Assessing threats to information and communications technologies

Assessing threats to information and communications technologies
Risk detection and mitigation

 

Overview

Threat Assessment for the ICT Supply Chain

As a nation, we are becoming increasingly aware of the risks posed by global supply chains. These dangers are especially critical in the sourcing of information and communication technologies (ICTs). In many cases, items like computer chips that offer the best performance-to-cost ratios come from sources that may pose any number of outside security threats. These products are particularly vulnerable because of the nature of their sources and complex design, manufacturing and delivery processes.

Solution

The goal of this research is to develop a risk-based methodology based on the study of ICT supply chains. This approach will identify and quantify vulnerabilities based on a variety of scenarios that could occur throughout the supply chain from product design and manufacturing through delivery and installation. Based on those findings, specific countermeasures will be identified that can be applied to address these threats to increase security across the ICT supply chain.

Impact

Quantitative results will be shared with government and industry stakeholders involved in the specific threat scenarios studied. The methodology will also be made available to government and industry partners for the broader application of quantifying risks and evaluating countermeasures across a variety of threats to the ICT supply chain.

Research Leadership Team

Principal Investigator: Fred Roberts, Rutgers University
Co-PI: Dennis Egan, Rutgers University
Co-PI: E.A. Elsayed, Rutgers University
Co-PI: Weihon “Grace” Guo, Rutgers University
Co-PI: Paul Kantor, Rutgers University
Co-PI: Eric Rosenberg, Rutgers University