Cover: Exploring Options to Improve Supply Chain Operations

Exploring Options to Improve Supply Chain Operations

A Review of Current Approaches and New Opportunities in Demand Forecasting, Robotic Process Automation, and Cyber Integrity

Published Mar 14, 2024

by James A. Leftwich, Dahlia Anne Goldfeld, Bradley DeBlois, Chad Heitzenrater, Luke Muggy, Shannon Prier, Joshua Steier, Christopher E. Maerzluft, Sydne J. Newberry

Download eBook for Free

Full Document

FormatFile SizeNotes
PDF file 2.5 MB

Use Adobe Acrobat Reader version 10 or higher for the best experience.

Research Summary

FormatFile SizeNotes
PDF file 0.1 MB

Use Adobe Acrobat Reader version 10 or higher for the best experience.

Research Questions

  1. What technology and investment options are available to USAF to mitigate supply chain degradation?
  2. How can RPA improve forecasting of demand for legacy aircraft spare parts?
  3. Can RPA be applied in a way that does not entail cyber integrity risk?
  4. What methodologies can USAF apply to enhance cyber integrity?

The U.S. Air Force (USAF) has had long-standing concerns about its supply chains and their potential for degradation. Given the varied types of resources for which USAF manages the supply chains and opportunities for degradation, RAND Project AIR FORCE researchers identified technology and investment options to mitigate supply chain degradation, focusing specifically on forecasting the demand for legacy aircraft spare parts, applying robotic process automation (RPA), and mitigating risks associated with cyber security. The researchers conducted extensive literature reviews, held discussions with subject-matter experts, and employed various analytical methods. For demand forecasting, these methods included analysis of recent forecast accuracy data to identify drivers of forecast error and an assessment of ongoing efforts to address known issues. For RPA, the analysis included a characterization of bot development and identification of potential application areas in the logistics, engineering, and force protection community. For cyber integrity, the analysis involved applying a mission assurance approach to identify potential risks and mitigations.

Key Findings

  • Analysis of USAF supply chain operations yielded key findings for demand forecasting, the application of RPA, and cyber tampering.
  • Primary drivers of demand forecast errors are well known to personnel who study the problem.
  • USAF's migration to a commercial enterprise resource planning system for demand forecasting is already showing promise.
  • Decades of research on demand forecasting suggest that there are a variety of methods to forecast spare parts demand, although there is not a one-size-fits-all best approach.
  • It is unclear whether demand forecast accuracy is resulting in aircraft downtime.
  • USAF's current approach to bot implementation does not allow it to fully leverage the potential of bots.
  • Questions remain about whether USAF personnel possess the technical expertise to fully leverage bot technology, and the data suggest that this concern is warranted.
  • Unified direction and guidance could help USAF maximize the potential of bots.
  • Potential vectors for integrity attacks within the supply chain include the software supply chain, software vulnerabilities, and credential-based attacks.
  • Risks related to both the development and operation of bots underscore the need to consider cyber risk.
  • In addition to existing processes, risk-based analysis can drive cyber security, engineering, and mission-execution decisionmaking for technology under consideration.
  • Current Headquarters U.S. Air Force Deputy Chief of Staff for Logistics, Engineering and Force Protection risk management framework controls are primarily focused on detection and are unlikely to sufficiently mitigate tampering-based mischief.

Recommendations

  • The U.S. Air Force (USAF) should maximize the potential benefits offered by the investment already made in ESCAPE. However, USAF should analyze the value of demand forecast improvements to the supply chain performance prior to making additional investments.
  • If additional investment in forecast accuracy improvement is warranted, the 448th Supply Chain Management Wing should target specific areas of improvement, such as expanded causal analysis for parts with intermittent, infrequent, and highly variable demand.
  • USAF should expand the application of bots within the A4 community, including processes and data integration not currently accomplished. We provide a suggestion with our bot example.
  • USAF should work with the USAF lead for RPA to establish standards for centralized development and management of bots, and advocate for funding for increased security measures.
  • USAF should consider mitigation approaches for integrity attacks identified by this analysis, especially in bot implementation, as a complement to existing cybersecurity controls.
  • USAF should continue to evaluate cyber risks in context by implementing a process for considering how threats, vulnerabilities, and consequence to missions change as new systems, technologies, and information-handling methods are considered and implemented.
  • USAF should employ best practices for executing risk-based processes (e.g., Operationally Critical Threat, Asset, and Vulnerability Evaluation [OCTAVE] Allegro), such as engaging subject matter experts on the value of information assets to the mission and complementing HAF/A4 RMF with a cross-functional approach..

Research conducted by

This research was prepared for the Department of the Air Force and conducted within the Resource Management Program of RAND Project AIR FORCE.

This report is part of the RAND research report series. RAND reports present research findings and objective analysis that address the challenges facing the public and private sectors. All RAND reports undergo rigorous peer review to ensure high standards for research quality and objectivity.

This document and trademark(s) contained herein are protected by law. This representation of RAND intellectual property is provided for noncommercial use only. Unauthorized posting of this publication online is prohibited; linking directly to this product page is encouraged. Permission is required from RAND to reproduce, or reuse in another form, any of its research documents for commercial purposes. For information on reprint and reuse permissions, please visit www.rand.org/pubs/permissions.

RAND is a nonprofit institution that helps improve policy and decisionmaking through research and analysis. RAND's publications do not necessarily reflect the opinions of its research clients and sponsors.