No full-text available
To read the full-text of this research,
you can request a copy directly from the authors.
The effects of cyber threats on maintenance outsourcing and age replacement policy
Abstract
This research examines maintenance outsourcing in the presence of cyber-attacks. The research findings contribute to the literature on maintenance outsourcing by considering how cyber-attacks affect channel coordination and, specifically, cost subsidization. The Internet of Things assumes the risk that a “smart” or connected manufacturing system could become the target of a cyber-attack. Manufacturers have to face the difficult decision of adopting increasingly costly security technologies or having the manufacturing system remain vulnerable to cyber threats. This study develops a model addressing this dilemma by providing insight into the effects of cost subsidization and tools that manufacturers may use to evaluate the impact that installation of a security system has on a manufacturing system’s profit. The research also analyzes the effect of a cyber-attack on the system when using an age replacement policy. Under such a system, repairs may cost more than replacement which suggests that new components are required immediately after failure. For “smart” manufacturing systems that use either maintenance outsourcing or an age replacement policy, the study provides optimal solutions for firms to maximize the manufacturing system’s profit with consideration of the firms’ physical equipment failure and cyber-attack rates. The findings help determine the value of a security system by providing guidelines that address the effects of the cost, failure rate, and “successful” cyber-attack rate parameters.
As industries increasingly outsource their Maintenance, Repair, and Overhaul (MRO) programs to third‐party service providers, Original Equipment Manufacturers (OEMs) seek to expand their market share by providing comprehensive MRO packages along with the original products at a bundled price. This study introduces a bargaining model that jointly optimizes pricing, maintenance policies, and OEM's market coverage, considering participants' gain/loss behaviors within the Full‐Service Product System (FSPS) contracts framework. We first provide closed‐form analysis for various scenarios in a one‐on‐one bargaining negotiation, resulting in significant computational efficiency and insightful managerial implications. It also enables us to expand the problem to multiple contracts and develop an algorithm that simultaneously optimizes client density, profitability, pricing and MRO policies. The findings indicate that when players' profits fall short of their reference point, a more loss‐averse approach results in increased personal profit and less favorable outcomes for the opponent. We further enrich our findings by conducting a sensitivity analysis of the parameters affecting the pricing, MRO policies, and market coverage.
A revolution in manufacturing systems is underway: substantial recent investment has been directed towards the development of smart manufacturing systems that are able to respond in real time to changes in customer demands, as well as the conditions in the supply chain and in the factory itself. Smart manufacturing is a key component of the broader thrust towards Industry 4.0, and relies on the creation of a bridge between digital and physical environments through Internet of Things (IoT) technologies, coupled with enhancements to those digital environments through greater use of cloud systems, data analytics and machine learning. Whilst these individual technologies have been in development for some time, their integration with industrial systems leads to new challenges as well as potential benefits. In this paper, we explore the challenges faced by those wishing to secure smart manufacturing systems. Lessons from history suggest that where an attempt has been made to retrofit security on systems for which the primary driver was the development of functionality, there are inevitable and costly breaches. Indeed, today's manufacturing systems have started to experience this over the past few years; however, the integration of complex smart manufacturing technologies massively increases the scope for attack from adversaries aiming at industrial espionage and sabotage. The potential outcome of these attacks ranges from economic damage and lost production, through injury and loss of life, to catastrophic nation-wide effects. In this paper, we discuss the security of existing industrial and manufacturing systems, existing vulnerabilities, potential future cyber-attacks, the weaknesses of existing measures, the levels of awareness and preparedness for future security challenges, and why security must play a key role underpinning the development of future smart manufacturing systems.
With recent advancements in computer and network technologies, cyber-physical systems have become more susceptible to cyber-attacks, with production systems being no exception. Unlike traditional information technology systems, cyber-physical systems are not limited to attacks aimed solely at intellectual property theft, but include attacks that maliciously affect the physical world. In manufacturing, cyber-physical attacks can destroy equipment, force dimensional product changes, or alter a product’s mechanical characteristics. The manufacturing industry often relies on modern quality control (QC) systems to protect against quality losses, such as those that can occur from an attack. However, cyber-physical attacks can still be designed to avoid detection by traditional QC methods, which suggests a strong need for new and more robust QC tools. As a first step toward the development of new QC tools, an attack taxonomy to better understand the relationships between QC systems, manufacturing systems, and cyber-physical attacks is proposed in this paper. The proposed taxonomy is developed from a quality control perspective and accounts for the attacker’s view point through considering four attack design consideration layers, each of which is required to successfully implement an attack. In addition, a detailed example of the proposed taxonomy layers being applied to a realistic production system is included in this paper.
Additive manufacturing (AM), or 3D printing, is an emerging manufacturing technology that is expected to have far-reaching socioeconomic, environmental, and geopolitical implications. As use of this technology increases, it will become more common to produce functional parts, including components for safety-critical systems. AM's dependence on computerization raises the concern that the manufactured part's quality can be compromised by sabotage. This paper demonstrates the validity of this concern, as we present the very first full chain of attack involving AM, beginning with a cyber attack aimed at compromising a benign AM component, continuing with malicious modification of a manufactured object's blueprint, leading to the sabotage of the manufactured functional part, and resulting in the physical destruction of a cyber-physical system that employs this part. The contributions of this paper are as follows. We propose a systematic approach to identify opportunities for an attack involving AM that enables an adversary to achieve his/her goals. Then we propose a methodology to assess the level of difficulty of an attack, thus enabling differentiation between possible attack chains. Finally, to demonstrate the experimental proof for the entire attack chain, we sabotage the 3D printed propeller of a quadcopter UAV, causing the quadcopter to literally fall from the sky.
Cyber manufacturing is transformative concept that involves the translation of data from interconnected systems into predictive and prescriptive operations to achieve resilient performance. It intertwines industrial big data and smart analytics to discover and comprehend invisible issues for decision making. With the advent of Internet-of-Things (IoT) and smart, predictive analytics technologies, companies have been building a networked data-rich environment, which calls for a systematic methodology to transform raw data into meaningful and actionable operations. This paper introduces a fundamental framework and architecture for cyber manufacturing systems.
The use of varying sample size monitoring techniques for Poisson count data has drawn a great deal of attention in recent years. Specifically, these methods have been used in public health surveillance, manufacturing, and safety monitoring. A number of approaches have been proposed, from the traditional Shewhart charts to cumulative sum (CUSUM) and exponentially weighted moving average (EWMA) methods. It is convenient to use techniques based on statistics that are invariant to the units of measurement since in most cases these units are arbitrarily selected. A few of the methods reviewed in our paper are not inherently invariant, but most are easily modified to be invariant. Most importantly, if methods are invariant to the choice of units of measurement, they can be applied in situations where the in-control Poisson mean varies over time, even if there is no associated varying sample size. Several examples are discussed to highlight the promising uses of invariant Poisson control charting methods in this much broader set of applications which includes risk-adjusted monitoring in healthcare, public health surveillance, and monitoring of continuous time non-homogeneous Poisson processes. A new chart design method based on extensive on-line simulation is highlighted.
In this paper, we consider a system with multiple components, each prone to failure, during which production is halted. Minimal repair is performed by an external contractor whenever a component breaks down. The contractor also conducts a general preventive maintenance (PM) for the whole system at pre-determined times. The contractor's goal is to minimise maintenance-related costs; however, the system (made up of the contractor and the manufacturer, who gains revenue whenever the system is up) profit would be maximised if the revenue is also considered. Since these goals usually require different PM schedules, we propose a cost subsidisation scheme which coordinates the system. We then extend this basic model by considering the existence of a backup machine which will allow the system to continue running (albeit, generating a lower revenue) whenever a component fails. We show that the existence of such a machine reduces the profit difference between uncoordinated and coordinated systems.
Purpose
– The purpose of this paper is to investigate the diverse nature of tangible and intangible value dimensions that contribute to customers’ perception of value from outsourced maintenance services.
Design/methodology/approach
– A multiple case study approach has been adopted. Repertory grid, an in-depth structured interviewing technique, has been used in order to draw out the respondents’ hidden constructs in evaluating outsourced maintenance services. Data have been collected from four customer organizations of outsourced maintenance services, and a total of 33 interviews have been undertaken.
Findings
– The paper has identified a range of tangible and intangible value dimensions that are of importance in maintenance outsourcing decision making. The most important value dimensions for maintenance outsourcing were found to be specialist knowledge, accessibility (of the service provider), relational dynamic, range of products and services, delivery, pricing and locality. Although the paper has identified the most important value dimensions the paper also emphasizes the need to take into account the full range of value dimensions in order to understand the whole value pattern in an organization.
Practical implications
– The results will be of use for maintenance service providers to help them to improve value-adding capacity of maintenance services. The results can also be applied by customers to help them assess the value they receive from outsourced maintenance services.
Originality/value
– A different perspective on maintenance outsourcing value is provided. The value patterns in different organizations and the viewpoints of respondents in different organizational roles are described. The dynamic nature of these tangible or intangible values over time and their interrelationships has also been explored.
In the information security business, 30 years of practical and theoretical research has resulted in a fairly sophisticated appreciation for how to judge the qualitative level of risk faced by an enterprise. Based upon that understanding, there is a practical level of protection that a competent security manager can architect for a given enterprise. It would, of course, be better to use a quantitative approach to risk management, but, unfortunately, sufficient quantitative data that has been scientifically collected and analyzed does not exist. There have been many attempts to develop quantitative data using traditional quantitative methods, such as experiments, surveys, and observations, but there are significant weaknesses apparent in each approach. The research described in this paper was constructed to explore the utility of applying the well-established method of expert judgment elicitation to the field of information security. The instrument for eliciting the expert judgments was developed by two information security specialists and two expert judgment analysis specialists. The resultant instrument was validated using a small set of information security experts. The final instrument was used to elicit answers to both the calibration and judgment questions through structured interviews. The data was compiled and analyzed by a specialist in expert judgment analysis. This research illustrates the development of prior distributions for the parameters of models for cyber attacks and uses expert judgment results to develop the distributions.
Getting agents in the Internet, and in networks in general, to invest in and deploy security features and protocols is a challenge, in particular because of economic reasons arising from the presence of network externalities. Our goal in this paper is to carefully model and quantify the impact of such externalities on the investment in, and deployment of, security features and protocols in a network. Specifically, we study a network of interconnected agents, which are subject to epidemic risks such as those caused by propagating viruses and worms, and which can decide whether or not to invest some amount to self-protect and deploy security solutions. We make three contributions in the paper. First, we introduce a general model which combines an epidemic propagation model with an economic model for agents which captures network effects and externalities. Second, borrowing ideas and techniques used in statistical physics, we introduce a Local Mean Field (LMF) model, which extends the standard mean-field approximation to take into account the correlation structure on local neighborhoods. Third, we solve the LMF model in a network with externalities, and we derive analytic solutions for sparse random graphs, for which we obtain asymptotic results. We explicitly identify the impact of network externalities on the decision to invest in and deploy security features. In other words, we identify both the economic and network properties that determine the adoption of security technologies.
An ever-growing number of companies are moving toward the Industry 4.0 paradigm, adopting a range of advanced technologies (e.g., smart sensors, big data analytics, and cloud computing) and networking their manufacturing systems. This improves the efficiency and effectiveness of operations but also introduces new cybersecurity challenges. In this article, the impact assessment methodology is applied in the context of manufacturing systems 4.0 (also known as smart manufacturing systems, cyber manufacturing systems, or digital manufacturing systems), thus identifying the critical assets to be protected against cyber-attacks and assessing the business impacts in the case of subtractive and additive technologies. The research design of the single case study with multiple units of analysis is applied. In particular, a large company, a leader in the manufacturing of aeronautical components, is considered a representative case study, and its two main types of manufacturing cells that is, those based on networked computer numerical control machines and 3-D printers, are taken as applicative cases for the methodology. The application of the impact assessment methodology in the manufacturing context 4.0 of aeronautical components represents a useful guide for researchers in the field of cybersecurity and for companies intending to implement it in their smart manufacturing environments. In particular, based on this study, companies can define the critical manufacturing data to protect against cyber-attacks, isolate the business impacts in case of cybersecurity breaches, correlate the identified business impacts with the specific data category, and assess the level of business impacts.
This book explores the genesis of ransomware and how the parallel emergence of encryption technologies has elevated ransomware to become the most prodigious cyber threat that enterprises are confronting. It also investigates the driving forces behind what has been dubbed the ‘ransomware revolution’ after a series of major attacks beginning in 2013, and how the advent of cryptocurrencies provided the catalyst for the development and increased profitability of ransomware, sparking a phenomenal rise in the number and complexity of ransomware attacks.
This book analyzes why the speed of technology adoption has been a fundamental factor in the continued success of financially motivated cybercrime, and how the ease of public access to advanced encryption techniques has allowed malicious actors to continue to operate with increased anonymity across the internet. This anonymity has enabled increased collaboration between attackers, which has aided the development of new ransomware attacks, and led to an increasing level of technical complexity in ransomware attacks. This book highlights that the continuous expansion and early adoption of emerging technologies may be beyond the capacity of conventional risk managers and risk management frameworks.
Researchers and advanced level students studying or working in computer science, business or criminology will find this book useful as a reference or secondary text. Professionals working in cybersecurity, cryptography, information technology, financial crime (and other related topics) will also welcome this book as a reference.
Industry 4.0 is collaborating directly for the technological revolution. Both machines and managers are daily confronted with decision making involving a massive input of data and customization in the manufacturing process. The ability to predict the need for maintenance of assets at a specific future moment is one of the main challenges in this scope. The possibility of performing predictive maintenance contributes to reducing downtime, costs, increases control and product quality. We observed that surveys and tutorials about Industry 4.0 focus mainly on addressing data analytics and machine learning methods to change production procedures, so not comprising predictive maintenance methods and their organization. In this context, this article presents a systematic literature review of initiatives of predictive maintenance in Industry 4.0, identifying and cataloging methods, standards, and applications. As the main contributions, this survey discusses the current challenges and limitations in predictive maintenance, in addition to proposing a novel taxonomy to classify this research area considering the needs of the Industry 4.0. We concluded that computer science, including artificial intelligence and distributed computing fields, is more and more present in an area where engineering was the dominant expertise, so detaching the importance of a multidisciplinary approach to address Industry 4.0 effectively.
An increasing number of cybersecurity breaches adversely affect business performance, by leveraging thevulnerabilities of networked manufacturing machines. In some cases, cyber-attacks on critical industrial equipment are able to undermine the corporate business model. Knowing and evaluating in advance themain critical assets to be protected from potential cyber-attacks and the business impacts that could occur is a source of competitive advantage.Through the analysis of literature and an ethnographic research approach, this study proposes a struc-tured classification of critical industrial assets within Industry 4.0 and potential adverse impacts onbusiness performance due to breaches of cybersecurity. In particular, cybersecurity is analysed in termsof loss of confidentiality, integrity and availability of data associated with networked manufacturing machines. It is also suggested how critical assets and business impacts are correlated and how business impacts can be assessed. The proposed results can be organized in four steps for supporting companies in making decisions on cybersecurity policies. Moreover, both industry and academia can benefit from these results to conduct future analysis and investigation activities in the field of cybersecurity.
Cybersecurity poses a difficult challenge to supply chains, as a firm may be affected by an attack on another firm in the supply chain. For example, a retailer’s consumer data might be compromised via an attack on a supplier. In general, individual nodes in a supply chain bear the entire cost of their own cybersecurity investments, but some of the benefits of the investments may be enjoyed by the other nodes as well. We analyze the differences between coordinated and uncoordinated cybersecurity investments, as well as the differences resulting from a strategic and a non-strategic attacker. We find that lack of coordination leads to underinvestment with a non-strategic attacker, but that this is somewhat counterbalanced by an attacker being strategic. Lack of coordination may lead to either underinvestment or overinvestment with a strategic attacker, depending on how large the indirect damages from attacks are relative to the direct damages; overinvestment is more likely if indirect damages are relatively minor. A numerical example is provided to illustrate the impacts of and relationships between coordinated investments and a strategic attacker.
Cyber risks are high on the business agenda of every company, but they are difficult to assess due to the absence of reliable data and thorough analyses. This paper is the first to consider a broad range of cyber risk events and actual cost data. For this purpose, we identify cyber losses from an operational risk database and analyze these with methods from statistics and actuarial science. We use the peaks-over-threshold method from extreme value theory to identify “cyber risks of daily life” and “extreme cyber risks”. Human behavior is the main source of cyber risk and cyber risks are very different compared with other risk categories. Our models can be used to yield consistent risk estimates, depending on country, industry, size, and other variables. The findings of the paper are also useful for practitioners, policymakers and regulators in improving the understanding of this new type of risk.
Digital manufacturing aims to create highly customizable products with higher quality and lower costs by integrating Industrial Internet of Things, big data analytics, cloud computing, and advanced robots into manufacturing plants. As manufacturing machines are increasingly retrofitted with sensors as well as connected via wireless networks or wired Ethernet, digital manufacturing systems are becoming more accessible than ever. While advancement in sensing, artificial intelligence, and wireless technologies enables a paradigm shift in manufacturing, cyber-attacks pose significant threats to the manufacturing sector. This paper presents a review of cybersecurity in digital manufacturing systems from system characterization, threat and vulnerability identification, control, and risk determination aspects as well as identifies challenges and future work.
The paper introduces a security framework for the application of human-robot collaboration in a futuristic industrial cyber-physical system (CPS) context of industry 4.0. The basic elements and functional requirements of a secure collaborative robotic cyber-physical system are explained and then the cyber-attack modes are discussed in the context of collaborative CPS whereas a defense mechanism strategy is proposed for such a complex system. The cyber-attacks are categorized according to the extent on controllability and the possible effects on the performance and efficiency of such CPS. The paper also describes the severity and categorization of such cyber-attacks and the causal effect on the human worker safety during human-robot collaboration. Attacks in three dimensions of availability, authentication and confidentiality are proposed as the basis of a consolidated mitigation plan. We propose a security framework based on a two-pronged strategy where the impact of this methodology is demonstrated on a teleoperation benchmark (NeCS-Car). The mitigation strategy includes enhanced data security at important interconnected adaptor nodes and development of an intelligent module that employs a concept similar to system health monitoring and reconfiguration.
The digitalization of the instrumentation and control (I&C) systems in nuclear power plants has increased the threat from cyber-attack. This paper addresses cyber-attack vulnerability from potential attacks on non-safety I&C systems that result in a hazardous plant status. In safety-critical applications such as nuclear power plants, safety systems are separated and isolated from non-safety systems by design. Cyber-attacks on the non-safety systems can however escalate into plant safety threats by inducing wrong operator actions. We focus here on the operator actions that lead to the unavailability of the safety system and cause the failure of accident mitigation. In this study, the effect of safety system unavailability on plant safety is carefully modeled by using n conventional fault tree (FT) analyses, and human actions are analyzed based on emergency operating procedures. Based on the results of the FT analyses in combination with human action analyses, we suggest a novel method to systematically develop cyber-attack propagation scenarios, where a cyber-attack is linked to its consequences. As a case study, the feed-and-bleed operation is analyzed with the developed FT, producing multiple scenarios that lead to core damage. The results of this study are expected to be useful in establishing preventive measures.
Age replacement models are fundamental to maintenance theory. This paper summarizes our new perspectives and methods in age replacement models: First, we optimize the expected cost rate for a required availability level and vice versa. Second, an asymptotic model with simple calculation is proposed by using the cumulative hazard function skillfully. Third, we challenge the established theory such that preventive replacement should be non-random and only corrective replacement should be made for the unit with exponential failure. Fourth, three replacement policies with random working cycles are discussed, which are called overtime replacement, replacement first, and replacement last, respectively. Fifth, the policies of replacement first and last are formulated with general models. Sixth, age replacement is modified for the situation when the economical life cycle of the unit is a random variable with probability distribution. Finally, models of a parallel system with constant and random number of units are taken into considerations. The models of expected cost rates are obtained and optimal replacement times to minimize them are discussed analytically and computed numerically. Further studies and potential applications are also indicated at the end of discussions of the above models.
This paper attempts to explore the performance measures and optimization analysis of machine repairing systems with standby switching failure. The time between failures and time-to-repair of failed machines are assumed to be exponential and general distributions, respectively. The standby is switched over to the operating mode when an operating machine fails, and the switch is subject to failure with probability . A recursive method based on the supplementary variable technique is used to derive the steady-state probabilities of failed machines in the system. We then develop various performance measures of the system and construct the expected cost function per unit time. The probabilistic global search Lausanne method is employed to determine the optimal number of operating machines, the optimal number of standbys and the optimal repair rate, wherein the expected cost per unit time is minimized. Finally, some numerical examples are provided for illustrative purposes.
Today's organizations are inherently open and connected, sharing knowledge and ideas in order to remain innovative. As a result, these organizations are also more vulnerable to information theft through different forms of security breaches caused by hackers and competitors. One way of understanding the vulnerability of an information system is to build and analyze the attack graph of that system. The attack graph of an information system contains all the paths that can be used to penetrate the system in order to breach critical assets. Although existing literature provides an abundance of attack graph generation algorithms, more methods are required to help analyze the attack graphs. In this paper, we study how best to deploy security countermeasures to protect an organization by analyzing the vulnerability of the organization through the use of its attack graph. In particular, we present an approach to find an optimal affordable subset of arcs, called an interdiction plan, on an attack graph that should be protected from attack to minimize the loss due to security breaches. We formulate this problem as a bi-level mixed-integer linear program and develop an exact algorithm to solve it. Experiments show that the algorithm is able to solve relatively large problems. Two heuristic methods, one with and the other without a heuristic to solve the master problem and both limiting the master problem branch-and-bound tree to only one node solve the large problems remarkably well. Experiments also reveal that the quality of an interdiction plan is relatively insensitive with respect to the error in the estimate of the attacker's budget, and that the breach loss drops sharply at the beginning, then levels off before finally dropping sharply again with increases in the security budget.
It is well known in reliability theory: (1) When the failure time is exponential, an operating unit should be replaced only at failure and (2) an optimum age replacement is nonrandom [1, p. 86].
Purpose
– The purpose of this paper is to investigate age replacement policies for two-component parallel system with stochastic dependence. The stochastic dependence considered, is modeled by a one-sided domino effect. The failure of component 1 at instant t may induce the failure of component 2 at instant t+τ with probability p1→2. The time delay τ is a random variable with known probability density function hp1→2 (.). The system is considered in a failed state when both components are failed. The proposed replacement policies suggest to replace the system upon failure or at age T whichever occurs first.
Design/methodology/approach
– In the first policy, costs and durations associated with maintenance activities are supposed to be constant. In the second replacement policy, the preventive replacement cost depends on the system’s state and age. The expected cost per unit of time over an infinite span is derived and numerical examples are presented.
Findings
– In this paper and especially in the second policy, the authors find that the authors can get a more economical policy if the authors consider that the preventive replacement cost is not constant but depends on T.
Originality/value
– In this paper, the authors take into account of the stochastic dependence between system components. This dependence affects the global reliability of the system and replacement’s periodicity. It can be used to measure the performance of the system et introduced into design phase of the system.
This paper studies a manufacturer with a system prone to failure. The manufacturer performs two types of maintenance activities: preventive maintenance (PM), performed periodically, resets the system, and Minimal Repair (MR), performed after breakdowns, restores the system to working condition. It is assumed that two different types of learning take place: (i) repetition learning: due to the repetitive nature of PM, the manufacturer gains experience and learns to perform the PM activities faster and at a lower cost and (ii) failure learning: each failure gives the manufacturer the opportunity to find the root causes, to learn from mistakes and to improve the system. This paper, the first one to quantify failure learning in maintenance literature, assumes that such learning can then be applied during the next PM activity, which brings down the failure rate for the next PM cycle. For the increasing failure rate case, repetition learning increases the PM frequency, whereas failure learning causes the manufacturer to reduce the optimal number of PM activities. However, for the constant failure rate, repetition learning has no effect on the PM frequency, whereas failure learning may actually increase it.
Production, yield and maintenance are three key components for sustaining the competitiveness of a manufacturing firm. In this paper, we investigate a joint production and maintenance planning problem in a periodic review environment subject to stochastic demand and random yields. The manufacturing system deteriorates from period to period according to a discrete-time Markov chain. The objective is to find an integrated lot sizing and maintenance policy for the system such that the aggregate cost associated with production, holding, backlogging and maintenance is minimised. We formulate this integrated planning problem as a Markov decision process and analyse the structural properties of the optimal policies. We prove that the optimal production and the maintenance policies both exhibit a control limit structure and show that the solution to the finite-horizon problems converges to that of the infinite-horizon problem.
Most businesses view maintenance as tasks carried out by technicians and the data collected is mostly cost related. There is a growing trend towards outsourcing of maintenance and the data collection issues are not addressed properly in most maintenance service contracts. Effective maintenance management requires proper data management - data collection and analysis for decision-making. This requires a proper framework and when maintenance is outsourced it raises several issues and challenges. The paper develops a framework for data management when maintenance is outsourced and looks at a real case study that highlights the need for proper data management.
Equipment maintenance and system reliability are important factors affecting the organisation's ability to provide quality and timely services to customer. While maintenance remains an important function to manufacturing, it is only recently that attempts have been made to quantify its impact on equipment performance. In this research, an approach of linking maintenance with equipment performance is developed using simulation modelling. The modelling approach involves defining probabilistic models and assumptions affecting system performance, such as: the probabilistic model for the initial failure rate/intensity of the equipment; the probabilistic model for the system deterioration and corresponding effect; the probabilistic model for the random times of corrective maintenance (CM) and preventive maintenance (PM) that takes into the account the types of maintenance plans/policies and the potential dependency between CM and PM times; and the probabilistic model for the random effects of CM and PM on the reliability of the equipment. Using a continuous manufacturing equipment, the model is used to analyse the impact of deterioration, failures and maintenance (policies, timing and efficiency) on equipment performance. It is shown that modelling the effect maintenance provides a basis of evaluating maintenance efforts with the potential application in performance evaluation and decision support while investigating opportunities for manufacturing equipment performance improvement.
Due to unreliable production facility and stochastic preventive maintenance, deriving an optimal production inventory decision in practice is very complicated. In this paper, we develop a production model for deteriorating items with stochastic preventive maintenance time and rework using the first in first out (FIFO) rule. From our literature search, no study has been done on the above problem. The problem is solved using a simple search procedure; this makes it more practical for use by industries. Two case examples using uniform and exponential distribution preventive maintenance time are applied. Examples and sensitivity analysis are conducted for each case. The results show that rework and preventive maintenance time have significant affected the total cost and the optimal production time. This provides helpful managerial insights to help management in making smart decisions.
It is well-known in the standard age replacement policy that a finite preventive replace-ment time does not exist when the failure time is exponential and the optimal preventive replacement time is nonrandom. It is shown that when the failure time is exponential, a finite time exists by introducing the shortage and excess costs. In addition, the random age replacement is proposed and similar discussions are made. Furthermore, the periodic and random inspection policies are taken up, and their optimal policies are shown to correspond theoretically to those of the age replacement ones. It is shown finally that when the random inspection cost is the half of the periodic one, two expected costs are almost the same.
When a company decides to outsource a service, the most important reasons for doing so usually are to focus on core business, to be able to access high‐quality services at lower costs, or to benefit from risk sharing. However, service contracts typically follow a structure whereby both owner and contractor attempt to maximize expected profits in a noncoordinated way. Previous research has considered supply chain coordination by means of contracts but is based on unrealistic assumptions such as perfect maintenance and infinite time‐span contracts. In this work, these limitations are overcome by defining the supply chain through a preventive maintenance strategy that maximizes the total expected profit for both parties in a finite time‐span contract. This paper presents a model to establish such conditions when maintenance is imperfect, and the contract duration is fixed through a number of preventive maintenance actions along a significant part of the asset life cycle under consideration. This formulation leads to a win–win coordination under a set of restrictions that can be evaluated a priori. The proposed contract conditions motivate stakeholders to continually improve their maintenance services to reach channel coordination in which both parties obtain higher rewards. Copyright © 2012 John Wiley & Sons, Ltd.
We study the effects of learning and forgetting on the design of maintenance outsourcing contracts. Consider a situation in which a manufacturer offers an outsourcing contract to an external contractor for maintaining a manufacturing process. Under the contract, the contractor schedules and performs preventive maintenance and repairs the process whenever a breakdown occurs. Two types of learning effects on the cost and time of performing preventive maintenance are considered: learning from experience (natural) and learning by a costly effort/investment. We assume that forgetting occurs under each learning type. A model is developed for designing an optimal outsourcing contract to maximize the manufacturer's profit. An extensive numerical analysis is carried out to empirically demonstrate the effects of learning and forgetting on the optimal maintenance contract and the manufacturer's profit.
Purpose
The purpose of this paper is to propose and discuss cost of poor maintenance (CoPM), as a concept for managing the improvement of maintenance performance within manufacturing industry.
Design/methodology/approach
The paper is based on literature studies and two workshops with representatives from industry and academia.
Findings
CoPM is proposed as a new concept for maintenance performance improvement. The concept is derived from established practices in quality costing and hence it should be easily accepted in industry.
Practical implications
By using CoPM as a concept for maintenance performance development, manufacturing companies may identify the potential financial impact of the development work. The CoPM concept should provide a good viewpoint for identification of deficiencies in the maintenance performance within a given manufacturing system.
Originality/value
By adopting a well‐known measure from the research area of quality development, a financial measure for maintenance is proposed in this paper. The measure shows which parts of the maintenance costs are justified and which costs relate to poorly performed maintenance. In this way a more balanced view of the financial contribution of maintenance activities may be achieved, even at board level of the company.
The quality performance of a firm is often assessed by the reliability of the firm’s equipment or machinery. Yet, reliability has not received the same attention as quality. Several organizations today function effectively because the machinery which provides the “system of operation” is highly dependable and reliable. In this paper, we develop a framework that establishes the link between quality, reliability, and maintainability. The aim of this framework is to get corporate attention to focus on reliability issues and also, to establish the link between reliability, company’s bottom line, and corporate survival. A greater focus on “total reliability management (TRM)” will help firms to improve their productivity and efficiency while reducing cost and increasing their competitiveness.
An external contractor receives a payment from a manufacturer for periodically performing preventive maintenance and for performing minimal repairs whenever process failures occur. Suppose a new technology will be available in the future, but the timing is uncertain. We propose specifying one or multiple time points in a maintenance contract, at which the manufacturer can adopt (switch to) the new technology, if it becomes available, and change the preventive maintenance schedule for the remaining time in the contract period. A model is developed to determine the value of using these (switch) points in a maintenance contract to the manufacturer. The numerical results show that, with a higher arrival rate of the new technology, the value becomes greater, and thus, the optimal switch point should be set earlier. Furthermore, if the new technology reduces maintenance costs, using switch points adds more value to a cost-plus-margin method than either the fixed payment or cost-plus-fixed-fee methods. On the other hand, if adopting the new technology results in higher maintenance costs, the value using switch points is higher for the fixed payment method.
We propose a simple game for modeling containment of the spread of viruses in a graph of n nodes. Each node must choose to either install anti-virus software at some known cost C, or risk infection and a loss L if a virus that starts at a random initial point in the graph can reach it without being stopped by some intermediate node. We prove many game theoretic properties of the model, including an easily applied characterization of Nash equilibria, culminating in our showing that a centralized solution can give a much better total cost than an equilibrium solution. Though it is NP-hard to compute such a social optimum, we show that the problem can be reduced to a previously unconsidered combinatorial problem that we call the sum-of-squares partition problem. Using a greedy algorithm based on sparse cuts, we show that this problem can be approximated to within a factor of O(log1.5n).
This paper investigates a machine repair problem with homogeneous machines and standbys available, in which multiple technicians are responsible for supervising these machines and operate a (R, V, K) synchronous vacation policy. With such a policy, if any V idle technicians exist in the system, these V (V < R) technicians would take a synchronous vacation. Upon returning from vacation, they would take another vacation if there is no broken machine waiting in the queue. This pattern continues until at least one failed machine arrives. It is assumed that the number of teams/groups on vacation is less than or equal to K (0 <= KV < R). The matrix analytical method is employed to obtain a steady-state probability and the closed-form expression of the system performance measures. Efficient approaches are performed to deal with the optimization problem of the discrete/continuous variables while maintaining the system availability at a specified acceptable level.
This paper considers replacement and maintenance policies for an operating unit which works at random times for jobs. The unit undergoes minimal repairs at failures and is replaced at a planned time T or at a number N of working times, whichever occurs first. The expected cost rate is obtained, and an optimal policy which minimizes it is derived analytically. The imperfect preventive maintenance (PM) model, where the unit is improved by PM after the completion of each working time, is analyzed. Furthermore, when the work of a job incurs some damage to the unit, the replacement model with number N is proposed. The expected cost rate is obtained by using theory of cumulative processes. Two modified models, where the unit is replaced at number N or at the first completion of the working time over time T, and it is replaced at T or number N, whichever occurs last, are also proposed. Finally, when the unit is replaced at time T, number N or Kth failure, whichever occurs first, the expected cost rate is also obtained.
A model is presented in this paper for maintenance service contract design, negotiation and optimization. The model was developed under the assumption that there are one customer and one unique service provider who is the Original Equipment Manufacturer (OEM) and is called the agent in this paper. This is typically applied to the situation where the OEM is the only possible service supplier such as in the case of major military equipment in the defense sector. Three contract options were considered, depending on the extent of outsourced maintenance activities. From an agent point of view, they are, (1), the agent carries out all repairs and inspections; (2), the agent carries out failure based repairs, and (3), the agent does inspections and repairs to the defects identified at inspections. For options two and three, the customer does the rest of maintenance. The relationship between inspections and failures was modeled using the delay time concept and a numerical example was illustrated. The cases of perfect information to both parties and information asymmetry were also discussed in the example. The model developed can be used for contract design, negotiation and optimization.
The objective of this paper is to study learning effects on maintenance outsourcing. We consider a situation in which a manufacturer offers a short-term outsourcing contract to an external contractor who is responsible for scheduling and performing preventive maintenance and carrying out minimal repairs when the process fails. The manufacturer's payment to the contractor consists of a fixed amount along with cost subsidization for each maintenance operation performed. We assume learning occurs when the contractor performs preventive maintenance that reduces both time and cost. Two types of learning are considered: natural learning and learning by costly efforts. We demonstrate that a well-designed payment scheme can induce the contractor to adopt the maintenance schedule that maximizes the manufacturer's profit.
To aid researchers in the simulation and testing of maintenance policies for complex, computer controlled technological equipment this paper presents a description of failure and repair rate characteristics as well as distribution data for a typical flexible manufacturing system (FMS) that is in use in a mid-western (USA) manufacturing plant. Separate data are included for mechanical, hydraulic, electrical, electronic, software and human failures as well as repairs. The data are also fit with appropriate theoretical distributions.
Cyberattack shows vulnerability of gas pipeline network
- C Krauss
Krauss, C., 2018. Cyberattack shows vulnerability of gas pipeline network. New York
Times. Retrieved from 〈https://www.nytimes.com/2018/04/04/business/energy-en
vironment/pipeline-cyberattack.html〉.
Your guide to good-enough compliance
- A Holmes
Holmes, A., 2007. Your guide to good-enough compliance. Retrieved from: 〈https
://www.cio.com/article/2439324/risk-management/yourguide-to-good-enough
-compliance.html?page=2〉.
Why manufacturers should be mindful of cybersecurity
- A Polyakov
Polyakov, A., 2017. Why manufacturers should be mindful of cybersecurity. Forbes
Technology Council. Retrieved from 〈https://www.forbes.com/sites/forbestechcoun
cil/2017/06/01/why-manufacturers-should-be-mindful-of-cybersecurity/#65ee1
96d10d2〉.