Szczegóły publikacji
Opis bibliograficzny
A linear model for optimal cybersecurity investment in Industry 4.0 supply chains / Tadeusz SAWIK // International Journal of Production Research ; ISSN 0020-7543. — 2022 — vol. 60 no. 4, s. 1368-1385. — Bibliogr. s. 1383-1384, Abstr. — Publikacja dostępna online od: 2020-12-08. — Dod. afiliacja: Department of Engineering, Reykjavik University, Reykjavik, Iceland
Autor
Słowa kluczowe
Dane bibliometryczne
| ID BaDAP | 139592 |
|---|---|
| Data dodania do BaDAP | 2022-03-24 |
| Tekst źródłowy | URL |
| DOI | 10.1080/00207543.2020.1856442 |
| Rok publikacji | 2022 |
| Typ publikacji | artykuł w czasopiśmie |
| Otwarty dostęp |  |
| Czasopismo/seria | International Journal of Production Research |
Abstract
This paper presents a mixed integer linear programming formulation for optimisation of cybersecurity investment in Industry 4.0 supply chains. Using a recursive linearisation procedure, a complex nonlinear stochastic combinatorial optimisation model with a classical exponential function of breach probability is transformed into its linear equivalent. The obtained linear optimisation model is capable of selecting optimal portfolio of security safeguards to minimise cybersecurity investment and expected cost of losses from security breaches in a supply chain. The new efficiency measures of cybersecurity investment are introduced: cybersecurity value and cybersecurity ratio. In addition, the proposed linear model has been enhanced for the Hurwicz-type, best–worst criterion to minimise a convex combination of the minimal and the maximal supply chain node vulnerability, under limited budget. The resulting compromise cybersecurity investment aims at balancing vulnerability over the entire supply chain, independent of cyberattack probabilities and potential losses by security breaches, thereby hardening the weaker critical nodes. The findings indicate a crucial role of intrinsic vulnerability, determined by the architecture of Industry 4.0 supply chain, and highlight ‘design for cybersecurity’ as an important emerging area of research.