Guiding Supply Chain Security in Aeronautic Development
In the Aeronautics industry , assessing supply chain elements for security , financial , ethical , geographical , resilience , quality and integrity risks is complicated by : ( 1 ) the lack of standard sets of risks to potentially assess ; ( 2 ) a lack of standard practices for how to evaluate those risks in a consistent , structured , and defendable manner ; and ( 3 ) no clear way to convey the results . 1 2
This paper proposes an approach leveraging System of Trustâ„¢ ( SoT ) as a body of knowledge of supply chain-relevant risks and shows how this can be applied to the supply chain risk assessments that the Aeronautics industry conduct . An assessment , with at-a-glance illustration of the findings and detailed assessment data for measures used , is included as an example for others to leverage .
While supply chain security issues loom large in organizations , they lack a demonstrable , scalable , repeatable , and defensible approach to perform due-diligence assessments of their supply chain partners that can communicate to leadership who meets their risk appetite and why . Real-world consequences within the aeronautic field were demonstrated by the Advanced Air Mobility ( AAM ) supply chain working group by NASA Aeronautics Research Institute ( NARI ). The AAM supply chain group provided evidence on Boeing and Airbus showing contractual cost consequences due to supply structure changes and supply volatility . 3 This new work leverages MITRE ’ s history of efforts to clarify and standardize security measurement and demonstrates the presentation of its application and findings outcomes .
1 SUPPLY CHAIN SECURITY ISSUES IN AEROSPACE
Most current supply chain security practices lack uniformity and scoping for supply chain risk management . Framing a supply chain risk for leadership personnel often requires a specific security education to enable decision making . In the past , software development and cybersecurity were independent fields of study and application .
With the introduction of DevSecOps , which fuses both software development and cybersecurity goals into a single blended perspective , came positions devoted to its integrated implementation and the study of its practical benefits . Acquisition , requirements building , and engineering parts selection are currently going through a similar fusion of supply chain and security perspectives . Supply Chain Security is at the forefront of cybersecurity topics , leading discussions on how to solve and prepare the industry for the known problems that have evolved . Leadership needs to
1 https :// www . cutter . com / article / supply-chain-security-system-trust-framework-concerns-blocking-trustsupplies-suppliers
2 https :// www . americanbar . org / groups / science _ technology / publications / scitech _ lawyer / 2021 / winter / defining-system-trust-sot-a-keystone-tool-supply-chain-security /
3 https :// nari . arc . nasa . gov / sites / default / files / attachments / 2021-09- 09 % 20AeroDynamic % 20Advisory % 20AAM % 20Supply % 20Chain % 20Working % 20Group % 20Presentation . pdf
Journal of Innovation 3