics and Creativity Conference at the London School of Economics, 2003.
N. Agrawal and S. Nahmias, Rationalization of the supplier base in the presence of yield uncertainty, Production
and Operations Management 6 (1997), 291–308. 
A. I. Anosike and D. Z. Zhang, Dynamic reconfiguration and simulation of manufacturing systems using agents,
Journal of Manufacturing Technology Management 17 (2006), 435-447. 
R. Anupindi and R. Akella, Diversification under supply uncertainty”, Management Science 39 (1993), 944–963.
M.J. Atallah, H.G. Elmongui, V. Deshpande, and L.B. Schwarz, Secure supply-chain protocols, Proceedings of the
IEEE International Conference on E-Commerce, 2003. 
S. Axelsson, Intrusion detection systems: a survey and taxonomy, Report, Dept. of Computer Engineering,
Chalmers University of Technology, Goteborg, Sweden, 2000. 
V. Babich, Vulnerable options in supply chains: Effects of supplier competition, Working Paper, University of
Michigan, 2004. 
V. Babich, A.N. Burnetas, and P.H. Ritchken, Competition and diversification effects in supply chains with supplier
default risk, Working Paper, University of Michigan, 2004. 
M. Binder and B. Clegg, Enterprise management: A new frontier for organizations, International Journal of
Production Economics, 2006. (in press) 
J. Blackhurst, C.W. Craighead, D. Elkins, and R. B. Handfield, An empirically derived agenda of critical research
issues for managing supply-chain disruptions, International Journal of Production Research 43(19) (2005), 4067-4081. 
U.S. Congress, Health Insurance Portability and Accountability Act (HIPAA), [Online] Available:
http://www.cms.hhs.gov/HIPAAGenInfo/Downloads/HIPAALaw.pdf (Retrieved March 12, 2007) 
H.H. Willis and D.S. Ortiz, Evaluating the Security of the Global Containerized Supply Chain, Technical Report,
RAND Corporation, 2004.
Figure Captions Author Xiangyang Li’ Photo Author Charu Chandra’s Photo Fig. 1 The positioning of security management paradigms Fig. 2 An illustration of information assurance tasks and operations Fig. 3 Illustration of the life cycle and the structural dependency of SecSCM Fig. 4 The initial taxonomy of security artifacts in SecSCM Fig. 5 Dependency models in different forms Fig. 6 Positioning of security components within SecSCM
Fig. 1 The positioning of security management paradigms
Fig. 2 An illustration of information assurance tasks and operations
Fig. 3 Illustration of the life cycle and the structural dependency of SecSCM
Fig. 4 The initial taxonomy of security artifacts in SecSCM
Fig. 5 Dependency models in different forms
Fig. 6 Positioning of security components within SecSCM