Publication

As the energy sector has become more globalized and increasingly complex in its reliance on software components, supply-chains risks have evolved and expanded. One such risk that stands out is ‘unintended taint’, namely flaws in software components unintentionally built into products in design or implementation. Such flaws may lead to unintended supply-chain subversion, and represents a significant and credible threat to the functionality of critical infrastructure within the energy sector. This issue brief outlines a taxonomy for understanding such software related energy sector risks and provides concrete recommendations for policy makers and the private sector on how to address them.