The Role of Blockchain Technology in Augmenting Supply Chain Resilience to Cybercrime

: Using a systematic review of literature, this study identiﬁes the potential impact of blockchain solutions for augmenting supply chain resilience (SCR) to cybercrime. This rich literature synthesis forms the basis of a novel theoretical framework that provides guidance and insight for blockchain adopters and vendors as well as delineate palpable beneﬁts of this novel technology. An interpretivist philosophical design and inductive reasoning are adopted to conduct the systematic review of literature. A total of 867 papers were retrieved from Scopus database between the years of 2016 and 2020 and subsequently analysed via abductive reasoning, grounded theory and a thematic meta-analysis; where the latter was achieved using a scientometric approach and software tools such as VOS viewer and NVivo. Scientometric analysis revealed the most proliﬁc countries, sources, publications and authors who reside at the vanguard of blockchain developments and adoption. Subsequent grounded theory analysis identiﬁed six main clusters of research endeavour viz: “case study”, “challenges and opportunity”, “traceability”, “smart contract” “blockchain and IoT” and “data security”. From 28 SCR metrics identiﬁed within literature, ﬁve were found to have been positively impacted by blockchain technology solutions, namely: “visibility”, “collaboration”, “in-tegration”, “risk management” and “information sharing.” Prominent applications of blockchain technology in practice were “traceability systems” and “smart contracts” which are often implemented separately or in combination and primarily in food supply chains. This research constitutes the ﬁrst study to critically synthesise extant literature for evaluation of blockchain solutions’ implication on SCR metrics. New perspectives obtained provided a basis for the novel theoretical framework for implementation that will be valued by software developers and adopting organizations, whilst creating new direction for researchers interested in blockchain technology.


Introduction
Since the discovery of blockchain technology's viability in environments other than original cryptocurrency practices, applications have exponentially proliferated in diverse industrial sectors such as: insurance [1]; content distribution [2]; logistics [3,4]; travel [5]; healthcare [6,7]; e-commerce [8]; and banking systems [9]. Novel supply chain applications are no exception and various work has been undertaken to explore its applications primarily on food supply chains, particularly emphasizing product traceability and visibility enhancement features cf. [10,11]. Other researchers such as Queiroz et al. [2], Sawyerr and Harrison [12] and Maesa and Mori [13] studied blockchain's innate immutability aspects of stored transactional data.
However, with multitudinous and largely unforeseen disturbances to global supply chains (e.g., the Global Financial Crises in 2008 [14]; the 9-11 terrorist attack [15,16] and Covid-19 pandemic [17,18]) engenders the necessity to evaluate the impact of technological advancements on supply chains in times of disruption rather than solely measuring their impact in a "business as usual" scenario [19,20]. Researchers studying the risks associated with these unforeseen disruptions, categorize them into two major dichotomous group of "external" and "internal" risk groups [21][22][23]. External risks are associated with unexpected events occurring extrinsically that stifle the supply chain system and induce a ripple effect (throughout the supply chain) that prolong the recovery from the disruption [21,22]. Examples of external risks include force majeure (e.g., earthquakes, hurricanes and floods) but also man-made catastrophes (e.g., computer viruses, terrorist attacks, economic turbulence or recession) [19,20]. These risks not only have the inherent capacity to create operational disruptions and shortages to supply chain participants, but also threatens an organisation's financial and human resources such that distribution, transportation and communication suffers immeasurably [20]. External risks are largely unavoidable and hence, organisations can only prepare to mitigate their disruption vis-à-vis eliminate them [23]. Conversely, internal risks are associated with uncertainties of supply-demand coordination events or unprecedented change in product specifications [20,24]. Forrester [25] defined the "bullwhip effect" concept in supply chains as depicting fluctuations in purchasing an inventory to fulfil customer demand that accumulates towards the upstream of a supply chain. This concept occurs when a supplier's order is larger than a buyer's order and is often caused by poor quality of information sharing, erroneous perceived demand and delays in supply chains [26]. Other examples of internal risks are information technology problems or breakdowns, uncertainties in lead times, power outages, equipment malfunctions and systemic failures [27].
These numerous internal and external risks (and their frequency of occurrence) increase the vulnerability of supply chains and necessitate development of risk mitigation methods and strategies to engender organisational resilience and preparedness [20,28]. Yet, despite these risks elucidated upon, circa 69% of organisations globally have no complete visibility of their supply chains [29] and 30% of organisations fail to analyse the source of disruptions [30]. These compelling statistics engender the need for novel studies that answer the question: what are the blockchain technology applications that could potentially augment supply chain resilience (SCR) against disruption risks? Therefore, this research seeks to define and delineate the potential impact of these applications and their adoption(s) on SCR metrics using a scientometric review of existing literature. Concomitant research objectives are to: provide much needed guidance on blockchain applications for industry practitioners and for organisations planning to adopt them; and create a cyber threat map (as a novel theoretical framework) by identifying common cyber threats according to their target types and their current solutions to contrast those solutions with blockchain potentials. New insights (including a novel framework) generated will serve to incite wider polemic debate but will also provide much needed guidance and clarification for software developers and adopting organizations.

Methodology
The overarching epistemological design adopted a mixed philosophical stance of interpretivism and post-positivism cf. [31][32][33][34] to systematically analyse extant literature using a scientometric approach (a sub-branch of bibliometrics) cf. [35][36][37][38]. As a philosophical approach, interpretivism seeks to understand and interpret a phenomenon under investigation from different points of view in a subjective way [39,40]. Conversely, postpositivism is an approach of pursuing objectivity to reduce the potential effect of researchers' bias by applying both quantitative and qualitative methods of data analysis [41]; in this present study using meta-data analysis. Objectivity in postpositivist paradigm results in establishing nascent theory that enables building categories and dimensions from an irregular data set [42]. Mixed philosophies are widely used within contemporary construction and project management literature. For example, Ghosh et al. [43] explored patterns and trends in the application of the internet of things (IoT) research to identify future applications in the construction industry; and Oshodi et al. [44] conducted a systematic review of construction output modelling techniques. Given the investigative nature of this research, inductive and abductive reasoning [39,45] are adopted to deduce comprehensive conclusions based upon theoretical understanding [40] of blockchain technology applications' impact on SCR. From an approach and methods perspective, the research is conducted in two consecutive stages (refer to Figure 1); where stage one adopts inductive reasoning to conduct a meta-analysis of literature (as a secondary data source) and stage two builds upon this body of knowledge using abductive reasoning and grounded theory. research, inductive and abductive reasoning [39,45] are adopted to deduce comprehensive conclusions based upon theoretical understanding [40] of blockchain technology applications' impact on SCR. From an approach and methods perspective, the research is conducted in two consecutive stages (refer to Figure 1); where stage one adopts inductive reasoning to conduct a meta-analysis of literature (as a secondary data source) and stage two builds upon this body of knowledge using abductive reasoning and grounded theory.

Meta-Analysis Technique
Meta-analysis is a form of inquiry in which studies about investigated phenomenon (each representing a research unit) are aggregated and integrated to summarise literature based on relationships between different research items [46]. Hunter and Schmidt [47] proffer that this method creates cumulative knowledge by eliminating potential distortive effects of primary research whilst maintaining track of ongoing research. To facilitate this first stage, the software tool VOS viewer with functionalities of visualizing, exploring and creating bibliometric networks was adopted [48]. Bibliometric data was sourced from Scopus database with the search rules of TITLE-ABS-KEY (blockchain AND technology AND in AND supply AND chains) AND (EXCLUDE (PUBYEAR, 2021)) AND (EXCLUDE (SRCTYPE, "k") OR EXCLUDE (SRCTYPE, "b") OR EXCLUDE (SRCTYPE, "d")) AND (EXCLUDE (LANGUAGE, "Chinese") OR EXCLUDE (LANGUAGE, "Spanish") OR EX-CLUDE (LANGUAGE, "German") OR EXCLUDE (LANGUAGE, "French")). All these search criteria were selected to source a critical mass of existing publications within the scientific community to perform substantiated literature analysis from different perspectives. This refined search provided 867 publications with 44.2% of conference papers, followed by 44.6% of journal articles, excluding: book series; trading journals; books; and 15 papers that were translated from Chinese, Spanish, German and French. While there was no limit set for "date range" except for excluding 2021, year of publication for pertinent papers started from 2016. Conference papers were sampled because the rapid progress of

Meta-Analysis Technique
Meta-analysis is a form of inquiry in which studies about investigated phenomenon (each representing a research unit) are aggregated and integrated to summarise literature based on relationships between different research items [46]. Hunter and Schmidt [47] proffer that this method creates cumulative knowledge by eliminating potential distortive effects of primary research whilst maintaining track of ongoing research. To facilitate this first stage, the software tool VOS viewer with functionalities of visualizing, exploring and creating bibliometric networks was adopted [48]. Bibliometric data was sourced from Scopus database with the search rules of TITLE-ABS-KEY (blockchain AND technology AND in AND supply AND chains) AND (EXCLUDE (PUBYEAR, 2021)) AND (EXCLUDE (SRCTYPE, "k") OR EXCLUDE (SRCTYPE, "b") OR EXCLUDE (SRCTYPE, "d")) AND (EXCLUDE (LANGUAGE, "Chinese") OR EXCLUDE (LANGUAGE, "Spanish") OR EX-CLUDE (LANGUAGE, "German") OR EXCLUDE (LANGUAGE, "French")). All these search criteria were selected to source a critical mass of existing publications within the scientific community to perform substantiated literature analysis from different perspectives. This refined search provided 867 publications with 44.2% of conference papers, followed by 44.6% of journal articles, excluding: book series; trading journals; books; and 15 papers that were translated from Chinese, Spanish, German and French. While there was no limit set for "date range" except for excluding 2021, year of publication for pertinent papers started from 2016. Conference papers were sampled because the rapid progress of blockchain developments and relatively expedient publication rates means that many researchers (particularly in information technology fields of science) choose to publish their work at these events.

Grounded Theory Technique
Grounded theory analysis was conducted using computer-assisted qualitative data analysis software (CAQDAS) called NVivo to provide a deeper and richer interrogation of the prevailing academic discourse. To narrow the scope of data analysis, this stage commenced with thematic analysis of bibliometric data retrieved from Scopus journal database (obtained from stage 1). All data retrieved were analysed manually in a Microsoft Excel spreadsheet by colour-coding each emerging theme through screening the titles and abstracts of each publication and clustering them together. From initially sourced 867 publications, papers with irrelevant application areas (such as rental service, auditing and public voting) were excluded. Similarly, papers based on generic supply chain management and risk management matters were excepted from the dataset. Based on these screening and filtering processes, thematical clusters of 'case study' (with 89 papers) and 'data security' (with 27 papers) were selected to further study using grounded theory analysis. All the publications in those clusters were retrieved by locating their digital object identifier (DOI) addresses except for those without access or link.
Grounded theory is an approach of analysing data by fragmenting them using key processes of 'coding', 'theoretical sampling' and 'theoretical saturation' [39]. The first stage of open coding reveals emerging concepts in the publications [39]. This approach of data collection (by open coding through selected publications) and analysis is referred as a "theoretical sampling" which is distinguished from other sampling approaches because it emphasises selection of data to generate a theoretical understanding rather than focusing on statistical adequacy of a sample [49]. Further these concepts are aggregated to achieve theoretical saturation, via which categories are generated. Based on these concepts and categories the guidance note of blockchain application for vendors and potential adopters was subsequently generated.

Supply Chain Resilience
Globalization has stimulated organisations to change their strategies to expedite response time and consequently, conventional competition amongst organizations has been transformed into a race between whole supply chains that foregrounded supply chain management and SCR [27,50]. A supply chain is a group of specialists such as supplier, manufacturer, distributor and retailer that create chains through service and production by maintaining a flow of goods and information [50]. It comprises a set of facilities that help in purchasing required materials, transforming them into intermediate or finished goods, eventually distributing these goods to customers [51]. Conversely, supply chain management characterizes planning and control of all business processes, activities regarding the sourcing, inventory and logistics along with coordination and collaboration with other participants in the supply chain [52]. The main objective of supply chain management is to deliver superior customer value by integrating supply and demand management within each organisation as well as whole supply chains [17]. However, the formation of supply chains is scattered globally with different parts of the chain located in different geographical locations; this increases supply chains' vulnerability to disruptions [12,23,53]. This is because, every actor in the supply chain is affected differently by external impacts such as environmental, social, economic and political factors [17,54]. Mitigation or eradication of such risks, can be achieved by integration of the entire supply network and by improving transparency and visibility amongst supply chain participants, which eventually augments SCR [22]. The term resilience has been used in different subjects such as psychology, ecology, economy, social and organisational concepts to denote the ability of a given system to return to a state of equilibrium after temporary disturbance [28]. While, some authors cf. [55,56] analogously accepted this definition in SCR area, others cf. [28,57] define resilience in supply chain as a capability of supply chains to develop preparedness against unforeseen disruptions to respond in a resourceful and timely manner and restore their former condition or preferably in an improved state.
Resilience in supply chains mitigates negative impacts of contingencies by identifying and adopting strategies and apposite plan of actions to recover to its original or better state [20]. A myriad of systematic literature review studies have been conducted to outline SCR strategies, metrics, capabilities and performance measures to identify barriers and enablers to resilience in supply chains [58]. A study by Bhamra et al. [59] discusses literature about resilience in small-to-medium-enterprises (SMEs) during the 1976-2010 timespan and accentuate on the importance of more case-study based empirical studies. Contrary to this view, scholars such as Pereira et al. [60], Tukamuhabwa et al. [21], Ali et al. [58] note the inadequacy of theoretical applications in SCR studies, while Datta [61] proposes using more context-specific interventions. Both Linnenluecke [62] and Sawyerr and Harrison [12] examine high reliability theories stressing the practicality of insights from high reliability studies for SCR improvement.

Supply Chain Resilience Metrics
Measuring resilience in supply chains has stimulated, scholars to define and delineate numerous metrics differently. Common terminologies used by authors to describe SCR metrics include: core dimension [63]; antecedents [20,57,64]; capabilities [65,66]; enablers [60,67]; competencies [68]; elements [55,58,69,70]; formative elements [12,65]; and dimensions [71]. Sawyerr and Harrison [12] conclude that from thirteen formative elements of SCR, 'redundancy', 'human resource management', 'collaboration', 'agility', 'flexibility', 'culture' and 'risk avoidance' resilience metrics can be applied to supply chains. The findings indicate that 'collaboration' with supply chain partners in the event of a disruption is the first prerequisite, because it improves other elements of resilience such as 'visibility', 'awareness' and 'decision making'. More recent research by Shekarian and Parast [20] assess the impact of four common resilience elements, namely: 'flexibility', 'agility', 'redundancy' and 'collaboration' on alleviating demand, supply, process, control and environmental risks. Their findings [20] state that 'collaboration' is the most important strategy to cope with control disruptions, while 'flexibility' is found to be essential to mitigate demand, supply, process and environmental risks in supply chains. Conversely, Karl et al. [27] categorize thirteen elements of resilience into 'pre-disruption', 'during-disruption' and 'post-disruption' phases and analyse their relationship with ten common non-financial key performance indicators (KPI) of organizations. Using co-occurrence analysis, the authors [27] establish that 'financial strength' and 'visibility' resilience elements have no link to any organisational KPIs, whereas, 'knowledge management' present the highest co-occurrence with KPIs.

Blockchain Technology
According to Yoo [72] blockchain is a distributed ledger technology that allows participants in a network to exchange various transactional data between them. This distributed database maintains a constantly growing list of information records in a decentralized way, forming blocks that are protected against tampering and adjustments [72,73]. Blockchain technology is a platform on which various services and applications can be constructed [74]. Depending on the level of accessibility, this platform is differentiated with public, private and consortium types [75]. As the name suggests, public blockchain is a permissionless platform that is openly accessible to anyone to join the network, whereas a private type platform requires permission from network participants to join [76]. Bitcoin and Ethereum are the earliest and most widespread examples of a public type blockchain [77,78]. A consortium type blockchain is a hybrid approach of public and private platforms where network access is allocated to a group of pre-defined members [76,79]. Common aspects (or features) of blockchain technology adopted throughout industry are 'trust', 'data security', 'traceability', 'smart contract', 'decentralization' and 'immutability' [73]. Given this variety of features, extant literature claims that blockchain technology will transform businesses and improve the integration of economic and legal processes in the digital world [80,81]. Specifically, huge potential is anticipated in the automation of activities that require disintermediation to reduce the number of intermediaries between producer and consumers during investments made, thus offering greater security and protection against cybercrime [1,82].

Analysis and Findings
Network maps of scientometric data generated in VOS viewer comprise nodes signifying different items that present an object of interest such as publications, researchers, countries or keywords [35,83,84]. Generally, a map subsumes only one type of item hence, it is uncommon to incorporate, for instance, both publications and keywords in one network map [48]. The size of the network nodes conveys the numerical value of the item to be investigated: the greater the number of certain items occurring, the bigger the nodes [48]. Relationships between those nodes are depicted through links that connect pairs of investigated items. Links symbolize the strength or weight of a connection and therefore, in case the link between items has the strength of one, VOS viewer does not display the strength of link. Depending on the items being presented in those nodes, the links indicates different connections such as: bibliographic coupling links between publications, co-occurrence links between keywords or co-authorship links between researchers [48]. Similar to nodes, each map encompasses only one type of link between any pair of items. VOS viewer allows to create a citation, bibliographic coupling, keyword co-occurrence, co-authorship and co-citation analysis based on bibliometric data. For this present study citation analysis on 'sources', 'documents' and 'authors' units, along with, co-occurrence analysis on 'all keywords' unit had been selected.

Co-Occurrence of Keywords
Visualization of keywords in a visualisation network provides a comprehensive image of existing knowledge and signposts the direction in which current studies are moving [85,86]. The network consists of nodes representing the volume of co-occurring keywords and links portraying the weight or number of publications in which two keywords occur together. With the purpose of achieving rich and comprehensive depiction of keywords in a co-occurrence map, 'all keywords' was selected instead of 'authors' keywords', as building a network on authors' keywords is constrained by authors' knowledge in terms of the number/range of word selections. Therefore, selecting all keywords is preferable approach, except for the situation when network map turns unmanageable and illegible because of the overflow of dataset. The resultant network map illustrated in Figure 2 consists of 4682 items, 61,338 links and 64 clusters.
From the list of keywords prior to network construction, terms 'blockchain', 'blockchain technology', 'supply chain', 'supply chain' and 'supply chain management' were purposefully eliminated from the list to improve visualisation. The network map reveals terms viz. 'internet of things' (IoT), '3D printing', 'digital storage' and 'tracking systems' to be predominate in the field highlighting the popularity of blockchain adoption in combination with those technological developments and its main usage in terms of tracking and tracing the goods in supply chains. All four keywords tend to occur particularly in 2018 and in the beginning of 2019 based on the colour-coded nodes. However, most recent keywords in bright yellow nodes exhibit the potential shift in the research focus. Specifically, 'environmental technology', 'sustainable development', 'sustainability', 'carbon emission' and 'sustainable supply chains' are the most recent keywords in bigger yellow nodes suggesting more recent momentum in the field towards sustainability concerns from earlier studies into cybercrime. From the list of keywords prior to network construction, terms 'blockchain', 'blockchain technology', 'supply chain', 'supply chain' and 'supply chain management' were purposefully eliminated from the list to improve visualisation. The network map reveals terms viz. 'internet of things' (IoT), '3D printing', 'digital storage' and 'tracking systems' to be predominate in the field highlighting the popularity of blockchain adoption in combination with those technological developments and its main usage in terms of tracking and tracing the goods in supply chains. All four keywords tend to occur particularly in 2018 and in the beginning of 2019 based on the colour-coded nodes. However, most recent keywords in bright yellow nodes exhibit the potential shift in the research focus. Specifically, 'environmental technology', 'sustainable development', 'sustainability', 'carbon emission' and 'sustainable supply chains' are the most recent keywords in bigger yellow nodes suggesting more recent momentum in the field towards sustainability concerns from earlier studies into cybercrime.

Key Authors, Papers, Countries and Journals
Data included in Table 1 describes the top ten most prolific sources, authors and countries and top ten mostly cited sources, authors and papers. Data was extracted from VOS viewer in the process of citation analysis and was manually sorted in a Microsoft Excel spreadsheet. Countries such as United States, India, United Kingdom and China are the most prominent in terms of publications and perhaps reflects the proportionate number of supply chains across those countries. As Singh et al. [50] suggest, most global supply chains are in USA, India, UK, China and Germany, which makes these countries most attracted to the field of supply chains and associated advanced technological developments in supply chains that could improve organisational performance. Additionally, an overlay visualisation of these indicators during citation analysis revealed that papers of those countries are predominantly from the period of 2018-2019 years, whereas developing countries such as Bangladesh, Peru, Chile, Kazakhstan, Iran, Turkey and Tunis have conducted and published studies predominantly in 2020. This geographical expansion

Key Authors, Papers, Countries and Journals
Data included in Table 1 describes the top ten most prolific sources, authors and countries and top ten mostly cited sources, authors and papers. Data was extracted from VOS viewer in the process of citation analysis and was manually sorted in a Microsoft Excel spreadsheet. Countries such as United States, India, United Kingdom and China are the most prominent in terms of publications and perhaps reflects the proportionate number of supply chains across those countries. As Singh et al. [50] suggest, most global supply chains are in USA, India, UK, China and Germany, which makes these countries most attracted to the field of supply chains and associated advanced technological developments in supply chains that could improve organisational performance. Additionally, an overlay visualisation of these indicators during citation analysis revealed that papers of those countries are predominantly from the period of 2018-2019 years, whereas developing countries such as Bangladesh, Peru, Chile, Kazakhstan, Iran, Turkey and Tunis have conducted and published studies predominantly in 2020. This geographical expansion proves that the proliferation of blockchain adoption and interest across all continents has gathered momentum but that developing countries lag behind this development pace. Not surprisingly, 'IEEE Access' (an open-source and peer-reviewed journal) dominates the field with 35 publications (indicated in the first section of Table 1) and 1118 citations (in the second section of Table 1), as blockchain technology's applications in terms of 'data security', 'smart contracts' and 'distributed ledger platform' attract more researchers from the technology field. IEEE Access is an electronic-archival journal published by the Institute of Electrical and Electronics Engineers that presents the results of research and developments across electronics engineering field of interest [97]. Based on the network visualisation map, the sources such as 'International Journal of Information Management' with 13 publications and 'International Journal of Production Research' with 17 publications have the most recent publications in this field, alongside being in the most productive top ten journals list.
The most prolific author in the field is Li, Z. with 10 papers, followed by Choi, T. and Wang, Y. with 9 papers in the field. Li, Z. is an academic from Guangdong University of Technology in China, renowned in Engineering, Computer Science and Social Sciences subject areas. Three of Li's papers are on the traceability aspect of blockchain technology in food supply chains, while six other publications are a combination of different blockchain technology applications in industry and service. From the top ten list of authors with the most publications, Li, Z. has collaborated with Queiroz, M. A. and a more recent article by Li, Z. in the field of blockchain technology presents a content-analysis based literature review of blockchain adoption in food supply chains and offers four benefits and five associated challenges of blockchain adoption in this sector [73]. The four main benefits of blockchain technology adoption were: 'food traceability'; 'recall efficiency'; 'information transparency'; 'efficiency combined with IoT' while barriers to adoption were listed as: 'lack of deeper understanding of blockchain'; 'raw data manipulation'; 'getting all stakeholders'; 'buy-in unanimously'; 'deficiency of regulation' and 'technology difficulties' [73]. In terms of highly cited documents in the field, an article by Mengelkamp et al. [87] prevails placing all six authors (namely: Mengelkamp, E., Kessler, S., Gärttner, J., Orsini, L., Rock, K. and Weinhardt, C.) fourth after Tian, F. with 643 citations, Sarkis, J. with 511 citations and Kouhizadeh, M. with 488 citations. Tian, F. has only two articles in the field in 2016 and 2017, both of which are frequently cited by other academics. Both studies are on applications of blockchain traceability feature in combination with IoT and RFID in food supply chains. In contrast, the study by Mengelkamp et al. [87] is conducted in blockchain based local energy trading. This case-study based research [87] concludes that blockchain technology is appropriate to operate in a decentralized microgrid energy market, as it meets their seven identified market components delineated upon in their study's framework.

Findings from Grounded Theory Analysis
Based on extensive manual screening of topics and abstracts mined from Scopus in thematic analysis, the field of blockchain technology in supply chains generated six thematic clusters as illustrated in the Figure 3. Emergent themes of 'case study', 'challenges and opportunity', 'traceability', 'smart contract', 'blockchain and IoT' and 'data security' have been observed. The graph demonstrates a trend of publications in each cluster respectively which covers a timespan from 2016 and 2020.
In order to maintain consistency between the aim of this study and processes taken to achieve them, the 'case study' (with 89 papers) and 'data security' (with 27 papers) thematic groups were selected to study in grounded theory analysis; albeit, only the case study cluster was analysed further for this present research. During the analysis of the 'case study' cluster publications in NVivo, 19 nodes emerged to be nascent concepts in the initial opencoding stage. As a result of iterative subsequent coding stages, concepts were aggregated into categories. Consequently, three main categories of 'case studies', 'application of blockchain with other technologies' and 'blockchain technology in different industries' were generated. In the 'case study' category different examples of blockchain project (e.g., credit evaluation system [10]; tracking system for medicine traceability [79]; carbon trading, tracking [98]) in different industries (e.g., food supply chains, pharmaceutical, shipping, construction and oil gas) were identified. Some of the examples were case studies and pilot projects and others were various use cases that could be adopted as proof of concepts that required further development and testing. Concepts such as 'trust', 'traceability', 'cybersecurity', 'smart contract' and 'distributed ledger technology' were developing from the analysis to be the main features of blockchain technology. Further, all identified concepts and categories were analysed in cluster analysis (refer to Figure 4). In order to maintain consistency between the aim of this study and processes taken to achieve them, the 'case study' (with 89 papers) and 'data security' (with 27 papers) thematic groups were selected to study in grounded theory analysis; albeit, only the case study cluster was analysed further for this present research. During the analysis of the 'case study' cluster publications in NVivo, 19 nodes emerged to be nascent concepts in the initial open-coding stage. As a result of iterative subsequent coding stages, concepts were aggregated into categories. Consequently, three main categories of 'case studies', 'application of blockchain with other technologies' and 'blockchain technology in different industries' were generated. In the 'case study' category different examples of blockchain project (e.g., credit evaluation system [10]; tracking system for medicine traceability [79]; carbon trading, tracking [98]) in different industries (e.g., food supply chains, pharmaceutical, shipping, construction and oil gas) were identified. Some of the examples were case studies and pilot projects and others were various use cases that could be adopted as proof of concepts that required further development and testing. Concepts such as 'trust', 'traceability', 'cybersecurity', 'smart contract' and 'distributed ledger technology' were developing from the analysis to be the main features of blockchain technology. Further, all identified concepts and categories were analysed in cluster analysis (refer to Figure 4).  The dendrogram was created selecting 33 most frequently occurring keywords with minimum length of three words in NVivo word frequency query. Stemmed words with similar meaning were filtered by adding them to 'stop words list'. For a similarity metric to form clusters 'Pearson correlation coefficient' was selected, which means that words that have higher degree of similarity based on their occurrence and frequency are shown clustered together and words with lower degree of similarity are displayed further apart. The dendrogram was created selecting 33 most frequently occurring keywords with minimum length of three words in NVivo word frequency query. Stemmed words with similar meaning were filtered by adding them to 'stop words list'. For a similarity metric to form clusters 'Pearson correlation coefficient' was selected, which means that words that have higher degree of similarity based on their occurrence and frequency are shown clustered together and words with lower degree of similarity are displayed further apart. The formation of these clusters demonstrates three main branches (in Figure 4) that describe blockchain technology's main functions and their uses: 'trust and transparency in transactional use', 'data access and security use in public and private sectors' and 'smart contract and traceability system use for process improvement and information sharing'. From which the latter two branches together form the biggest cluster in the dendrogram stating about the most frequently used application of blockchain technology. For finer scrutiny of the impact of blockchain technology on SCR, keywords of SCR metrics were analysed in word frequency as depicted in word cloud in the Figure 5 to contrast them with the most cited 28 resilience metrics identified through preliminary literature review. Based on this analysis, it can be concluded that resilience metrics such as 'information sharing', 'integration', 'risk management', 'visibility' and 'collaboration' to be pivotal in the times of disruption. Moreover, adoption of blockchain technology augments these metrics by removing all the existing silos amongst supply chain participants and increasing connectivity and visibility between them.

Discussion
Using both sets of analyses, it can be concluded that blockchain technology has implications on SCR in terms of 'visibility', 'risk management', 'integration', 'collaboration' and 'information sharing'. Other SCR metrics such as 'agility', 'flexibility', 'company's knowledge' and 'redundancy' were not at the centre of discussion by researchers who were studying blockchain applications. The 'visibility' metric tends to be improved in the cases of blockchain technology adoption in the form of traceability systems [80,99] whilst 'information sharing' and 'collaboration' metrics are enhanced in instances of blockchain technology adoption for distributed ledger technology features [82,100]. However, there are some opponents of this idea of improving interconnectivity who claim the ever-growing connectivity itself to be a precursor for the cyberspace disruption caused by cybercriminal attacks or cyber warfare [101]. Examples of cyber-attacks on financial entities' and organisations' information systems by targeting their: operational systems, data server, Supervisory Control and Data Acquisition (SCADA) control systems [101,102];

Discussion
Using both sets of analyses, it can be concluded that blockchain technology has implications on SCR in terms of 'visibility', 'risk management', 'integration', 'collaboration' and 'information sharing'. Other SCR metrics such as 'agility', 'flexibility', 'company's knowledge' and 'redundancy' were not at the centre of discussion by researchers who were studying blockchain applications. The 'visibility' metric tends to be improved in the cases of blockchain technology adoption in the form of traceability systems [80,99] whilst 'information sharing' and 'collaboration' metrics are enhanced in instances of blockchain technology adoption for distributed ledger technology features [82,100]. However, there are some opponents of this idea of improving interconnectivity who claim the ever-growing connectivity itself to be a precursor for the cyberspace disruption caused by cyber-criminal attacks or cyber warfare [101]. Examples of cyber-attacks on financial entities' and organisations' information systems by targeting their: operational systems, data server, Supervisory Control and Data Acquisition (SCADA) control systems [101,102]; critical national infrastructure (CNI) [101]; industrial control systems (ICS) and internet of things (IoT) [103,104]. Such attacks in the public sector have given rise to the question as to whether blockchain technology is immune to criminal or nefarious activities in the digital world. Figure 6 depicts commonly known cyber-attacks (such as ransomware, Distributed Denial of Service (DDoS), phishing, IoT attacks, insider threat, AI/machine learning-based attacks, spear-phishing and web-based attacks)-each of which has different targets and different motives for interception or infiltration [105]. The figure was developed based on the 'data security' cluster publications that describe four main attack vectors namely: software, people, network and hardware that adversaries exploit for data breach, data mining, cyber espionage, to obtain ransom or merely to cause chaos and disruption [101][102][103][104]. From four potential attack vectors, targeting people or staff of the organizations (e.g., by using phishing or spear-phishing technique) is the most vulnerable and easy threat vector for cyber-attackers [106]. In addition to these potential vulnerabilities to cyber-attacks, there is another inherent downside in traditional data storage method, namely: storing all critical digital assets in a centralized way inadvertently creates a single point of failure and easy target for adversaries. As described in the Figure 6, multiple prevention, detection or remediation control tools are currently available to prevent already known cyber-attack types, yet there is no largely offered solutions against unknown attacks. A myriad of research has been conducted in this field; contrasting blockchain technology solutions with cloud computing [102,105] or with traditional databases [107,108] and claiming that single-point-of-failure type data storage practices lead to the breach of mission critical data. This in turn poses a tangible threat to individuals, organization and consequently to the whole supply chains [102].
Because blockchain technology provides permanent record-keeping of all data with their authorized entrance source in a tamper-proof and decentralized way, it retains the intrinsic potential to address the issues associated with both easy attack vector and singlepoint-of-failure weakness alluded earlier [107]. With blockchain technology all data The figure was developed based on the 'data security' cluster publications that describe four main attack vectors namely: software, people, network and hardware that adversaries exploit for data breach, data mining, cyber espionage, to obtain ransom or merely to cause chaos and disruption [101][102][103][104]. From four potential attack vectors, targeting people or staff of the organizations (e.g., by using phishing or spear-phishing technique) is the most vulnerable and easy threat vector for cyber-attackers [106]. In addition to these potential vulnerabilities to cyber-attacks, there is another inherent downside in traditional data storage method, namely: storing all critical digital assets in a centralized way inadvertently creates a single point of failure and easy target for adversaries. As described in the Figure 6, multiple prevention, detection or remediation control tools are currently available to prevent already known cyber-attack types, yet there is no largely offered solutions against unknown attacks. A myriad of research has been conducted in this field; contrasting blockchain technology solutions with cloud computing [102,105] or with traditional databases [107,108] and claiming that single-point-of-failure type data storage practices lead to the breach of mission critical data. This in turn poses a tangible threat to individuals, organization and consequently to the whole supply chains [102].
Because blockchain technology provides permanent record-keeping of all data with their authorized entrance source in a tamper-proof and decentralized way, it retains the intrinsic potential to address the issues associated with both easy attack vector and singlepoint-of-failure weakness alluded earlier [107]. With blockchain technology all data shared in a network are performed in an encrypted version which creates another layer of protection against the intrusion or data breach that usually occurs on network level attack vector. Single point of failure risk is eliminated with decentralization; while threat of insider attack (from people attack vector) is eradicated with the traceability capability of permanent record (supported by a digital signature feature) of all the transactions performed by legitimate users in the permissioned network. However, despite all these potential benefits of improving resilience against multiple occurring disruptions in the 'physical' and 'digital world', prevailing literature also reveals numerous challenges associated with blockchain implementation for both vendors and adopters. This problem enhances the importance of developing guidance (as a theoretical framework) for potential adopters and vendors (refer to Figure 7). 'physical' and 'digital world', prevailing literature also reveals numerous challenges associated with blockchain implementation for both vendors and adopters. This problem enhances the importance of developing guidance (as a theoretical framework) for potential adopters and vendors (refer to Figure 7). As the main success factor for new technology adoption is to prevent misalignment between organizational requirements and technological propositions, potential adopters should clearly define their own needs based on which select corresponding application and functionalities of blockchain technology [81,108,110]. Similarly, vendors are required to assess the suitability of organisations' needs and available blockchain solutions [81,95]. For measuring a return on investment (ROI), the potential value and cost of new technological solution must be considered [111][112][113]. For instance, adopting a traceability system is worthwhile for high value goods (such as diamonds) in order to prevent counterfeit [95] or products with greater risk of contamination (such as medicine or dairy and meat products) [81,110]. Whereas, software developers or vendors should assess the feasibility and adaptability level of the industry the adopter is operating in, to ensure the successful adoption of proposed solution [109,110]. Lastly, it is compulsory for adopters to consider interoperability of their selected blockchain solution within supply chains, as the merits of this disruptive technology are leveraged through broad acceptance rather than being limited to one organization only [109,113,114]. Moreover, vendors should evaluate the technological maturity level of potential adopters for successful adoption of the technology [110,113,114]. As the main success factor for new technology adoption is to prevent misalignment between organizational requirements and technological propositions, potential adopters should clearly define their own needs based on which select corresponding application and functionalities of blockchain technology [81,108,110]. Similarly, vendors are required to assess the suitability of organisations' needs and available blockchain solutions [81,95]. For measuring a return on investment (ROI), the potential value and cost of new technological solution must be considered [111][112][113]. For instance, adopting a traceability system is worthwhile for high value goods (such as diamonds) in order to prevent counterfeit [95] or products with greater risk of contamination (such as medicine or dairy and meat products) [81,110]. Whereas, software developers or vendors should assess the feasibility and adaptability level of the industry the adopter is operating in, to ensure the successful adoption of proposed solution [109,110]. Lastly, it is compulsory for adopters to consider interoperability of their selected blockchain solution within supply chains, as the merits of this disruptive technology are leveraged through broad acceptance rather than being limited to one organization only [109,113,114]. Moreover, vendors should evaluate the technological maturity level of potential adopters for successful adoption of the technology [110,113,114].

Conclusions
The findings of this present study suggest that the field of blockchain technology remains embryonic and yet, the field is also rapidly evolving to meet societal, economic and political needs. However, despite several introduced proposals and use cases by researchers cf. [1,10,100,112,115,116] there is still a notable deficiency of applications of blockchain technology in supply chains in real world contexts. Moreover, most use cases lack standard methods to design and consequently validate the blockchain solutions [112]. According to Deloitte Insights [117] only 8% of blockchain projects are continued, whereas the remaining initiatives tend to fail. This failure can perhaps be attributed to users (rather than organizations) who are developing stand-alone blockchain applications instead of foundational libraries that allow to create multiple applications [117]. Additionally, projects initiated by commercial organizations tend to have higher adoption rates compared to users' developments, as organizational blockchain projects are reportedly five times more likely to be copied [117]. This present study also reveals the latest trends and potential gaps within this systematic literature review that employed meta-analysis, thematical analysis and grounded theory analysis methods. The much-needed clarity provided by this present study will enable both researchers and practitioners to review the blockchain technology landscape and better understand developments in this field. Moreover, contributions of the present study can be recognised by achievement of aims and objectives delineated at the outset of this work, but also by practical implications in the form of cyber threat map and guidance note that elucidates upon requirements for both software developers and vendors. Different perspectives are provided about the value of this technology, not only to improve trust, time and cost effectiveness, but also to augment the overall SCR in the times of internal or external disruptions.
However, all indicated contributions carry some constraints and limitations that must be considered further. The guidance framework provided for adopters and vendors represent an indicative list of guidance and is by no means exhaustive. This list of guidance must be expanded in scope and enriched with more insights from applications of blockchain technology in real-world contexts; such work would expand upon the academic research literature studied in this paper-some of which may be based on pure theory not practice. With a substantial number of case studies in the field, studying the impact of each specific applications of blockchain technology (such as smart contract, traceability systems or DLT) on each resilience metrics could provide greater insights for practitioners and create new directions for enthusiastic researchers. Furthermore, solutions indicated in the cyber threat map are exclusively based on current tools and technologies used to prevent, detect or remediate the aftermath of disruption: the map does not cover available frameworks or standards to manage the risk and threat of cyber-attack occurrences.
Despite the initial precautious hype about blockchain technology with its introduction in cryptocurrency (specifically within the financial sector), its various applications with promising features became the reason for its proliferation. On the contrary, banks, insurers and brokerages have started to actively test ways of harnessing its merits. Because regulators have not yet determined certain standards around utilization of blockchain-based systems, (which is one of the challenges of blockchain adoption) this initial interest by financial sector could serve as a starting point for policymakers to develop and apply formal regulations. Currently the International Organization for Standardization (ISO) is developing the ISO/TC307 standard that will contribute towards establishing market confidence and augment proper adoption of the technology [118]. However, there remains a caveat to blind widespread adoption of blockchain technology, as the most common reason of technology adoption projects' failure tends to occur because of the misfit between organisational requirements and technological proposition. Therefore, for successful blockchain technology adoption, adopters should rigorously ascertain their own needs first, then identify their functional and non-functional requirements from this technology. In conclusion, as with every technological adoption, the main point to consider is that any technology is merely an enabler and not the panacea to a problem that organizations hope to tackle. Therefore, other organisational aspects such as processes and particularly people must be considered, as staff resistance to changes implemented is another reason of most project failures. This aspect is particularly pivotal in blockchain adoption, as its merits can be leveraged only when multiple stakeholders implement collectively. Otherwise, interoperability of different blockchain applications could be another difficulty they face.

Institutional Review Board Statement:
The study was conducted according to an ethical protocol that was approved by the Computing, Engineering and the Built Environment Faculty Academic Ethics Committee) of Birmingham city University (Edwards/#7741/sub1/Mod/2020/Sep/CEBE FAEC-BNV6200 ACM Version D.J. Edwards-13 October 2020).

Informed Consent Statement:
Informed consent was obtained from all subjects involved in the study.
Data Availability Statement: Data is available from the corresponding author upon written request and subject to review.

Conflicts of Interest:
The authors declare no conflict of interest.