Aarland, M. (2023). Digital Supply Chain Cyber Risks in the Power Industry: A resilience framework. In Jaziar Radianti, Ioannis Dokas, Nicolas Lalone, & Deepak Khazanchi (Eds.), Proceedings of the 20th International ISCRAM Conference (p. 1080). Omaha, USA: University of Nebraska at Omaha.
Abstract: The goal of this industrial PhD is to investigate how to include resilience into a cyber-security strategy to safeguard vital infrastructure. Critical infrastructure is increasingly susceptible since businesses are using technology more often. These infrastructures are also components of a vast, integrated, and increasing digital supply chain that transcends national boundaries, adding to the difficulties. A bigger attack surface where an attacker might use vulnerabilities contained in suppliers' and sub suppliers' chains could come from this extension of the digital supply chain. The study will add to our understanding of how to manage intricate supply chains in critical infrastructure with stringent dependability requirements. The digitalization processes in the supply chain include changes to the organizational structure, necessitating a robust strategy for continual improvement. The research question for this project is as follows: How can a resilience framework contribute to managing the complex digital supply chain for stakeholders in the power industry? The system dynamic (SD) approach will be used to generate a simulation based on the findings from each of the methods. Previous supply chain research has demonstrated that SD modelling is an effective strategy for building resilience in supply networks. To comprehend and examine the behavior of dynamic and complex systems, the notion of SD was established. The theory of system dynamics is based on the idea that actions done in systems will change the system, which will then lead to new actions. To collect primary data the qualitative method chosen as most suitable the semi-structured interview. To understand a social phenomenon, one needs to listen to people who reflect on their own experiences, knowledge, and motivation. Through interviews, it is possible to go into depth on the phenomenon and gather complex and rich data that is not available through literature review only. Contributions from this Ph.D. study are grouped into two categories: academia and organization. Further understanding regarding supply chain vulnerability and the implementation of potential techniques and ideas in novel contexts are academic contributions. The development of the resilience framework, which aims to address the difficult problem of managing stakeholders in the digital supply chain, is a contribution made by the organizations. The goal for CIs is to have resilient DSCs that can withstand and improve from high-pressure situations. Improving DSC resilience requires an understanding of the supply chain network that includes suppliers’ and their sub-suppliers’ incentives, all the way to its downstream customers’ incentives. By understanding the structure of the system, the ability to ascertain the behavior of the system increases, providing opportunities to better manage the system. If we can harness the positive incentives for collaboration and social connection the road to a more resilient CI that is available when the society require it becomes easier.
|
|
Victor A. Bañuls Silvera, Rafael Cantueso Burguillos, Fernando Tejedor Panchón, Miguel Ramírez de la Huerga, & Murray Turoff. (2019). A Delphi approach for the establishment of the fundamental principles of an Organizational Security System in Public Administration. In Z. Franco, J. J. González, & J. H. Canós (Eds.), Proceedings of the 16th International Conference on Information Systems for Crisis Response And Management. Valencia, Spain: Iscram.
Abstract: The aim of this work is defining fundamental principles of an Internal Security System in the presence of intentional risks in Public Administration. The relevance of this object of study has increased even more with the emergence of new terrorist groups and the proliferation of organized crime, which have been categorized as a maximum threat to Security by the government. This context has led to new regulations and legislation on Security matters at the national and international level to protect assets, people and the activity of the Administration itself. Despite the large number of regulations and relevance of this topic, there is not any study which defines in a comprehensive manner the requirements that a security system must have in the presence of intentional risks in Public Administration. The results of this work are intended to be a reference for the Public Administration, for the prevention and reaction to damage to people, property, and operation, intentionally caused by external agents, personnel themselves or users. These principles have been applied and validated through a Delphi process in the Administration of the Regional Government of Andalusia in which more than 40 security-related managers have participated.
|
|
Esteban Bopp, Johnny Douvinet, & Damien Serre. (2019). Sorting the good from the bad smartphone application to alert residents in case of disasters – Experiments in France. In Z. Franco, J. J. González, & J. H. Canós (Eds.), Proceedings of the 16th International Conference on Information Systems for Crisis Response And Management. Valencia, Spain: Iscram.
Abstract: The number of smartphone applications to alert and inform the population in a risk situation in France is too large
and these solutions are still unknow by the population. This study proposes an evaluation protocol based on various
indicators, which take into account the capacity of the applications to send a targeted alert, their attractiveness, the
ability of individuals to emit information and number of hazards considered. The results obtained on 50
applications deployed in France show that very few of them meet the objectives of the alert, in the sense defined
by civil security, because of a single-risk approach, a unique sense of communication, and the low acceptance of
these solutions by citizens.
|
|
Amelie Grangeat, Floriane Brill, Stephane Raclot, & Emmanuel Lapebie. (2016). Mapping of Areas Presenting Specific Risks to Firefighters due to Buried Technical Networks. In A. Tapia, P. Antunes, V.A. Bañuls, K. Moore, & J. Porto (Eds.), ISCRAM 2016 Conference Proceedings ? 13th International Conference on Information Systems for Crisis Response and Management. Rio de Janeiro, Brasil: Federal University of Rio de Janeiro.
Abstract: Vehicles or freight cars on fire below a bridge or inside a tunnel are exceptional events and imply difficult intervention conditions for firefighters. A buried technical network like high voltage electricity line, gas or steam pipeline around such a fire causes additional specifics risks. Vulnerability areas for firefighters are defined as zones where both factors exist: a difficult incident area – like tunnels or bridges over roads/railway lines ? together with a specific risk like buried networks. These areas require intervention teams with specific emergency response capabilities. The present paper proposes a method developed for the Paris Fire Brigade for vulnerability mapping. Results aim at being used by their decision support system dedicated to the mobilization of intervention teams. On the long term, it could improve the allocation of specific responses capabilities intervention teams as soon as the emergency call is treated. Results are debated from an operational point of view.
|
|
Lars Gerhold, & Nels Haake. (2015). Public Security in Germany 2030: Challenges for policy makers. In L. Palen, M. Buscher, T. Comes, & A. Hughes (Eds.), ISCRAM 2015 Conference Proceedings ? 12th International Conference on Information Systems for Crisis Response and Management. Kristiansand, Norway: University of Agder (UiA).
Abstract: This paper presents results from a two-round Expert-Delphi (N1=227, N2=126), realized in 2014, which focuses on the following research question: What are the most relevant developments affecting public security in Germany until 2030?
Theoretically the survey is based on a conceptual framework that includes assumptions on calculating the probable occurrence of risks, the relevance of megatrends and the implications of both on public security. Preliminary results show the relevance of the increasing dependency on Information and Communication Technologies (ICT), increasing exposure of critical infrastructures, the global mobility of men and goods and the widening gap between rich and poor as relevant for public security in Germany. Furthermore the potential impact of risks like ICT-crime, extreme weather events and pandemics are rated high, while their expected probability of occurrence differs from medium to high.
|
|