| Recurring |
one_organization, multiple_organization |
(a) The software failure incident having happened again at one_organization:
- Toyota Motor experienced a cyberattack on a supplier, Kojima Industries, which led to a one-day halt in production at Toyota's factories [124006, 124335].
- This incident is reminiscent of a previous cyberattack on Honda Motor in June 2020, which also resulted in the suspension of some auto and motorcycle production globally [124006].
(b) The software failure incident having happened again at multiple_organization:
- The article mentions that a lower-tier maker of water pumps and other automotive parts, GMB Corp, also experienced unauthorized access suspected to be ransomware on its server [124335].
- Additionally, in November 2020, Japanese videogame maker Capcom faced a ransomware attack that compromised personal information of up to 350,000 gamers and some of its financial data [124006]. |
| Phase (Design/Operation) |
design, operation |
(a) The software failure incident in the articles can be attributed to the design phase. The incident was caused by a cyberattack on a supplier, Kojima Industries, which resulted in a system failure due to an error at one of its file servers that was infected with a virus [124006, 124335]. This failure in the design of the system's security measures allowed the cyberattack to disrupt communication with Toyota over parts orders and led to the suspension of production at the automaker.
(b) The software failure incident can also be linked to the operation phase. The failure was exacerbated by the operation or misuse of the system, as the system failure at Kojima Industries meant the supplier was unable to ship parts, forcing Toyota to pause production [124006, 124335]. This highlights how the operational aspects of the system, such as communication and supply chain management, were impacted by the cyberattack on the supplier. |
| Boundary (Internal/External) |
outside_system |
(a) within_system: The software failure incident at Toyota was caused by a cyberattack on its supplier, Kojima Industries, which resulted in a virus infecting the supplier's server and a threatening message being discovered. This led to a system failure at Kojima, hampering communication with Toyota over parts orders and ultimately forcing Toyota to pause production [124006, 124335].
(b) outside_system: The cyberattack on Toyota's supplier, Kojima Industries, was initiated externally, as the attack was not from within Toyota's own systems but rather targeted at a supplier providing parts and components to the automaker. The attack was not directly related to Toyota's internal systems but impacted its production due to the disruption in the supply chain caused by the supplier's system failure [124006, 124335]. |
| Nature (Human/Non-human) |
non-human_actions, human_actions |
(a) The software failure incident in the articles was primarily due to non-human actions. Specifically, it was caused by a cyberattack on a supplier, Kojima Industries, which resulted in a virus infecting their server and disrupting communication with Toyota, leading to a suspension of production at Toyota's factories [124006, 124335].
(b) Human actions were also involved in the software failure incident. For example, the error at one of Kojima Industries' file servers was discovered after rebooting the server, indicating some level of human interaction before the virus infection was confirmed. Additionally, the government expressed concerns about the cybersecurity measures of small or mid-level subcontractors, suggesting potential human-related vulnerabilities in the supply chain [124006, 124335]. |
| Dimension (Hardware/Software) |
software |
(a) The software failure incident reported in the articles was not due to hardware issues. The incident was caused by a cyberattack on a supplier, Kojima Industries, which resulted in a virus infecting their file server and disrupting communication with Toyota, leading to a suspension of production at Toyota's factories [124006, 124335].
(b) The software failure incident was primarily due to contributing factors that originated in software, specifically a cyberattack involving the malware Emotet. The attack on Kojima Industries' file server resulted in the infection with a virus and a threatening message, impacting their ability to ship parts to Toyota and causing a production halt at Toyota's factories [124006, 124335]. |
| Objective (Malicious/Non-malicious) |
malicious |
(a) The software failure incident at Toyota, where production was halted due to a cyberattack on a supplier, is categorized as a malicious software failure incident. The incident involved a cyberattack on Kojima Industries, a supplier to Toyota, where a virus infected their server and a threatening message was discovered [124006, 124335]. The attack led to a system failure that hampered communication with Toyota over parts orders, resulting in the suspension of production at Toyota [124335]. The attack was suspected to be related to the powerful malware Emotet, which is used to gain access to a victim's computer and can lead to further malicious activities such as stealing data or deploying ransomware [124006, 124335]. The incident raised concerns about cybersecurity vulnerabilities in Japan's supply chain and highlighted the potential impact of cyberattacks on critical manufacturing operations [124006, 124335]. |
| Intent (Poor/Accidental Decisions) |
unknown |
(a) The intent of the software failure incident:
- The software failure incident at Toyota, caused by a cyberattack on a supplier, was not attributed to poor decisions but rather to a deliberate attack by unknown perpetrators [124006, 124335].
- The attack resulted in the infection of a supplier's server with a virus, leading to a threatening message and disruption of communication with Toyota, ultimately halting production [124006, 124335].
- The incident highlighted concerns about cybersecurity vulnerabilities in Japan's supply chain and the potential impact on major manufacturers like Toyota [124006, 124335]. |
| Capability (Incompetence/Accidental) |
accidental |
(a) The software failure incident related to development incompetence is not explicitly mentioned in the provided articles. Therefore, it is unknown whether the incident was due to factors introduced by lack of professional competence by humans or the development organization.
(b) The software failure incident related to accidental factors is evident in the articles. The incident at Toyota was caused by a cyberattack on a supplier, Kojima Industries, which led to a one-day halt in Toyota's factories [124006, 124335]. The cyberattack was not attributed to any specific entity, and it was unclear whether it was related to geopolitical events [124006, 124335]. The attack resulted in the infection of a file server with a virus, leading to a system failure that disrupted communication with Toyota and forced a production suspension [124006, 124335]. Additionally, another company, GMB Corp, reported unauthorized access suspected to be ransomware on its server, indicating a broader issue with cyber threats affecting suppliers in the automotive industry [124335]. |
| Duration |
temporary |
The software failure incident reported in the articles was temporary. The incident caused a one-day halt in Toyota's production due to a cyberattack on a supplier, Kojima Industries, which led to a system failure and the inability to ship parts to Toyota, forcing the automaker to pause production [124006, 124335]. Additionally, the articles mention that Toyota would be able to resume operation by tapping into a backup network between it and the supplier, indicating a temporary disruption that could be resolved within a week or two [124006, 124335]. |
| Behaviour |
crash, omission, other |
(a) crash: The software failure incident in the articles can be categorized as a crash. The incident led to a one-day halt in Toyota's factories due to a cyberattack on a supplier, causing a suspension of production and hitting the output of around 13,000 vehicles [124006, 124335].
(b) omission: The software failure incident can also be categorized as an omission. Kojima Industries, the supplier affected by the cyberattack, discovered an error at one of its file servers, which led to a system failure hampering communication with Toyota over parts orders and resulting in a suspension of production at the automaker [124006, 124335].
(c) timing: The software failure incident does not align with a timing failure as there is no indication in the articles that the system performed its intended functions too late or too early.
(d) value: The software failure incident does not align with a value failure as there is no indication in the articles that the system performed its intended functions incorrectly.
(e) byzantine: The software failure incident does not align with a byzantine failure as there is no indication in the articles that the system behaved erroneously with inconsistent responses and interactions.
(f) other: The other behavior observed in the software failure incident is related to the cyberattack causing the system to be infected with a virus, leading to a threatening message and a halt in production. This behavior can be categorized as a security breach or intrusion impacting the system's normal operations [124006, 124335]. |