Resilience in road projects – 3R

Leave a reply
Revised on: 2022-11-02

This simplified resilience assessment for road projects was presented at the XVIth World Winter Service and Road Resilience Congress in Calgary in February 2022. We call this method the 3R-method because we use three Rs, robustness, redundancy and recovery as a measure of resilience.

A resilience tool for roads

Norway has been using risk and vulnerability analysis for community planning for some 30 years now, ever since the term societal safety and security was coined in the mid-90s. The Norwegian Planning and Building code requires that all development projects, including roads, undergo a risk and vulnerability assessment in order to investigate the impact a project might have on societal safety and security.

While risk and vulnerability assessments are used in road planning in Norway on a regular basis, the Norwegian Public Roads Administration or NPRA for short needed a tool that was specifically tailored towards roads, and the particulars of the Norwegian road network. Consequently, a simplified resilience assessment was developed for assessing road projects in Norway. The method is called the 3R-method because we use three criteria, robustness, redundancy and recovery as a measure of resilience. The three critera can be visualized very similar to some of my previous research that I have described in earlier posts.

Robustness, resilience and recovery

A sparse transportation network

Norway’s transportation network is in large part a sparse network, with few links and few modes. I like to say that much of mainland Europe has what I call a free network, whereas Norway has what I call a constrained network. Much of the country is served by road only, and more often than not only one road. If disrupted, there are few if any alternatives.

Types of transport networks, based on the availability of modes

Thus, for societal safety and security, roads become crucial. This is why the NPRA developed this method. It is a qualitative assessment, done by an expert group.

3R explained

The idea behind 3R is to first determine the importance of the road project, be it local, regional or national, and then score the level of impact of the project on robustness, redundancy and recovery on a scale ranging from very negative to very positive. These individual scores are added up to total score, thus allowing for comparison of project alternatives, which could be minor differences within the same project proposal, or totally different project proposals.

Conducting 3R is done in four steps

Now, the score itself is not the final answer. What is more important, since this is a qualitative assessment, are the verbal arguments describing the impact, because they provide the actual decision support. That narrative is what matters most.

Level of importance

When it comes to importance, this is what separates local from regional from national. The issue here is to determine which critical services and businesses that are affected by the road project and how far the impact reaches. In our assessment criteria we decided that a project should support the military and in particular military supply routes in order to be nationally important.

Level of impact

In order to determine the level of impact and finding the right score, below are some of the key questions that we use. Robustness relates to the physical state of the road and the ability to withstand stress, be it natural hazards or traffic load. Redundancy relates to the existence of alternatives, and not merely the existence but also their suitability. Recovery relates to how quickly a disruption can be repaired in the short term and reconstructed in the long run.

Looking at Robustness one question may be what standard we are building, for example two-lane highway versus a four or six lane motorway. Looking at Redundancy one question might be to what degree we are introducing new links in the network, are we just bypassing a troublesome location or are there impacts beyond the project area. Looking at Recovery one question is whether a previously narrow and winding road is now replaced by a complex system of bridges and tunnels with a traffic control system added. That is not easily replaced.

Conclusion

Having used 3R for a couple of years now, we have found that the method is a highly flexible and multi-purpose tool. It can be used for new projects, existing infrastructure and value engineering.

3R adds value to the more traditional risk and vulnerability analysis. Specifically, it shows how robustness, redundancy and recovery interact in forming resilience.

3R is a holistic tool that highlights how all choices made early in the project can affect the performance of the road and how the road project contributes to societal safety and security or resilience, positively or negatively, depending on the actual design choices.

Presentation slides

Reference

Husdal, J., Petkovic, G. (2022) A simplified resilience approach for assessing road projects in Norway. Paper presented at the XVI WORLD WINTER SERVICE AND ROAD RESILIENCE CONGRESS, Calgary, Canada, February 7-11, 2022.

Related posts

husdal.com: Analysing road vulnerability in Norway

A Christmas To Remember

Leave a reply
Revised on: 2022-10-30

This has truly been a year of continuous supply chain disruptions, and many businesses have felt the effects of the pandemic. While the threat of a worldwide pandemic has been on the shortlist of potential risks of business continuity professionals, not many of us thought we would ever experience what we did in 2020. Given these circumstances, and add to that a dash or two of Brexit, I realize now that I should have seized the opportunity long ago to reinstate this blog in the early months of 2020, not now, when it it is nearly over and all the lessons have been learned.

For all of us working in the field of risk management the Covid-19-pandemic did not come as a surprise, and it certainly wasn’t a Black Swan event. Nassim Nicholas Taleb had that one right, when the New Yorker interviewed him in April 2021.

Proliferating global networks, both physical and virtual, inevitably incorporate more fat-tail risks into a more interdependent and “fragile” system: not only risks such as pathogens but also computer viruses, or the hacking of information networks, or reckless budgetary management by financial institutions or state governments, or spectacular acts of terror. Any negative event along these lines can create a rolling, widening collapse—a true black swan—in the same way that the failure of a single transformer can collapse an electricity grid.

Fragility…a familiar term, and the core of Taleb’s message. I found that New Yorker article by chance this evening when searching the Internet for inspirational posts to start blogging again. And yes, I do feel inspred now. Maybe not so much by the article, but by Taleb himself. Looking back at what I wrote five years ago in Taleb, Hamel, Holling…and I, I know that I felt honoured to have been so prominently cited by him. I still do.

With that it is time to delve deeper into my the research idea and my then defintions of robustness, flexibility and resilience and explre how I have made use of it in my current work. That will be the topic of the coming blog posts.

Raising the dead

Leave a reply
Revised on: 2020-11-24

After a five-year hiatus, husdal.com will go live again very soon! This site has been dormant for more than five years now. Am I going to revive it? Yes I will! In the very near future. Stay tuned.

Cry Wolf?

1 Reply
Revised on: 2022-10-30

Resilience Adviser or Scaremonger? What am I really? That is what started to ask myself after I came across an article written by Frank Furedi the other day. In the article, Furedi, a Professor of Sociology at the University of Kent, highlights the issue of vulnerability-driven policies and how possibilistic (worst likely) risk thinking has dethroned probabilistic (most likely) risk thinking. Why is it that we fear so much?

Cry wolf?

The Merriam-Websters Dictonary defines scaremonger as someone who is inclined to raise or excite alarms, especially needlessly. Well, that doesn’t fit me, does it? The Oxford Dictionary defines scaremonger as a person who spreads frightening or ominous reports or rumours. Perhaps a bit more like what I do every day. Reports yes, but rumours are a no-no. Finally, the Collins Dictionary defines scaremonger as a person who delights in spreading rumours of disaster. Well, I’m definitely not a rumour spreader, but I am perhaps overly concerned with – and some of my colleagues may even think obsessed with – thoughts of possible worst case scenarios that my organisation should prepare for.

The case for and against worst-case

And the overemphasis on possible risks rather than probable risks is exactly what Furedi tackles head-on in this article Precautionary Culture and the Rise of Possibilistic Risk Assessment. Written in 2009, it is probably or possibly (pun intended) even more valid today than it was back then.

The shift from probabilistic to possibilistic risk management characterises contemporary cultural attitudes towards uncertainty. This shift in attitude is paralleled by the growing influence of the belief that future risks are not only unknown but are also unknowable.

Future risks – to many people – are not only uncertain, but also unknowable. So, while probable, but uncertain risks is something we can learn to live with, possible and unknown risks – and even worse: unknowable risks – are almost too much to  bear.

The shift towards possibilistic thinking is driven by a powerful sense of cultural pessimism about knowing and an intense feeling of apprehension about the unknown. The cumulative outcome of this sensibility is the routinisation of the expectation of worst possible outcomes. The principal question posed by possibilistic thinking, ‘what can possibly go wrong’, continually invites the answer ‘everything’. The connection between possibilistic and worse-case thinking is self-consciously promoted by the advocates of this approach.

One of the defining features of our times is that anxiety about the unknown appears to have a greater significance than the fear of known threats. This constant feeling of anxiety is typical of today’s risk society, a society I wrote about risk society in a post 5 years ago: According to sociologist Anthony Giddens a risk society is increasingly preoccupied with the future (and also with safety), thus generating the notion of ubiquitous risk in whatever direction we look.  The German sociologist Ulrich Beck defines it as a society that while hailing technology and innovation at the same time seeks to deal with the hazards and insecurities induced and introduced by technology and innovation itself. In other words, we’re more concerned with whatever possible bad that comes with the good than trying to assess how bad the bad really is, if at all.

Time and again the public is informed that the most dreadful dangers are not just ones that we cannot predict or anticipate but ones about which we cannot say anything because they are literally unknown. […] The traditional association of risk with probabilities is now contested by a growing body of opinion that believes that humanity lacks the knowledge to calculate them.

So instead of applying all our science and all our knowledge to close in on the most probable risks, the much easier solution is to home in on all possible risks, or better, on the most feared risks. It’s a vicious circle, because the less we know about a risk, the more we fear it, and the more we fear it, the more we want to deal with it, without investigating it, because it could happen any time, probable or not.

The future of the world appears to be a far darker and frightening one when perceived through the prism of possibilities rather than probabilities. Probabilities can be calculated and managed, and adverse outcomes can be minimised. In contrast, worse-case thinking sensitises the imagination to just that – worst cases.

Worse-case thinking, so Furedi, encourages society to adopt fear as of one of the dominant principles around which the public, its government, and institutions should organise their life. Insecurity is institutionalised and worst-case scenarios are thought of as so normal that people feel defenceless and vulnerable to a wide range of future threats.

Furedi describes this overemphasis on possible threats instead of probable threats as “the devaluation of knowledge and the enthronement of ignorance”. We are ignorant because we prefer not to know about (the probability of) the risks, they are simply there, that is enough for us. Worst case risks are what drives our policies, not the actual risk.

And I?

Furedi does have point. In my attempts to convince my own management that we need to have crisis management plans and conduct emergency drills I must admit that I often resort to worst case scenarios. That said, the realisation is dawning on me that crisis management plans and drills need to be based on (f)actual and probable threats, not on fear alone.

Reference

Furedi, F. (2009) Precautionary Culture and the Rise of Possibilistic Risk Assessment. Erasmus Law Review 2(2), 197-220. DOI: 10.553/ELR221026712009002002005

Author link

Read and download

Related posts

Taleb, Hamel, Holling…and I

Leave a reply
Revised on: 2020-12-23

Is my idea of how to differ robustness from flexibility from agility from resilience – hallmark of my research ideas – in any way related to the ideas of Nassim Taleb, Crawford Stanley Holling and Gary Hamel? Well, Sinan Si Alhir certainly thinks so, on a blog post that he wrote back in 2013, when he explored Taleb’s concept of Fragility and Antifragility. Interesting…, so where do I fit in?

Surprise surprise

Having had an online published presence for almost 20 years now it should not come as a surprise to me that every now and then I stumble across myself in the unlikeliest of places for the unlikeliest of reasons. That said, by now, based from the bits and pieces I have seen here and there, I really should no longer be so surprised that my idea of how to differ robustness from flexibility from agility from resilience resonates with quite a number of people, including Si Alhir, in his blog post on Antifragile, Flexibility, Robust, Resilience, Agility, and Fragile.

The champion of Creative Destruction

Nassim Taleb is certainly no stranger on this blog. After all, in 2009 I did review The Six Mistakes Executives Make in Risk Management, an article he co-authored in the Harvard Business Review, and that was based on his book on Black Swans from 2007.  And although I read the book, I never reviewed it, but I remember that liked his ideas. His latest book “Antifragile: Things That Gain from Disorder” makes creative destruction a major point.

The father of Resilience Theory

CS Holling does not have a blog post here; in hindsight I guess he should have, because he is often recognized as one of the if not THE founding father of resilience theory, and resilience has been one of the more frequent topics on husdal.com, even more so after I turned resilience practitioner after being a resilience researcher. That said, since Holling’s main domain lies within ecology I never thought of his resilience as something that I would be particularly interested in. That is why he is only mentioned as a side note in a blog post on transportation resilience.

The Iconoclast

Gary Hamel is another almost unknown on this blog. He shouldn’t be, because bGary Hamel is one of the world’s most influential and iconoclastic business thinkers. In my small world he is mentioned in a comment on my blog post about the HBR guide to Managing External Risk, and I also mentioned him in my review of Lisa Välikangas book on The Resilient Organization, as her co-author in the article on The Quest for Resilience.

The Fantastic Four

So, in his blog post on Antifragile, Flexibility, Robust, Resilience, Agility, and Fragile Si Alhir features me and my definitions alongside those of Taleb, Hamel and Holling, and I must say that I do feel somewhat like being part of the Fantastic Four (pun intended):

However, the most interesting part of Si Alhirs blog post is not the side by side comparison, but a figure that integrates these concepts into one, and that shows how Taleb’s Fragility and Antifragility is a continuum that encloses or surrounds the other concepts.

 

I like this figure. In a previous blog post I explored Terje Aven’s definitions of vulnerability and resilience, and the notion that you can be generally resilient, but not generally vulnerable, only specifically vulnerable to the specific impact of a specific event relating to a specific risk. That notion now makes much more sense to me when I see fragility below vulnerability. This makes it clear that fragile is a general trait, while vulnerable is a specific trait.

A new way forward?

Taleb’s idea of antifragility is very intruiging, especially if seen the way that Si Alhir manages to put it into one figure that makes it all easy to understand and apply. That reminds me of a paper I wrote 10 years ago, in the early stages of what unfortunately did not manifest into a PhD. Anyway, in that paper – being a qualitative not a qualitative researcher – I took a liking of Giordano Bruno, the 16th century Italian philosopher. Bruno advocated the use of conceptualising, that is to think in terms of images, and he said that to think was to speculate with images. For people to understand science,  according to Bruno, it ought to be rich in images and concepts, but poor in formulas.

I think that is exactly what Taleb is trying to do, and I look forward to reading his book on Antifragility, and to see how his ideas fit my own ideas. Si Alhir seems to think they do. I consider that a compliment.

Related links

Related posts

Popular in SC Resilience

Leave a reply
Revised on: 2015-11-27

What are the Top of the Pops of Supply Chain Resilience papers? That could be the fitting title for A Citation Analysis of the Research on Supply Chain Resilience where Christian Wankmüller and Gottfried Seebacher analyse current and past literature and manage to find the 8 most cited and influential papers on supply chain resilience.

Finding what matters most

In scope and approach this paper is very similar to a paper I reviewed a couple of weeks ago, which looked at research strands and interlinkages in papers on supply chain risk management. This analysis here looks at supply chain resilience in particular, and so, what did these authors find?

Below is a list of what they found to be the eight most cited papers in supply chain resilience research. Six of these have been reviewed on this blog, so I’ve done my homework well so to speak.

Unsurprisingly, it is Christopher and Peck (2004) that appears to be the most cited paper, 19 times since its publication. More surprising – to me – is Ponomarov and Holcomb (2009), a paper I haven’t heard about at all. Sheffi (2001) I have read, but never gotten around to review.

Critique

This is a good paper that is well-written and quantitative literature reviews like this one are always interesting. While the work and research leading up to papers like this one is perhaps boring and tedious and not building a new frontier or going where no man has gone before in this field of research, the result may be very rewarding to the reader like me who may find papers he has never heard of. And indeed, I did find new papers here that I must read.

However, if there is to be one bad apple that spoils the barrel it is the fact that not all literature from the above figure is mentioned in the references of this paper. Perhaps the authors thought that these were papers of less importance and not worth mentioning, I don’t know, but for the sake of accuracy I think they should have been mentioned. Fortunately I do know several of these “omitted” papers, but others I don’t, and finding them by the name of the author(s) and year of publication alone isn’t always easy.

Reference

Wankmüller, C. and Seebacher, G. (2015) A Citation Analysis of the Research on Supply Chain Resilience. Paper presented at the 22nd EurOMA Conference, June 26th – July 1st, 2015, Neuchatel, Switzerland

Download

Author links

Related posts

The capability concept

Leave a reply
Revised on: 2015-11-26

Capability is an important measure in addressing vulnerabilities and in assessing resilience. Is there a way to quantitatively describe what capability entails? That is what Hanna Lindom, Henrik Tehler, Kerstin Eriksson and Terje Aven try to do, in a paper called The capability concept – On how to define and describe capability in relation to risk, vulnerability and resilience. And as the name implies, it’s not just about capability.

Background checks are worth doing

I came across this paper while doing some “background checks” – as I like to call it – on the paper I reviewed the other day. By background check I mean reading the references and/or other papers that could shed some same or different light on the issues in the paper in review. And because in that paper capability was highlighted as an important issue in supply chain risk management I began investigating the concept of capability and found this paper here. A very interesting paper, and definitely an Aven-ish paper, even though he only appears as the fourth author.

Definitions of capability

The concept of capability is used frequently in scientific literature. However, despite the fact that researchers
and practitioners frequently use the concept of capability, they rarely seem to define it. So say the authors. Nonetheless, in their extensive literature review they manage to find no less than 13 different definitions or descriptions of capability:

Looking more closely at these definitions, the authors put forward five trends:  that capability equates to resources, that resources are an important part of capability, that capability is related to ability, that capability is related to capacity, and that capability is something that affects a goal.

Capability explained

Building on Aven’s definitions of risk, vulnerability and resilience the authors describe capability in a very same manner, and this is where the paper really is the most Aven-ish:

Capability is the uncertainty about and severity of the consequences of the activity given the occurrence of an initiating event and the performed task.

Capability = (CT U | A T)

This is definitely not an easy definition to follow if you haven’t read Aven’s other definitions first, so let me recapitulate those.

Risk is the uncertainty about and severity of the consequences of an activity.

This relates risk to the familiar definition of risk as a combination of probability and impact, where probability is not seen seen as a deterministic value but as a value that is uncertain and must be taken into account as such.

Vulnerability is the uncertainty about and severity of the consequences of the activity given the occurrence of an initiating event A.

This links vulnerability to risk, saying that a given vulnerability depends on a given risk, but only manifests itself when triggered by an event, meaning that one cannot be generally vulnerable, but only vis-a-vis a certain risk and only triggered by a certain event related to that certain risk.

Resilience is the uncertainty about and severity of the consequences of the activity given the occurence of any type of A.

This links resilience to vulnerability, saying that resilience constitutes the sum of vulnerabilities (or perhaps non-vulnerabilities) in relation to whatever trigger. While one cannot be generally vulnerable, one can be generally resilient.

Going back to the definition of capability can thus be interpreted as the uncertain effect a certain task has that is performed in relation to a vulnerability. There is no general capability, only a certain capability in relation to a certain vulnerability, depending on how a certain task addresses this vulnerability.

Capability explored

Going back to the paper, the authors develop an excellent case example of how capability can be understood the way they have defined it.

In the case example they take the reader through a set of various scenarios where they develop a stepwise determination of capability given the success or failure of the previous step, thus demonstrating that capability is inextricably linked to a task with an uncertain outcome (success or failure).

Conclusion

I started out by saying that this is a very Aven-ish paper, and it is. What is so Aven-ish are the abstract definitions that twist your mind and must be thought through and dissected word by word, and put back together again. I must admit that I in the beginning of my blogging career and academic endeavours  stayed away from Aven’s papers because they were hard to grasp and intellectually challenging for a qualitative researcher like me. That said, maybe I have matured or maybe Aven has become more pragmatic over the years (albeit I doubt he has), because his papers have gotten easier to read and understand since I first started to read them. As to the topic of capability I now know a lot more about it.

Reference

Lindbom, H., Tehler, H. , Eriksson, K. , Aven, T. (2015) The capability concept – On how to define and describe capability in relation to risk, vulnerability and resilience. Reliability Engineering & System Safety (135), 45-54. DOI: 10.1016/j.ress.2014.11.007

Download

Author links

Related posts

SCRIM is the new SCRM

Leave a reply
Revised on: 2015-11-23

Does supply chain risk management SCRM need another model? Perhaps. That’s what a group of academics from Tunisia and France thought when they presented their conference paper this autumn. In it they suggest a new integrated conceptual model called “SCRIM”that incorporates the characteristics of the supply chain in the risk management process, thus allowing for a better understanding of the dynamics of different risk management strategies.

A tip-off

A couple of weeks I was given a heads-up by one of the authors that they had written a paper called Towards an Integrated Model of Supply Chain Risks: an Alignment between Supply Chain Characteristics and Risk Dimensions and would like my opinion on it. Written by Arij Lahmar, Francois Galasso, Habib Chabchoub and Jacques Lamothe, the paper turned out to be more interesting than I first thought, and the more I read it the more I liked it.

Virtual Enterprises revisited

What also intruiged me into taking a closer look at the paper was not so much the title, but the place where it was presented, namely the IFIP WG 5.5 Working Conference on Virtual Enterprises. Observant readers of this blog may remember that I 5 years ago wrote a book chapter titled A Conceptual Framework for Risk and Vulnerability in Virtual Enterprise Networks, where I extended Supply Chain Risk Management into the realm of Virtual Enterprise Networks. I’ve seen that chapter mentioned as a reference in some of the papers presented at IFIP conferences earlier, and I first thought this would be such an example, too. It was not; it was something quite different.

SCRM versus SCRIM

As the title implies, at the heart of the SCRIM model is the alignment of risk dimension with suply chain characteristics. Here risk specifics and supply chain specifics are used to develop key risk indicators that lead to the design of  a response that is specific to the supply chain and the risk in question. The possible response is then checked against capabilities to decide the best risk mitigation strategies and actions, in a sort of Plan-Do-Check-Act manner:

From my point of view this conceptual model appears sound. The left side is the traditional SCRM and ISO 31000 process, the right side is the new concept. The figure could have been a bit more descriptive, though, because the steps on the right side did not become fully clear to me until I saw the other figure in the paper. That figure  is a class model detailing the parameters identified through the literature:

However, agin, this figure too has a few shortcomings. While the model claims to be taken from an extensive literature review – and judging from the extensive reference list it indeed is – the paper does not explicitly state which references that have contributed to which part of the figure.

For one instance, as risk strategies they suggest the classic four: Reduce, Retain, Avoid and Transfer, but where does this idea come from? For another instance, capability is seen as important part of the risk treatment process, and I agree, but the concept of capability is poorly described in the paper.

Conclusion

Essentially this is a good paper that needs some revision of references and citations and consistent use of the terms involved. It also needs fuller definitions of the concepts that are introduced.

That said, this paper does develop a new conceptual model that brings SC in more direct contact with RM, and SCRIM is indeed a fitting name for the model. The model and parameter description is perhaps still not complete in all parts, but with some more refinement this could definitely bring SCRM a huge step forward.

Reference

Lahmar, A., Galasso, F., Chabchoub, H., Lamothe, J. (2015) Towards an Integrated Model of Supply Chain Risks: an Alignment between Supply Chain Characteristics and Risk Dimensions. In: L. Camarinha-Matos, F. Bénaben, W. Picard (Eds.) Risks and Resilience of Collaborative Networks, Proceedings of the 16th IFIP WG 5.5 Working Conference on Virtual Enterprises, PRO-VE 2015, Albi, France, October 5-7, 2015 DOI: 10.1007/978-3-319-24141-8_1

Author links

Related posts

Robust, Resilient and Secure

Leave a reply
Revised on: 2015-11-13

Antagonistic threats against supply chains are a special and limited array of risks and uncertainties that are demarcated by three key words: deliberate (caused), illegal (by law) and hostile (negative impact). In this paper, following up on Daniel Ekwall’s PhD thesis, Dafang Zhang, Payam Dadkhah and Daniel Ekwall suggest a suitable model of how to handle the risks and achieve security in a systematic and scientific way, where robustness and resilience play a major role.

Revisiting an old friend

I came across Daniel Ekwall some seven years ago when I found his PhD thesis that combined theories from criminology with theories from logistics and supply chain management to examine cross-over points or antagonistic gateways between legal and illegal logistics. In his thesis, Ekwall contended that there are basically two types of threats to logistics, theft/sabotage and smuggling. The theft/sabotage problem is directly aimed towards the logistics activities, while smuggling abuses the logistics system for illegal purposes. This paper takes this issue a small step further.

Finding myself

I guess I should have paid closer attention to Ekwall’s research and writings, because then I would have discovered this paper earlier and then I would have seen that which I now  – if I may be a little presumptious here – can call my legacy within supply chain risk research, namely my illustration on the differences of robustness and resilience:

In a blog post some weeks ago I asked whether what I have been writing was actually making an impact, and I concluded that the above illustration was perhaps that which I was most “famous” for, and this paper certainly confirms that assumption.

Security in supply chains

Back to the article in review, what the authors attempt to do – and succeed at, I must say – is to take current concepts and models of supply chain risk management, and adding supply chain security, not as a separate concept, but as a part of overall supply chain (risk) mangement. While most of the reviewed literature and quoted figures they highlight was quite familiar to, one figure taken from one book was new to me. This clear separation of suply chain risk and supply chain vulnerability and how they link up with risk management and decision-making is much in line with my own way of thinking:

On second thought, dwelling on why tis figure hasn’t caught my attention before, I suddenly realised that I had indeed reviewed the book it was taken from: Supply Chain Risk Management – Vulerability and Resilience in Logistics by Donald Waters. Admittedly, the reviw was done in 2008. Looking back at the review I did  almost 8 years ago, I must have thought the book to be of too little academic value to me at that time.

Safety Net

Anyway, I’m sorry for digressing again, what the authors are investigating are what specific supply chain assets that are susceptible to antagonistic threats, and how supply chain security measures can apply robustness and resilience. They illustrate this with a focal model of Robustness and Resilience:

This model shows the relationship between strategies for robustness and strategies for resilience, as seen from a company perspective and from a security provider perspective.

In the company and transportation network perspective, every components of the supply chain should become robust and resilience. The robust strategy is to handle small risks ahead of the event, and manage regular fluctuations like some low impact with high likelihood accidents. Resilience strategy can help the companies adapt, improvise and overcome those disturbance and disruptions greater than the robust can handle. It helps the companies to survive after suffering from big risks and changes.

The right side of the model is further developed into what the authors call a “safety net” of services: site security, transportation security, emergency services, consultation services, and collaboration:

Site security is about protecting every node in the transferral of goods in the transportation network, e.g. warehouses, terminals, factories, and ports. Transportation security is about protecting the transportation as such, e.g. the vehicles en-roue and during parking, as well as the drivers. Emergency services provide a quick response in addition to security operations. Security providers can also act as professional consultants, and lastly, security providers are also likely to collaborate with other organisations to improve their own (and the others’) service level and the overall capability to thwart any security threats.

Conclusion and critique

Akward English sentences and lack of flow aside (see citation above), this article does have some good points. Supply chain security appears to be overlooked in supply chain risk management. However, supply chain security can add to the robustness and resileince of the overall supply chain, providing  a “safety net” of services that protects, secures and enhances the overall supply chain operation.

The company versus security provider model brings together both sides of the perspective in a way that does create a consistent groundwork for building robustness and resilience. The safety net model extends beyond the supply chain and identifies the assets that need to be protected and how they can be protected.

However, after finishing reading my first thought was that there should have been a conclusion after the authors’ chosen conclusion, because the article seems to stop abruptly, leaving loose ends that could have been wrapped up a bit more, at least from an academic perspective.

That said, for a logistics and transportation manager this paper is well worth reading.

Reference

Zhang, D., Dadkhah, P. Ekwall, D. (2011)  How robustness and resilience support security business against antagonistic threats in transport network. Journal of Transportation Security 3 (4) 201-219 DOI: 10.1007/s12198-011-0067-2

Author links

Related posts

Incapsula – Rest your worries

Leave a reply
Revised on: 2015-11-10

For much of the last three years my blog was dormant. Out of sight, out of mind. My mind, perhaps, but not the mind or rather minds of the people at Incapsula, which has protected it from malicious attacks while I have been to busy to check on how my blog was doing. I hardly ever logged in to my WordPress dashboard to update my plugins. I even hardly ever logged in to my Incapsula dashboard to read the list of latest atttacks. Why? Because I knew that is was perfectly safe, that’s how much I trust Incapsula.

Incapsula – four years on

When I signed up with Incapsula in 2011 it was in fact not so much for security reasons. Most of all, it was for speed and delivery, using Incapsula as a CDN, Content Delivery Network. The added security came as an extra bonus. It started in early 2011, first using Amazon’s Cloudfront, then switching to CloudFlare, before finally settling for and staying with Incapsula. You can read about my experiences here:

Amazon CloudFront as CDN
CloudFlare versus CloudFront
CloudFlare versus Incapsula
Incapsula website security

Now, four years on, it’s time for a revision of my posts. However, both Incapsula and CloudFlare have moved on since I first wrote about them, and this time around, this will not be a full comparison post, perhaps more like an appraisal post…of Incapsula, mostly.

Incapsula for security, CloudFlare for speed

Reading up on the latest Incapsula versus CloudFlare posts and news, for instance  Zero Science Lab’s in-depth firewall testing from 2013 or Anand Srinivasan’s closer look at differences in CDN in 2014, as well as Tracy Vides’ 2015 article on who might be leading the way confirms the impression I had of the two competitors back in 2011: It’s all about security (Incapsula) versus speed (CloudFlare). It’s clear that both companies pursue different strategies and different market segments. For an in-depth look at both CloudFlare and Incapsula, their strengths and weaknesses and differences, the aforementioned reviews are a good starting point.

Incapsula and I

I said that I wasn’t going to compare the two and I won’t. Especially since the plans they offer are very different, even in the free version. Cloudflare offers this and Incapsula offers that. For a full comparison the abovementioned blogposts are a much better option.Therefore, let me just focus on how I use the Incapsula Pro plan on my WordPress website here.

WP caching and minifying…no need?

Although I chose Incapulsa for security and not for speed I must say that I am very impressed with the caching and optimizing features. In fact, so impressed that I now can do without WP plugins for caching and minifying, without impairing my site’s performance at all. And less plugins mean less vulnerability. After one month without WP caching and minifying, and only using Incapsula’s features, there does not seem to be a difference in performance.

Looking at Incapsula’s own performance stats, there seems to be no significant increase in response time after turning off WP optimisation and leaving it all to Incapsula:

I’ve checked also my site using testing services like Pingdom, GTmetrix, Monitis, WebPageTest, and alikes, but I realise that the results are just too erratic, for many reasons. The test service’s results and thus visitor experience depends on too many variables: the visitor’s location in relation to Incapsula’s data centers, the visitor’s internet connection, the visitor’s computer or mobile hardware, the visitor’s browser and so on, to name just a few.

Looking at Google Analytics’ stats, since I run Google Analytics on my website, doesn’t help much, because the site speed sample size is only 1% of the total number of visitors.

Which leaves me with one thing: My own experience of how my website performs when looking at it from different locations using different platforms. Home, office, friends, this computer, that mobile, it didn’t matter, I simply could not see any significant deterioration in performance after settling for Incapsula as my sole provider of optimization tools.  So out go Zen cache and WP Minify.

Many of the Incapsula caching and optimization features are included even in the Free plan, it is mainly the dynamic content caching and dynamic content compression along with image compression and other advanced techniques that is added to the Pro plan. For most non-commercial website owners, the Free plan will suffice in terms of optimization options.

How-to guides

What I like about Incapsula are the support and product information pages. Here it is clearly explained (even to a computer illiterate like me) what turning on and off this and that security and performance option actually does, see for example  Content Caching, and Optimization Features. Since all settings are explained using screenshots of the dashboard it is easy and straightforward to relate this to my own website settings.

Incapsula Tutorial

If you need a tutorial that goes beyond what is offered at incapsula.com, Jeff Reifman has written an excellent piece just a month ago, explaining everything much better than I would be able to do. Enjoy! How to secure your website using Imperva Incapsula.

Security

Security is the part that really sets Incapsula apart from the rest, and which is why I chose the service in the first place. Obviously, a paid plan offers considerable more security than a free plan. However, one feature that does come with the free plan (and – correct me if I’m wrong – which CloudFlare does not have, not even in their paid plans) is Two Factor Authentication login for my website, ensuring that I and only I am able to log in for administering my blog and publishing any posts (or I can set a a given number of designated and verified admins). Considering how often I do log in this is probably going to be more of a hassle than a security feature, but good security is meant to be a hassle, isn’t it? Otherwise it wouldn’t be any security, or?

The other feature I cannot do without is the Web Application Firewall. Five years ago it used to come with the free plan, now it’s only in the paid plans. Do I really need it? Well, my site my not be the likeliest of potential targets for attack, but you never know, and judging from my thwarted attack stats the firewall has done its job well. During the last 90 days I’ve stood against 4 SQL Injection attempts, 8 Cross Site Scripting attempts and 108 Illegal Resource Requests. Perhaps not worth worrying too much, then again, there’s no telling what could have happened to my website in the three years I did nothing to it, had I not been protected by Incapsula.

Conclusion

After more than 4 years with Incapsula I have no reason to question the security layer surrounding my website. It works, it’s easy to use, and it can be set to do exactly what you want, provided you know what you want. That said, even to lesser sophisticated website owners like I am Incapsula is definitely worth the price.

Related links

Related posts

Resilience X 10

Leave a reply
Revised on: 2015-11-07

Transport network resilience has 10 properties. So says Pamela Murray-Tuite in her 2006 article A Comparison of Transportation Network Resilience Under Simulated System Optimum and User Equilibrium Conditions. I had completely forgotten about these 10 properties, until I came across them again in an 2013 article on Safeguarding critical transportation infrastructure by Joseph S.Szyliowicz. However, there’s more to the story than just this…

Too many posts to remember

The reason for looking deeper into Szyliowicz’ paper in the first place was that I had searched academic literature databases for references of my papers to see whether any of the papers I had written was making an impact. In Szyliowicz’ paper I found that he had cited a blog post I wrote in 2011, about The UK Transport Network Resilience…and I.  Looking it it up, I discovered that I had mentioned Murray-Tuite’s ten properties in my own blog post 4 years ago. So why did I forget about them? Too many posts to remember, perhaps. Besides I never mentioned Murray-Tuite as a reference in the post or as a worthy paper in my literature review list, otherwise I might have remembered her, I guess. I only copied Murray-Tuite’s definitions from the report I was reviewing in that blog post.

Not her own

Anyway, upon re-reading the article by Murray-Tuite I realised the ten properties were not all her creation, but taken from other authors. Six out of ten came from a 2003 paper on Urban Hazard Mitigation: Creating Resilient Cities by David Godschalk. Ouestions of originality aside, she does deserve credit for taking the concept of resilience from the realm of urban planning and adopting it to the realm of transport planning. Moving ideas from one realm to another is not always straightforward. Murray-Tuite also deserves solid credit for describing and quantifying four of these properties with regard to transport networks.

Ten properties of resilience

According to Murray-Tuite, the ten properties of resilience in transport network are redundancy, diversity, efficiency, autonomous components, strength, adaptability, collaboration, mobility, safety, and the ability to recover quickly.

Redundancy – the transport system contains a number of functionally similar components which can serve the same purpose and hence the system does not fail when one component fails (for example, a number of similar routes are available with spare capacity).
Diversity – the transport system contains a number of functionally different components in order to protect the system against various threats (for example, alternative modes of transport are available).
Environmental Efficiency – a transport system which is environmentally efficient will be more sustainable, and capacity is less likely to be constrained due to environmental reasons.
Autonomy – the components of the transport system are able to operate independently so that the failure of one component does not cause others to fail (for example, can the transport system operate safely in the event of a power cut?).
Strength – the transport systems ability to withstand an incident (for example, how extreme a flood event can the system cope with?).
Adaptability – or flexibility, can the transport system adapt to change and does it have the capacity to learn from experience (for example, an area-wide traffic management system can adapt to differing traffic conditions).
Collaboration – information and resources are shared among components and/or stakeholders (for example, contingency plans in the event of an emergency and the ability to communicate with system users).
Mobility – travellers are able to reach their chosen destinations at an acceptable level of service.
Safety – the transport system does not harm its users or expose them, unduly, to hazards.
Recovery – the transport system has the ability to recover quickly to an acceptable level of service with minimal outside assistance after an incident occurs.

The first six are taken from Godschalk, and mobility is taken from the page called Evaluating Transportation Resilience on the Victoria Policy Institute website. On a sidenote, some of my works have also been included there, namely, The vulnerability of road networks in a cost-benefit perspective, a paper I presented at TRB in 2005.

Seven properties of resilience

In the opriginal paper, if it can be put that way, Godschalk actually lists seven properties of resilience. The seventh, interdependence, was apparently not found applicable by Murray-Tuite. I wonder why, because Godschalk defines this property as such

Interdependent: with system components connected so that they support each other

In my opinion a resilient transport network should definitely be interdependent in the way that Godschalk describes it.

On another sidenote, Godschalk also refers to the Victoria Policy Institute website as one of his references. However, given the year Godschalk wrote his paper, that website and their TDM Encyclopedia was probably still in its infancy.

The resilient city

One paragraph that really struck a cord with me is where Godschalk describes his view of the ideal resilient city:

Resilient cities are constructed to be strong and flexible, rather than brittle and fragile. Their lifeline systems of roads, utilities, and other support facilities are designed to continue functioning in the face of rising water, high winds, shaking ground, and terrorist attacks. Their new development is guided away from known high hazard areas, and their vulnerable existing development is relocated to safe areas. Their buildings are constructed or retrofitted to meet code standards based on hazard threats. Their natural environmental protective systems are conserved to maintain valuable hazard mitigation functions. Finally, their governmental, non-governmental, and private sector organizations possess accurate information about hazard vulnerability and disaster resources, are linked with effective communication networks, and are experienced in working together.

In some way that is exactly what I am trying to do in my day job as a Resilience Adviser, with the lifeline system of roads being the starting point.

Resilience and redundancy

Going back to Szyliowicz, his paper focuses on the various facets of resilience, although most of the paper is spent on what the US has done or not done or perhaps should have done since 9/11 to increase resilience in the transport infrastructure. That said, I do sense that he is ever so slightly inclined towards redundancy as a key ingredient in resilience. Moreover, he credits me with quoting transit planning consultant Bob Bourne for saying that

‘‘Redundancy is not favored by policy makers and can add to costs. However, a system with excess capacity will perform well in times of crisis and will provide additional service during normal times.’’(cited in Husdal, 2011).

Honestly, I never mentioned Bob Bourne in my blog post on resilience. I even checked the web archive to see if it was ever there. What I did find though, with the help of Google, was a 2011 blog post by transit planning consultant Jarret Walker, who cited Bob for those exact words. So much for due diligence…

Thirty-one properties of resilience

On a final note, Godschalk in his paper references Harold D. Foster and his book The Ozymandias Principles: Thirty-one Strategies for Surviving Change. That book features no less than 31 dimensions of resilience, divided by social, physical, environmental, operational, economic, systems and time dimension. It’s not an easy book to get one’s head around, but one day I will present the book on this blog

Reference

Murray-Tuite, P. (2006) A Comparison of Transportation Network Resilience Under Simulated System Optimum and User Equilibrium Conditions. Proceedings of the 38th Conference on Winter Simulation, Monterey, CA, USA — December 03 – 06, 2006 DOI: 10.1109/WSC.2006.323240

Godschalk, D. (2002) Urban Hazard Mitigation: Creating Resilient Cities. Nat. Hazards Rev., 4(3), 136–143 DOI: 10.1061/(ASCE)1527-6988(2003)4:3(136)

Szyliowicz, J. (2013) Safeguarding critical transportation infrastructure: The US case. Transport Policy, Volume 28, Pages 1-122 (July 2013) DOI: 10.1016/j.tranpol.2012.09.008

Author links

Related posts

The future of SCRM

Leave a reply
Revised on: 2015-10-27

What is the potential future for supply chain risk management? That is what Abhijeet Ghadge, Samir Dani, and Roy Kalawsky try to answer in their 2012 paper on Supply chain risk management: present and future scope. This paper, so they write, examines supply chain risk management (SCRM) from a holistic systems thinking perspective by considering the different typologies that have evolved as a result of earlier research. Based on this they outline future requirements and research opportunities in SCRM.

Systematic Literature Review – SLR

What fascinates me with this paper is the systematic literature review (SLR) methodology the authors employed to evaluate and categorise a literature survey of quality articles published over a period of ten years (2000-2010). This is very similar to a literature review on organisational resilience that I wrote about a few weeks ago. However, what really strikes me is how this paper visualises the results, clearly identifying which research strands – or rather: clusters – that exist:

Based on the clusters, the following typologies were identified for further data screening of papers on supply chain risk management.

  • Based on type of risk: organizational risk, network risk and other risks comprising of environmental (man-made and natural disasters), political/social and exchange rate risks.
  • Based on management level: mitigation strategies are operational, tactical or strategic.
  • Based on research methodology: qualitative and quantitative research methodologies.
  • Based on risk management process: risk identification, assessment and mitigation and/or control.
  • Based on approach to SCRM: the risk mitigation approach could be either proactive or reactive.

In the end seven distinct research areas were found as possible starting grounds for future research:

Behavioural perceptions in risk management 
Research on developing practices for unbiased or rational decision making is unexplored area in SCRM approach demands research.

Sustainability factors
It is inferred from this research that sustainability factors (economic, environmental and social) will have a larger influence on how SC are designed in the future.

Risk mitigation through collaboration contracts
It was evident during the analysis that, supplier default risk, quality risk and management risk within SC network are underexplored.

Visibility and traceability
Risk mitigation (proactive management or reactive risk response) can be greatly improved if information is readily available, is timely and accurate.

Risk propagation and recovery planning
Understanding the risk potential beyond the dyad through the chain and then the network provides an insight into how risk can propagate.

Industry impact
Although, this study is related to academic work on SCRM, it is vital to put it in the context of the impact that the work creates within industry.

Holistic approach to SCRM
Holistic SCRM is found to be lacking in current literature and systems approach has the potential to guide in that direction.

Conclusion

This is a paper well-worth considering if plan on doing any research within supply chain risk management.The seven distinctive research factors along with the key references within those will provide researchers with ample options for hypotheses for future work. I for one am likely to link up with the sustainability factor, something I haven’t blogged about for a long time, not since Carter and Easton (2011) Sustainable supply chain management: evolution and future directions.

Reference

Ghadge, A., Dani, S., and Kalawsky, R. (2012) Supply chain risk management: present and future scope. The International Journal of Logistics Management, 3 (23) , pp.313 – 339 DOI: 10.1108/09574091211289200

Author links

Related posts

Supply Chain Risk redefined?

Leave a reply
Revised on: 2015-10-10

What is supply chain risk really? That is what Iris Heckmann, Tina Comes and Stefan Nickel try to answer in their article titled A critical review on supply chain risk – Definition, measure and modeling, published in 2015. In this paper, existing approaches for quantitative supply chain risk management are reviewed by setting the focus on the definition of supply chain risk and related concepts. What they found may actually surprise you. Or not.

Supply Chain Risk is still undefined

Supply chain risk is still a very new field of research in a historical perspective, still lacking some common ground and still taking off in different directions, still not having a universal and agreed-upon definition of supply chain risk. From that point of view the authors boldly state that “This review overcomes a hole in the literature which regards the lack of a clear definition of risk within the context of supply chain risk management.” Having dealt with supply chain risk one way or the other for a decade now I first thought they might have bitten off more than they can possibly chew, but as I read on I realised that they are on the way to something, definitely yes.

Deja-vu

In parts this paper reads like a cross-section of this blog, citing articles and reports I am quite sure they must have found here. That said, they also have a vast number of references that are completely unknown to me. What I can see though is that the authors have done an extremely thorough job in collecting and reviewing not only the core literature on supply-chain risk, but they have also managed to link and connect more peripheral literature that deals more indirectly with supply chain risk. What I think this papers shows is how the combined strength (i.e. research interests) of three authors can work together in creating the fullest possible overview of supply chain risk literature.

Risk – a historical recap

Something  I really enjoyed reading was the historical recap of how risk was used and understood from the very beginning, starting with the old Greek rhisikon, describing the need to avoid difficulties at sea. Already then, more than two thousand years ago, risk had some connection to (sea-faring) commercial activities. In the 14th century Northern Italian traders adopted the term for describing the danger of losing their ships, and here

risk expresses the fear that economic activities lead to the loss or devaluation of an important asset or a decrease in the performance of the business.

Risk in today’s supply chains is perhaps not very far from this century-old definition of risk? That may be, but, along with the advancement of mathematical theories in the 17th century, risk became increasingly connected to probability theory and the probability of events and outcomes. That is how we most often understand risk today, in mathematical numbers. However, supply chain risk literature seems to be very little concerned with probability theory. Perhaps that is why what the authors lament most of all is “a lack of a clear and adequate quantitative measure for supply chain risk that respects the characteristics of modern supply chains”. My counter-question is, why do we need that? The answer is in my last paragraph below.

Supply Chain Risk – analysed, analysed and analysed

The authors do an excellent job in research, classifying and sorting the past and present supply chain risk literature, really giving new insights into where some of literature fits in. Going into details here would take it to far. All I can say is that the literature is reviewed and scrutinised from every possible angle I can think of, and more. I must say that I now have a much fuller understanding and wider perspective of all facets of supply chain risk.

Supply Chain Risk

Towards the end the authors come of with this definition of supply chain risk:

Supply chain risk is the potential loss for a supply chain in terms of its target values of efficiency and effectiveness evoked by uncertain developments of supply chain characteristics whose changes were caused by the occurrence of triggering-events.

Is this a good definition of supply chain risk? It seems to comprise everything, but at the same time it appears a bit abstract and perhaps even a bit akward, i.e. academically correct, but difficult to understand in practice.  That said, it’s not any worse than ISO 31000 that defines risk as “the effect of uncertainty on objectives”, which is even more abstract.

Conclusion

What this paper does show, and I must commend the authors on their efforts, is that the supply chain risk literature has a great number of vastly different definitions and modelling approaches, and reviewing all of them must have been a daunting task.  Given this diversity it is no wonder then that supply chain risk still lacks a common ground for research. Perhaps then we should just let supply chain risk be what is, complex, and not fit for quantifying?

Giordano Bruno Revisited

I’m reminded of what I wrote 10 years ago, in a discourse on reliability and vulnerability in transport networks, where I discussed my proposed PhD topic and my intention to quantify reliability and vulnerability so that it could be used in a cost-benefit decision. In the end I found out that quantitative research was not my cup of tea and I decided to go with Giordano Bruno instead.

Giordano Bruno (1548-1600) was a philosopher who took the current ideas of his time and extrapolated them to new and original vistas. Bruno advocated the use of conceptualising, that is to think in terms of images. He said that to think was to speculate with images. Complex scientific correlations are often better explained in pictures than in mathematical formulae. Rather than spinning his ideas from the yarn of algebra, the cobweb of modern science, Bruno moulded pictures and manipulated visual images to interpret complex ideas.

The reason for researching supply chain risk is to make better supply chain management decisions. With Bruno in mind, decisions should not be determined by numbers alone; decisions should be fully envisioned and comprehended by the decision makers. This is only possible by speculating with images what the outcome of the decision will be. Following Bruno’s lead, leaving the mathematical world of risk and probability behind, perhaps supply chain risk research should stay as it is, diverse and rich in images and concepts, but poor in formulae. From my point of view I hope it does so,

Reference

Heckmann, I., Comes, T., Nickel, S. (2015) A critical review on supply chain risk – Definition, measure and modeling. Omega (52), 119-132 DOI: 10.1016/j.omega.2014.10.004

Author links

Related posts

Am I making an impact?

2 Replies
Revised on: 2015-10-04

Is what I am doing worthwhile? Is anybody reading and using what I write? Am I contributing to a broader and/or better understanding of supply chain risk and (transport) vulnerability? After more than a decade of blogging and researching I think those are legitimate questions to ask. More than anything, am I making an impact…at all? For many of us researchers that is an important question, because, after all, we do hope that someone picks up our ideas.

Robustness and Flexibility 2004

One concept that I have found cited more recently is what started out 11 years ago in 2004 as a university course paper on flexibility and robustness as options to reduce risk and uncertainty. In hindsight, it is not a paper I am particularly proud of, but it was the starting point for an illustration that later became the core idea of much of my work.

Flexibility and Robustness

Admittedly, not the best illustration, but the idea was to show that robustness means enduring and withstanding changes in the environment without severe impact, while flexibility means reacting to and adapting to the same changes, while not deviating from the target.

Robustness, Flexibility and Resilience 2008

Some years later in 2008 I added resilience to the concept, thinking I now had the whole picture, and once and for all – or so I thought – defined what robustness, flexibility and resilience are about:

Robustness Flexibility Resilience

The idea here was to show that robust means staying on course, despite being buffeted from both/many/all sides.  Yes, there are impacts, but they do not severely hamper reaching the target. In this picture flexible means reacting to environmental circumstances and changing course or even the target without reducing performance. Resilient is coming back to where we were after suffering a blow or setback.

Risk Management in Logistics 2009

This clear distinction between these terms was apparently good enough to earn me a place in a Dutch book titled Risicomangement en Logistiek (Risk Management in Logistics):

Robustness-Flexibility-Resilience

The picture is slightly skewed, but is still the same as the original.

Robustness, Flexibility, Agility and Resilience 2009

Robust-Flexible-Agile-Resilient

Later, after gaining more insight in 2009, I added agility to the same concept, and I now had what I thought to be the best possible illustration of robustness, flexibility, agility and resilience, defining all four concepts in one:

Here I differentiated between flexibility and agility by saying that flexibility meant reacting to environmental changes in an expected and preplanned manner, while agility implied reacting in an unexpected and unplanned (creative) manner.

Robustness, Flexibility, Agility and Resilience 2010

That complete concept was published in 2010 in my book chapter on A Conceptual Framework for Risk and Vulnerability in Virtual Enterprise Networks, and included a lengthy discourse on the literature for all four terms:

The published Robust Flexible Agile Resilient

While I not stated it explicitly, the definitions  read like this

  • Robustness is the ability to endure foreseen and unforeseen changes in the environment without adapting.
  • Flexibility is the ability to react to foreseen and unforeseen changes in the environment in a pre-planned manner.
  • Agility is the ability to react to unforeseen changes in the environment in an unforeseen and unplanned manner.
  • Resilience is the ability the ability to survive foreseen and unforeseen changes in the environment that have a severe and enduring impact.

All four are linked, all four are important in risk management, but they all put different weight on what should be the focal point.

Dissemination

No longer a part of academia, I have little means of disseminating my ideas, but I am glad to see that my rather lengthy discourse on the difference between this terms in the book chapter has struck a cord with a number of recent publications on supply chain risk and resilience:

The two first are co-authored by Andreas Wieland, on of my Linkedin connections and perhaps the biggest proponent of my aforementioned concept so far.

What does the future hold?

I don’t know what will happen next. In any case, the answer to the initial question “Am I making an impact?” is, surprisingly, Yes.

Reference

Husdal, J. (2010) A Conceptual Framework for Risk and Vulnerability in Virtual Enterprise Networks. In: S Ponis (Ed.)(2010) Managing Risk in Virtual Enterprise Networks: Implementing Supply Chain Principles. Hershey: IGI.

Related links

Related posts

Near-shoring – less risk?

Leave a reply
Revised on: 2015-10-02

You Can’t Understand China’s Slowdown Without Understanding Supply Chains. That’s the title of a recent article written by David Simchi-Levi, the author of Operations Rules that I reviewed on this blog some time ago. Simchi-Levi believes that the slowdown is due, in part, to an acceleration of “near-shoring,” the practice of producing closer to the customer, and not as many economists would say, due to a looming economic crisis in China. That is an interesting point of view.

Bringing supply chains home

Is everything still “Made in China”? According to Simchi-Levi, the answer is No. An increasing number of companies are sourcing and producing nearer and nearer to their markets, in an effort to better manage their supply chain risks:

Global companies have realized in the last few years that strategies such as outsourcing and off-shoring have significantly increased risk because their supply chain is geographically more diverse and, as a result, exposed to all sorts of potential problems. A recent example is the explosion at a warehouse in Tianjin that ships hazardous materials, which was most likely caused by a company culture that flouted regulations. This drives companies to reevaluate their supplier and manufacturing base in order to increase flexibility and reduce risk.

The current turmoil in China will most likely accelerate the trend to near-shoring, but the impact will vary by specific industry and company.

For high tech industries (e.g., the manufacture of laptop computers and mobile phones) recreating the infrastructure in China somewhere else would be expensive and difficult to do. In contrast, it will be easier for footwear and apparel companies to move to lower-cost locations. Manufacturers of heavy products such as appliances or cars that are heavily influenced by shipment costs may find it pays to move production closer to market demand.

The bottom line: Companies need to evaluate on an ongoing basis whether the trade-offs for their particular industry have shifted enough to justify a change in their sourcing strategies.

This reminds me of a post I made in 2010, Outsourcing – Risking it all? reflecting on an article and a presentation made by Jack Barry ten years ago, where he raises some fundamental concerns about the then current trend towards global outsourcing and its consequences. Yes, it may be cutting the costs, but it is not cutting the risks.

In Global Risk: Outsourcing Services, A New Aesop’s Fable of the Ant and the Termite, a presentation he made  to the Institute for Supply Management, ISM, he reviewed his article and his thoughts behind it. If I summarise some of his slides, he said

The benefits of globalisation:
India develops my software
Ireland manages my customer service
Taiwan does my testing
Mexico performs piece labor
Germany balances my finances
Israel does my clinical research
… my supply sources are global.
>>> I have the lowest overall cost of services

The risks of globalization:
India owns my IT process and innovation
Ireland is between me and my customers
Taiwan controls my quality control
Mexico dominates my capacity curve
Germany leverages my finances
Israel has first views of my innovation
… my supply sources may be beyond my laws and conventions.
>>> I have the highest level of risk to continued operations

I guess what Barry said back then isn’t any less valid today, and you can find the full presentation for download below.

My own conclusion is that in the same way that cost-cutting is what lead companies to pursue outsourcing and offshoring in the past, risk-cutting is what now may now lead companies into sourcing and producing their goods nearer to their markets, because in sum it is less risky AND less costly. As long as labour cost and production costs were low, along with minimal logistics cost per unit, due to the sheer volume of goods that were shipped around the globe, offshoring and outsourcing made sense, but it also made supply chain risk less controllable. That realisation is perhaps finally sinking in.

Reference

Simchi-Levi, D. (2015) You Can’t Understand China’s Slowdown Without Understanding Supply Chains. Harvard Business Review. Retrieved 2015-10-02 from https://hbr.org/2015/09/you-cant-understand-chinas-slowdown-without-understanding-supply-chains

Barry, J. (2004). Supply chain risk in an uncertain global supply chain environment International Journal of Physical Distribution & Logistics Management, 34 (9), 695-697 DOI:10.1108/09600030410567469

Author link

Related links

Download

Related posts

ISCRIM – so much catching up

Leave a reply
Revised on: 2015-09-30

ISCRIM – 4 years ago it was a very big part of this blog. Unfortunately, after leaving the academic world of supply chain risk for a practitioner job in transport vulnerability, I lost touch with perhaps the main contributing source for not few of blog posts. However, attending a university course in road safety management recently rekindled my academic vibes, and even revived my interest in my husdal.com blog which had been withering along for the last three years or so. And now I have returned back to the fold, so to speak.

ISCRIM

My involvment in ISCRIM started in 2010 and the International Supply Chain Risk Management Network (ISCRIM) is a network of researchers and practitioners engaged in analyzing, developing and disseminating evidence and good practices associated with managing supply chains and their associated risks. Founded in 2001 by a handful of active researchers in this at that time still fledging field of research, it has now grown into a network of 35 researchers and practitioners in Europe and the US, and I am glad to once again being a direct part of it.

Dissemination

ISCRIM holds an annual research seminar and issues a newsletter to be found on their website once or twice every year highlighting the latest research in supply chain risk:

  • Journal articles, research papers, conference presentations, PhD theses, books and book chapters
  • Coming conferences and seminars
  • Weblinks

The newsletter is a bit of who’s who, who does what, where should you go, and where can you find more on the subject of supply chain risk. If you’re new to supply chain risk, the newsletter is the best place to start and if you’re deeply involved with supply chain risk, work-wise, research-wise or otherwise, the newsletter is the best place to stay on top of what’s going on.

Catching up

Now that I have linked up with ISCRIM again, I realise that I have missed out on a great deal of very interesting and promising research. So there’s a whole lot of catching up to do, going through every newsletter since 2012 to see which paper I would like to present on this blog. There’s so much that I don’t even know where to start and I’m glad to see new names and never heard of research topics in journal articles, which will fill this blog with new content in due time.

Looking back…looking forward

I attended the ISCRIM seminar in 2010, meeting so many interesting researchers, hearing about so many interesting topics and basically really enjoying myself surrounded by supply chain risk on all sides. Since there weren’t any other with similar interests at my research institute back then, That was a whole new experience to me, and I guess that’s one of the reasons for quitting that job, because, in the end, I was rather alone in my special field.  

In my current job as a Resilience Adviser I have a national network of 5-10 people I can share and discuss my views on transport vulnerability with, and it dawned on me how important networks are, and that I should link up with ISCRIM once again. After all, I haven’t completely left supply chain risk territory; rather I’m like standing at the top of the pyramid in Helen Peck’s 2005 article on Reconciling supply chain vulnerability, risk and supply chain management, where she managed to draw a line from the ambiguous concept of risk  in one company, through the supply chain, through extended networks and all the way up to society as a whole.

In my review of that article I concluded that

Supply chains link industries and economies more than we may be aware of, and the research agenda for supply chain risk and vulnerability needs to recognize that there are many and varied interests and communities involved. Consequently, and that is my view, too, research in supply chain risk and vulnerability is inclusive, rather than exclusive, of other fields.

In my case, given my current job, it’s probably more vice versa, I should not include other fields in supply chain risk, but rather include supply chain risk and vulnerability in the other field, i.e. what I do, namely resilience. I intend to do so, and being part of ISCRIM goes a long way in achieving that. After all, meeting and becoming part of ISCRIM has done a lot to keep my academic spirit going. Besides, as I understand it, membership is by merit, or invitation and recommendation only, so it is a bestowed privilege that I should not waste.

Related links

Related posts

28 Global Risks in 2015

Leave a reply
Revised on: 2015-09-29

The  World Economic Forum Global Risks Reports. I first came across them in 2008, when the hyperoptimisation of supply chains was a major issue, particularly, if coupled with a potential economic downturn. This was again highlighted in 2011, in the Supply Chain and Transport Risk Initiative, bringing together a range of leading experts to explore the most critical threats facing supply chain and transport networks. And now, in 2015, supply chains are again part of the global risk picture. This time, supply chains are at risk for getting too lean, highly effective, but also highly vulnerable.

Lean supply chains = risky supply chains?

The Global Risk Report 2015 does not spend much ink on supply supply chains specifically, but the make the case for supply chain risks being interwoven with many other risks that in turn make supply chains vulnerable, and vice versa:

The far-reaching global supply chains set up by multinational corporations are more efficient, but the complexity and fragility of their interlinkages make them vulnerable to systemic risks, causing major disruptions. These comprise natural disasters, including those related to climate change; global or regional pandemics; geopolitical instability, such as conflicts, disruptions of critical sea lines of communication and other trade routes; terrorism; large-scale failures in logistics; unstable energy prices and supply; and surges in protectionism leading to export/import restrictions.

This reminds me of a post I made in 2009 where I reflected on the upsides and downsides of lean supply chains, based on a couple of articles I had read, and my conclusion was quite simple:

Is lean logistics the same as risky logistics? No, lean does not necessarily make you more vulnerable or less robust towards supply chain disruptions. Lean implies agile, and agile is what is needed to overcome supply chain disruptions.

The only problem, and the Global Risk report 2015 highlights this, is that world is no longer peaceful and quite for the most, it’s a rather unstable place with an uncertain future.

Global risk at a glance

At the heart of the Global Risk report 2015 is the overall risk picture. The Global Risks Landscape, a map of the most likely and impactful global risks, puts forward that, 25 years after the fall of the Berlin Wall, “interstate conflict” is once again a foremost concern. For those of us who have lived long enough to see and feel the rise and fall of the Cold War, that is not the 2015 world we expected in the early 1990s.

In 2015, on one hand, the most likely risks are Interstate conflict, Failure of national governance, State collapse or crisis, along with Failure of climate change adaptation and Extreme weather events. On the other hand, the most average risks, i.e. what the respondents fear most, are Food crisis and Profound social instability, along with Large-scale involuntary migration, the latter making much of the news in Europe this summer.

An interesting feature of the 2015 report is what trends that contribute to what risks:

It is clear that Profound social instability is THE risk that is driven by a number of trends, alongside Interstate conflict and Failure of national governance.

Looking at how risks are interconnected, a similar picture emerges:

Again, Profound social instability, Interstate conflict and Failure of national governance are at the heart of all other risks.

Conclusion

In summary, the Global Risk report 2015 highlights and reflects upon a wide range of cross-cutting challenges that can threaten social stability. These risks are additionally aggravated by the legacy of the global economic crisis in the form of strained public finances and persistent unemployment. So basically, things have not improved since the inception of the Global Risk Reports in 2005, they have in fact turned worse. Local risks have now gone global.

Related links

Related posts

Robust, Rapid, Resilient

Leave a reply
Revised on: 2015-09-27

The resilience of infrastructure systems can be measured by two dimensions: robustness, the extent of system function that is maintained, and rapidity, the time required to return to full system operations and productivity. That is the theme in Fostering resilience to extreme events within infrastructure systems: Characterizing decision contexts for mitigation and adaptation, written by Tim McDaniels, Stephanie Chang, Joseph Mikawoz, Darren Cole, and Holly Longstaff. A very interesting paper, indeed, for more than one reason.

What influences the disruption profile?

In a previous post on transport network resilience by Mattson and Jenelius, I was struck by a figure they had taken from this paper. It was a disruption profile, used time and again by a number of researchers within resilience, vulnerability, reliability and related subjects.

In this particular paper the shape of the disruption profile is influenced by two variables: robustness and rapidity. Robustness, in turn, is influenced by mitigation, while adaptation influences rapidity. As a concept this makes sense.

More interesting than the above figure is the construct behind it, illustrated in the form of a flowchart, showing how the influence of mitigation and adaptation comes into play:

At the top of the figure is the socio-technical context. Here are the variables that affect the decisions as to how much pre-disaster mitigation that is required  (e.g. by law or based on prior experience), how much that is desired (e.g. risk acceptance) or how much that is economically viable (budgetary constraints).

Following the mitigation decision, at the next level, the system’s vulnerability is determined by another set of variables: the system’s technical resilience, and the organization’s organisational resilience and how they meet the next variable, which is a particular hazard.

Combined, technical and organisational resilience determine the immediate operational capacity following an event, depending on the hazard causing the event. That is the system’s robustness.

After the immediate operational capacity has been established, adaptation decisions must be made as to how to regain full operational recovery, the speed of which is a system’s rapidity in getting back to normal.

The evaluation of pre-disaster and post-disaster decisions and actions initiates a learning process that in turn leads to a new socio-technical context.

In essence, pre-disaster mitigation fosters robustness, and post-disaster adaptation fosters rapidity.

Conclusion

This paper clearly outlines a conceptual framework where resilience, a combination of both rapidity and robustness, is a result of ex-ante and ex-post decisions. Albeit resilience in common thinking more often than not is linked to how an organisation copes with an event ex-post, much of the groundwork for the coping process is laid ex-ante.

Reference

McDaniels, T., Chang, S., Cole, D., Mikawoz, J., Longstaff, H. (2008) Fostering resilience to extreme events within infrastructure systems: Characterizing decision contexts for mitigation and adaptation. Global Environmental Change 2 (18), 310–318

Author links

Related posts

In this particular paper

Global Resilience Index

Leave a reply
Revised on: 2015-09-24

The 2015 FM Global Resilience Index provides an annual ranking of 130 countries and territories according to their business resilience to supply chain disruption. Presented both as a report and an online map it is a visually impressive way of conveying an important message: Beware of where you do your business. As to my home turf the report Norway retains its top position in the index from last year, with strong results for economic productivity, control of corruption, political risk and resilience to an oil shock.

The map

This is how the map looks like for 2015

It’s definitely intriguing to see which countries that rank at lower end and higher end of the resilience scale.

Comprehensive and complete?

Supply chain risk is one of the leading causes of business volatility, so says the report.

The FM Global Resilience Index is the first data-driven tool and repository that ranks the resilience of 130 countries and territories to supply chain disruption. It is designed to help executives evaluate and manage unknown risk potentially inherent in the countries they rely upon. Nine key drivers of supply chain risk are grouped into three categories: economic, risk quality and supply chain factors.

Well, lets take a closer look at how the index is calculated

Levels, factors and drivers

The index is calculated at three levels. Level 1 of the index provides a country ranking of business resilience to supply chain disruption. Level 2 comprises three factors, the core elements of resilience: economy, risk quality and supply chain. Level 3 includes a set of nine drivers that determine the business resilience to supply chain disruption for a country: GDP per capita, political risk, vulnerability to an oil shock, exposure to natural hazard, quality of natural hazard risk management, quality of fire risk management, control of corruption, infrastructure, quality of local suppliers:

I think this index does capture most of what goes into measuring resilience, although it’s hard to judge from the outside what actually goes into the calculations of levels, factors and in particular, the drivers. This is proprietary data. That said, I have no doubt that the scores are statistically sound and based on valid data.

Conclusion

In their own words, FM Global describes the index as

The index offers business executives an additional resource to help in prioritising supply chain risk management and guiding strategy in four key areas:

1. Selecting suppliers based on the supply chain risk/resilience of the countries in which they are located,
2. Deciding where to locate facilities,
3. Evaluating the resilience of the countries hosting existing facilities, and
4. Assessing the resilience of the countries where customers’ facilities are based.

In summary, the index provides a robust, composite view of business resilience to supply chain disruption around the world.

A bit of marketing here, but worth looking at, as an initial step in assessing one’s own supply chain resilience.

Related links

Related posts

Broken links and broken promises

Leave a reply
Revised on: 2015-09-26

Maintaining a blog with more than 500 posts is a daunting task. While a post itself may still be OK, 8 years after it was written, the links in it most likely are not. When I revived my blog after three years of hibernation I knew this was going to be a a major problem. It was a problem I created myself in the first place. I don’t know where I got the (stupid) idea from that it would be a good idea to include links to the authors of the pares, books and reports I review on this blog. Well, essentially it is a good idea, because it allows me and my readers to link up with those who create or contribute to much of my content.

As time goes by

The only problem with this seemingly good idea of including links is that people change jobs, and organisations change websites, and it is totally up to me to find out. With more than 500 posts it’s hard to remember which posts that are most likely to have a change in external links. For one reason or the other I decided to link to people within academia at their academic institutions, be that professors, researcher or PhD students. Major pitfall. Reports and whitepapers that could be downloaded were linked to directly instead of downloading to my site and serving from there. Pitfall again. Blogs and websites are now closed or defunct or restructured in a way that my link no longer works. My fault for not reading these blogs/websites as often as I perhaps should.

Linkedin to the rescue

I quickly realised that this was going to be a mess when I started blogging again and started linking my newest posts with older posts that contained external links. There’s no point in referring to a source if the source cannot be found. Well, thank God for Linkedin. Most of the people mentioned on this blog are now on linkedin.com. Apparently they were not when I started to blog. Or researchgate.net. Or academia.edu. Or wherever else I could find them or what I linked to using Google. Some links turned out to be just dead with no traces of their content, even on Google, so I just deleted them, sorry about that. Hopefully they will not be missed. Lesson learned: link to a stable source.

One in twenty only?

So I started out to rectify this post by post, but soon began to think that there must be a better way. After all, I’m using WordPress, and surely, WordPress must have a plugin for that. Yes, it had a Broken Link Checker, and soon after installing it came up with 500 broken links out of 9000 (external and internal) links in total, that’s 5% or 1 in 20. Not too bad, and after a couple days hard work everything seemed in order. Well, “seemed” is the right word, because there are still a number non-functioning links. Sometimes a link to non-existing page will be redirected to, say, the university or company homepage, and not be registered by said plugin, because the links seems to work, technically speaking.

Bear with me, please

It will take a while before everything is in order on this blog, but I’m working on it every day. If you find a link that is not working, or not working as it should, please let me know. You can contact me directly using my contact form or you can leave a comment below the post.

Thank you for your understanding.

Related posts