skip to main content
US FlagAn official website of the United States government
dot gov icon
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
https lock icon
Secure .gov websites use HTTPS
A lock ( lock ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Explore Research Products in the PAR
It may take a few hours for recently added research products to appear in PAR search results.


Title: A Viewpoint on Human Factors in Software Supply Chain Security: A Research Agenda
While securing dependencies and build systems is necessary, recent attacks have shown that developers are a commonly successfully attacked link in the chain. Therefore, a comprehensive approach that considers the human factor is crucial for effective software supply chain security.  more » « less
Award ID(s):
2207008
PAR ID:
10517446
Author(s) / Creator(s):
; ; ;
Publisher / Repository:
IEEE
Date Published:
Journal Name:
IEEE Security & Privacy
Volume:
21
Issue:
6
ISSN:
1540-7993
Page Range / eLocation ID:
59 to 63
Subject(s) / Keyword(s):
Supply chain management Human factors Software Security
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. ; ; (, 31st Annual Conference on Learning Theory)
    Classical distribution testing assumes access to i.i.d. samples from the distribution that is being tested. We initiate the study of Markov chain testing, assuming access to a single trajectory of a Markov Chain. In particular, we observe a single trajectory X0,...,Xt,... of an unknown, symmetric, and finite state Markov Chain M. We do not control the starting state X0, and we cannot restart the chain. Given our single trajectory, the goal is to test whether M is identical to a model Markov Chain M0 , or far from it under an appropriate notion of difference. We propose a measure of difference between two Markov chains, motivated by the early work of Kazakos [Kaz78], which captures the scaling behavior of the total variation distance between trajectories sampled from the Markov chains as the length of these trajectories grows. We provide efficient testers and information-theoretic lower bounds for testing identity of symmetric Markov chains under our proposed measure of difference, which are tight up to logarithmic factors if the hitting times of the model chain M0 is O(n) in the size of the state space n. 
    more » « less
  2. ; ; ; ; ; ; (, Journal of Manufacturing Science and Engineering)
    Abstract Factory in a box (FiB) is an emerging technology that meets the dynamic and diverse market demand by carrying a factory module on vehicles to perform on-site production near customers’ locations. It is suitable for meeting time-sensitive demands, such as the outbreak of disasters or epidemics/pandemics. Compared to traditional manufacturing, FiB poses a new challenge of frequently reconfiguring supply chain networks since the final production location changes as the vehicle carrying the factory travels. Supply chain network reconfiguration involves decisions regarding whether suppliers or manufacturers can be retained in the supply chain or replaced. Such a supply chain reconfiguration problem is coupled with manufacturing process planning, which assigns tasks to each manufacturer that impacts material flow in the supply chain network. Considering the supply chain reconfigurability, this article develops a new mathematical model based on nonlinear integer programming to optimize supply chain reconfiguration and assembly planning jointly. An evolutionary algorithm (EA) is developed and customized to the joint optimization of process planning and supplier/manufacturer selection. The performance of EA is verified with a nonlinear solver for a relaxed version of the problem. A case study on producing a medical product demonstrates the methodology in guiding supply chain reconfiguration and process planning as the final production site relocates in response to local demands. The methodology can be potentially generalized to supply chain and service process planning for a mobile hospital offering on-site medical services. 
    more » « less
  3. (, Conference on Learning Theory (COLT))
    The paper’s abstract in valid LaTeX, without non-standard macros or \cite commands. Classical distribution testing assumes access to i.i.d. samples from the distribution that is being tested. We initiate the study of Markov chain testing, assuming access to a {\em single trajectory of a Markov Chain.} In particular, we observe a single trajectory X0,…,Xt,… of an unknown, symmetric, and finite state Markov Chain M. We do not control the starting state X0, and we cannot restart the chain. Given our single trajectory, the goal is to test whether M is identical to a model Markov Chain M′, or far from it under an appropriate notion of difference. We propose a measure of difference between two Markov chains, motivated by the early work of Kazakos [78], which captures the scaling behavior of the total variation distance between trajectories sampled from the Markov chains as the length of these trajectories grows. We provide efficient testers and information-theoretic lower bounds for testing identity of symmetric Markov chains under our proposed measure of difference, which are tight up to logarithmic factors if the hitting times of the model chain M′ is O~(n) in the size of the state space n. 
    more » « less
  4. ; ; (, Conference on Learning Theory (COLT))
    The paper’s abstract in valid LaTeX, without non-standard macros or \cite commands. Classical distribution testing assumes access to i.i.d. samples from the distribution that is being tested. We initiate the study of Markov chain testing, assuming access to a {\em single trajectory of a Markov Chain.} In particular, we observe a single trajectory X0,…,Xt,… of an unknown, symmetric, and finite state Markov Chain M. We do not control the starting state X0, and we cannot restart the chain. Given our single trajectory, the goal is to test whether M is identical to a model Markov Chain M′, or far from it under an appropriate notion of difference. We propose a measure of difference between two Markov chains, motivated by the early work of Kazakos [78], which captures the scaling behavior of the total variation distance between trajectories sampled from the Markov chains as the length of these trajectories grows. We provide efficient testers and information-theoretic lower bounds for testing identity of symmetric Markov chains under our proposed measure of difference, which are tight up to logarithmic factors if the hitting times of the model chain M′ is O~(n) in the size of the state space n. 
    more » « less
  5. ; (, Journal of Applied Mechanics)
    Abstract Viscoelastic material behavior in polymer systems largely arises from dynamic topological rearrangement at the network level. In this paper, we present a physically motivated microsphere formulation for modeling the mechanics of transient polymer networks. By following the directional statistics of chain alignment and local chain stretch, the transient microsphere model (TMM) is fully anisotropic and micro-mechanically based. Network evolution is tracked throughout deformation using a Fokker–Planck equation that incorporates the effects of bond creation and deletion at rates that are sensitive to the chain-level environment. Using published data, we demonstrate the model to capture various material responses observed in physical polymers. 
    more » « less
  • Citation Formats
  • MLA
  • APA
  • Chicago
  • BibTeX
  • Save / Share this Record
  • Send to Email