Supply Chain Attack Framework and Attack Patterns

Abstract

During FY13, MITRE conducted an effort on behalf of the Office of the Assistant Secretary of Defense for Systems Engineering (DASD SE) to address supply chain attacks relevant to Department of Defense (DoD) acquisition program protection planning. The objectives of this work were to: * Pull together a comprehensive set of data sources to provide a holistic view of supply chain attacks of malicious insertion that, to date, has not been available. * Generate a catalog of attack patterns that provides a structure for maturing the supply chain risk management (SCRM) aspects of system security engineering (SSE), together with potential application approaches for assessing malicious insertion in critical components of DoD systems being acquired or sustained.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Dec 01, 2013
Accession Number
ADA610495

Entities

People

  • John F. Miller

Organizations

  • MITRE Corporation

Tags

Communities of Interest

  • Advanced Electronics
  • Cyber
  • Engineered Resilient Systems
  • Materials and Manufacturing Processes
  • Space

DTIC Thesaurus Topics

  • Application-Specific Integrated Circuits
  • Computer Programming
  • Computer Programs
  • Configuration Management
  • Control Systems
  • Field Programmable Gate Arrays
  • Information Systems
  • Integrated Circuits
  • Logistics
  • Malware
  • Management Personnel
  • Manufacturing
  • Software Development
  • Supply Chain
  • System Software
  • Systems Engineering
  • Test And Evaluation

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Defense Acquisition Program Management
  • Software Engineering.