An overview of safety and security analysis frameworks for the Internet of Things

Abdulhamid, Alhassan, Kabir, Sohag, Ghafir, Ibrahim, Lei, Ci

09 August 2023

Yes / The rapid progress of the Internet of Things (IoT) has continued to offer humanity numerous benefits, including many security and safety-critical applications. However, unlocking the full potential of IoT applications, especially in high-consequence domains, requires the assurance that IoT devices will not constitute risk hazards to the users or the environment. To design safe, secure, and reliable IoT systems, numerous frameworks have been proposed to analyse the safety and security, among other properties. This paper reviews some of the prominent classical and model-based system engineering (MBSE) approaches for IoT systems’ safety and security analysis. The review established that most analysis frameworks are based on classical manual approaches, which independently evaluate the two properties. The manual frameworks tend to inherit the natural limitations of informal system modelling, such as human error, a cumbersome processes, time consumption, and a lack of support for reusability. Model-based approaches have been incorporated into the safety and security analysis process to simplify the analysis process and improve the system design’s efficiency and manageability. Conversely, the existing MBSE safety and security analysis approaches in the IoT environment are still in their infancy. The limited number of proposed MBSE approaches have only considered limited and simple scenarios, which are yet to adequately evaluate the complex interactions between the two properties in the IoT domain. The findings of this survey are that the existing methods have not adequately addressed the analysis of safety/security interdependencies, detailed cyber security quantification analysis, and the unified treatment of safety and security properties. The existing classical and MBSE frameworks’ limitations obviously create gaps for a meaningful assessment of IoT dependability. To address some of the gaps, we proposed a possible research direction for developing a novel MBSE approach for the IoT domain’s safety and security coanalysis framework.

Internet of Things

Safety

Security

Analysis frameworks

Model-based system engineering

Safety and security coanalysis

Strategy analysis frameworks for strategy orientation and focus

Isoherranen, V. (Ville)

17 April 2012

Abstract The primary research target of this dissertation is to develop new strategy analysis frameworks, focusing on analysing changes in strategic position as a function of variations in life cycle s-curve/time/typology/market share/orientation. Research is constructive and qualitative by nature, with case study methodology being the adopted approach. The research work is carried out as a compilation dissertation containing four (4) journal articles. The theoretical framework of this dissertation is built from strategy analysis, as well as from strategy orientation and typology theories. Strategy analysis focuses to examining the strengths of business positioning; understanding the external and internal factors that influence a position or orientation. In strategy analysis, several frameworks or tools can be used. The SWOT, PEST, Five Forces, Four Corners, Value Chain, and Blue Ocean strategy profile analysis frameworks are introduced in this research. Strategy orientation or focus can be described as the underlying attributes of a company’s strategy, which directs decision making and orients the activities within a company towards a specific course. Using strategy orientation or focus as a means of innovating and guiding decision making fosters an environment conducive to strategizing, thereby facilitating the formulation of the actual strategies followed by the company. In this dissertation, the Miles and Snow (1978) strategy typology is introduced along with market orientation, product orientation, technology orientation, and customer orientation (focus). This research contributes to existing literature in that it provides a set of strategy analysis frameworks. Each of the frameworks answers a specific research question within the research target. The frameworks created are life cycle with a strategy typology framework, four-way strategy orientation framework, strategy orientation framework with market share analysis, and orientation with a typology framework. All these frameworks can be used individually. Together, they build an analysis toolbox that can generate valuable information from analysis. The developed strategy analysis frameworks are tested with two case companies’ strategy materials taken from publicly available annual reports. The case companies are Nokia and Amer. Empirical results show that the developed strategy analysis frameworks can generate new information regarding case businesses strategy, and detect changes in strategic positions. The theoretical implications of this dissertation contribute to research on strategy analysis, and are a result of combining the perspectives adopted in the strategy analysis frameworks with those of the strategy orientation domain, thereby creating new strategy orientation analysis frameworks. Areas for further research include the linkage of business success to orientations, transformation strategies, and consumer focus as elements of strategy formulation. / Tiivistelmä Tämän tutkimuksen tavoitteena on kehittää uusia strategian analyysikehikoita, joitten tavoitteena on tutkia muutoksia strategisessa asemassa. Muutosten lähteenä voivat olla vaihtelut elinkaaren/ajan/typologian/markkinaosuuden tai orientaation suhteen. Tutkimus on konstruktiivista ja laadullista, käyttäen case-tapaus menetelmää. Tutkimus on toteutettu julkaisuväitöskirjana, sisältäen neljä (4) tieteellistä julkaisua. Tämän tutkimuksen teoriaosuus on rakennettu strategia-analyysin, strategisen suuntautumisen ja typologian teorioista. Strategia-analyysissa tutkitaan yrityksen strategisen aseman vahvuutta, pyrkien ymmärtämään ulkoisten ja sisäisten tekijöiden vaikutuksen asemaan tai strategian suuntautumiseen. Strategia-analyysissa voidaan käyttää useita analyysikehikoita tai työkaluja. Tämän tutkimuksen teoriaosuudessa esitellään SWOT, PEST, Five Forces, Four Corners, arvoketju ja sinisen meren strategian analyysikehikot. Strategiseksi suuntaumiseksi tai keskittymiseksi voidaan luonnehtia niitä strategian piileviäkin ominaisuuksia, jotka tosiasiassa ohjaavat päätöksentekoa ja suuntavat yrityksen toimintoja kohti tiettyä päämäärää. Strateginen suuntautuminen tai keskittyminen ohjaa yrityksen todellisen strategisen suunnan määrittämistä. Tutkimuksen teoriaosuudessa esitellään Miles ja Snown (1978) strategiatypologia, kuten myös markkinasuuntautunut, tuotesuuntautunut, teknologiasuuntautunut ja asiakaskeskeisen strategian tunnuspiirteet. Tämän tutkimuksen tuloksena on syntynyt kokoelma strategian analyysikehikoita. Jokainen rakennettu analyysikehikko vastaa erilliseen tutkimuskysymykseen tutkimustavoitteen sisällä. Rakennetut kehikot ovat elinkaarimallin ja strategia typologia -analyysikehikko, neljän-suunnan strategisen suuntautumisen analyysikehikko, strategisen suuntaumisen ja markkinaosuuden analyysikehikko sekä strategisen suuntautumisen ja typologian analyysikehikko. Kaikkia näitä kehikoita voidaan käyttää erikseen strategian analysointiin. Yhdessä nämä kehikot muodostavat arvokkaan analyysityökalupakin. Kehitettyjä strategian analyysikehikkoja on testattu kahden case yrityksen strategia-aineistolla, jotka ovat olleet saatavilla julkisista vuosikertomuslähteistä. Case yrityksinä ovat Nokia ja Amer. Tutkimustulokset osoittavat, että kehitetyt analyysikehikot pystyvät tuottamaan uutta tietoa case yritysten strategiasta ja havainnoimaan muutoksia strategisessa asemassa. Tämän tutkimuksen tulokset luovat uutta tietoa strategisesta analyysista. Tutkimus yhdistää strategia-analyysin ja strategisen orientaation tutkimusta, ja luo uusia strategisen suuntautumisen analyysikehikoita. Jatkotutkimuskohteina voivat olla niin yrityksen liiketaloudellisen menestyksen suhde strategiseen orientaatioon, muutosstrategiat sekä asiakaskeskeisyys osana strategian muodostamista.

Strategy analysis

Strategy analysis frameworks

market-oriented strategy

product-orientated strategy

strategy orientation

markkinasuuntautunut strategia

strategia-analyysi

strategian analyysikehikot

strateginen suuntautuminen

tuotesuuntautunut strategia

Complex Holistic Assessment of Systems: A Risk Analysis of Human Trafficking

Gianna Sophia Lint (16648410)

25 July 2024

<p>Human Trafficking is the fastest--growing organized criminal activity, second only to drug trafficking. Modeling has given us some sense of the scale of the exploitation, but we do not truly understand the depth and breadth of the behaviors within the system. This research presents chaos theory--driven risk analysis of human trafficking, with the expectation not to predict individual behaviors but to understand the boundaries and patterns of the dynamic system that is human trafficking. Subject matter experts within Six Sigma and risk analysis were consulted to evaluate the application of the traditional Failure Mode Effect Analysis (FMEA) on dynamic systems. This research identified valuable modifications to the traditional FMEA process to better apply to complex, dynamic processes. A dynamic FMEA decouples the generation of failure modes from the RPN score to accommodate the multiple POVs and SME expertise. Application of a dynamic FMEA occurs in two distinct phases: (1) failure modes ranked by their risk to the system and (2) the prioritization of solutions. This allows for broad SME knowledge to identify failure modes in the system but does not require those same SMEs to identify solutions. A discussion is needed regarding the prioritization of solutions. Subject matter experts within anti--trafficking efforts included those working in law, academia, finance, victims’ advocacy, data analysis, and law enforcement, as well as a survivor of sex trafficking. Interviews and thematic analysis identified and ranked high--level human trafficking process steps that include finance, network, transportation, location, product conversion, and law enforcement. Within these steps, major elements of behaviors were identified and included actors, activities, society, structures, government, and media. A vulnerability ranking of these steps of human trafficking gave insight into points of instability that can be used to dismantle the act of human trafficking proactively. The focus when analyzing the risk of human trafficking, therefore, should be on the systems and structures that allow for exploitation to occur in the first place. If those risks and vulnerabilities can be elucidated, true barriers and change can be implemented to destabilize the dynamic system of human trafficking.</p>

Risk Analysis Frameworks

Chaos Theory

Human Trafficking

Six Sigma