Security Supply Chain Using UAVs: Validation and Development of a UAV-Based Model for Qatar’s Mega Sporting Events

: Unmanned aircraft vehicles (UAVs) are now used to support security precautions in search and rescue operations to track and evaluate critical services, to provide cybersecurity measures by transporting security supply chain management (SCM) to sports events, and to aid efforts to safeguard the spectators from attacks. A drone may quickly ﬂy over sports grounds, scan the area for potential dangers


Introduction
Emerging information technologies (EITs) and significant ongoing problems have resulted in the digitalization process acting as a complement to the adoption of digital supply chain management (SCM) and more cutting-edge strategies [1]. In today's globalized era, a supply chain perspective has emerged as the primary unit serving as an organizational principle [2]. This SCM perspective faces multiple challenges, including cybersecurity, which companies have to properly and progressively manage to be able to broaden their SCM activities beyond their borders [3]. Cybersecurity in SCM has recently gained considerable relevance because unmanned aerial vehicles (UAVs) make it possible for supply chain stakeholders to gather, transport, store, and analyze a massive quantity of data at a low cost while also being able to share facts and information [4][5][6]. In addition, UAV implementation in SCM operations exhibits a significant improvement in process target UAVs or the data they collect [27]. Meanwhile, downstream problems arise because of the event that has already taken place. The protection of the spectators' and players' personal information and privacy is one of the most significant issues that arise due to this. Using UAVs to record video footage and collect data can result in privacy concerns, mainly if the data needs to be adequately secured or used for purposes that are not authorized [27]. Whether or not using UAVs at mega sporting events is cost-effective raises another issue further down the line. The cost of purchasing and operating UAVs, in addition to the cost of training and certifying operators, can be a significant investment for event organizers. The proposed SCM perspective to manage cybersecurity challenges at mega sporting events is shown in Figure 1. Problems further upstream are referred to as "upstream" problems, which arise before an event. The regulatory framework for UAVs is one of the most significant upstream challenges. There needs to be more harmonization among the regulations governing UAV use at mega sporting events. The regulations vary from country to country [25], which results in uncertainty for both the event organizers and the UAV operators, ultimately affecting the planning and execution of UAV operations. Issues that arise in the middle of an event are called "midstream problems." One of the most significant issues during the midstream concerns the security of UAV operations. According to Lopez et al. [26], the use of UAVs in crowded and confined spaces, such as stadiums, can pose a safety risk to the spectators and players, or could collide with other UAVs or objects. Another issue that needs to be addressed in the middle of the process is the potential for cyberattacks that target UAVs or the data they collect [27]. Meanwhile, downstream problems arise because of the event that has already taken place. The protection of the spectators' and players' personal information and privacy is one of the most significant issues that arise due to this. Using UAVs to record video footage and collect data can result in privacy concerns, mainly if the data needs to be adequately secured or used for purposes that are not authorized [27]. Whether or not using UAVs at mega sporting events is cost-effective raises another issue further down the line. The cost of purchasing and operating UAVs, in addition to the cost of training and certifying operators, can be a significant investment for event organizers. The proposed SCM perspective to manage cybersecurity challenges at mega sporting events is shown in Figure 1.
The use of UAVs at mega sporting events offers many benefits, including providing new perspectives, analyzing data in real time, and improving the overall experience for both players and spectators. In contrast, it imposes several challenges upstream, midstream, and downstream that must be resolved. A coordinated and harmonized regula- The use of UAVs at mega sporting events offers many benefits, including providing new perspectives, analyzing data in real time, and improving the overall experience for both players and spectators. In contrast, it imposes several challenges upstream, midstream, and downstream that must be resolved. A coordinated and harmonized regulatory framework, advanced safety measures, and robust privacy and data protection policies are required to guarantee the safe, secure, and efficient use of UAVs during mega sporting events. The use of UAVs in the SCM stages is growing, and with it comes advantages for sports and games. However, it increases the complexity of scalability and cybersecurity, as well as the SCM of security and preventive measures for sporting events. Each of these streams in the security of mega sporting events is simultaneously responsible for managing security measures (i.e., cameras, sensors, and flying capacities), safety assurance, and information using UAVs. This procedure calls for an integrated supply chain strategy to handle the difficulties that exist throughout the entire chain and to increase the efficiency of complicated supply chain networks [28]. The best way to capture the factors behind the difficulties and possibilities in cybersecurity ahead of the impact of future mega sporting events is to understand the motives that lead Qatar to organize such an event. Talavera et al. [12] conducted a study on Qatar's mega sporting events and found several challenges in providing measures to secure these events. As a result, the most important challenge for public policy is to enhance cybersecurity by eliminating the present drawbacks inherent to the cybersecurity issues that link Qatar to mega sporting events [29]. Therefore, Ganji [29] offered an "unmanned aerial system (UAS)" for automating cybersecurity measures in order to secure mega sporting event processes. This system can detect cybersecurity threats and cyberattacks more quickly than human operators can, and can locate objects in a warehouse based on the signal from their tags.
Due to the growing need for more modern security measures, using unmanned aerial vehicles (UAVs) for cybersecurity purposes at large athletic events, concerts, and playgrounds has received much attention recently. Several nations' event management procedures have incorporated UAV-based cybersecurity strategies, which have been adopted and implemented. According to Cooper et al. [10], unmanned aerial vehicles (UAVs) in the United States have been used to deliver real-time situational awareness and threat identification around the perimeter of large-scale events such as the Super Bowl. Similarly, law enforcement agencies in the United Kingdom have begun using unmanned aerial vehicles (UAVs) to monitor security at high-profile events such as the Glastonbury Festival and the London Marathon [27]. This has increased both public safety and improved coordination among security professionals. According to Abbas et al. [18], the New South Wales Police Force in Australia has successfully integrated unmanned aerial vehicles (UAVs) into its security measures for large events such as the celebrations held in Sydney on New Year's Eve and the Australian Open. Even if SCM practices are becoming increasingly commonplace, the cybersecurity of UAVs is still a challenge [30]. Investigators at Johns Hopkins University have discovered vulnerabilities in UAV technology, including those that might be exploited by hijackers, man-in-the-middle attackers, and injection hackers during sporting events [29]. Because of this, numerous challenges regarding the safety, security, and dependability of using UAVs for SCM have been voiced. As a result, there is a need to alleviate the concerns regarding the safety and security of UAVs via monitoring their every movement in the cybersecurity supply chain.
This study relied on UAV-based cybersecurity to bring drones back to sporting events if they began to deviate from their intended path. We identified the challenges in implementing a proper UAV framework and have proposed opportunities to handle security issues and cyberattacks in the SCM at mega sporting events. In particular, we developed a new UAV-based cybersecurity framework that assesses the performance of UAVs at mega sporting events. This UAV framework offers the possibility of the SCM of cybersecurity supplies. In addition, UAVs may fly on their own using the digital security and safety built into them or can be controlled remotely using a controller. This study developed a testable UAS-based security model to enhance the SCM-carrying UAVs that guarantee the supply of security and safety measures at mega sporting events. Specifically, we aimed to cover the following objectives when designing a model that measures SCM:

1.
To identify the challenges in the SCM process; 2.
To propose a research framework for the implementation of UAS-based cybersecurity for SCM at Qatar's mega sporting events; 3.
To assess the upstream, midstream, and downstream stages in the implementation of the UAS-based cybersecurity model for SCM at Qatar's mega sporting events; 4.
To develop a testable UAV-based security framework for the SCM of security and safety measures.

Diffusion of Innovation (DOI) Theory
This study explored the significance of the diffusion of innovation (DOI) theory for a UAV-based cybersecurity framework to develop a conceptual model for cybersecurity SCM. This allowed us to put more effort into the dark side of UAV-based cybersecurity. A technology, design, method, practice, vision, or attitude that is new to the team that adopts it can be classified as an innovation [31]. DOI is the method by which a technology spreads over various contexts [29]. UAS-based cybersecurity operations are still relatively unexplored in the SCM practices at mega sporting events because implementing UAS-based Drones 2023, 7, 555 5 of 20 cybersecurity necessitates using new technology, processes, and resources in addition to incurring financial costs [23,26]. Due to the implementation of cybersecurity, the DOI theory emphasizes technology issues in addition to a system's internal and external qualities [32].

Cyber Threats and Attacks at Mega Sporting Events
A mega sporting event is typically defined as attracting a large number of spectators, generating significant economic impact, and receiving widespread media coverage. However, events that attract tens of thousands or more spectators and involve multiple venues or locations requiring substantial infrastructure and logistical support, which generate billions of dollars in economic impact, can be considered mega sporting events. Examples of such events include the Olympic Games, FIFA World Cup, and the Super Bowl. Therefore, it is likely that cybercriminals will engage in actions of a similar nature throughout the following few years, given the widespread appeal of the FIFA World Cup, Olympic Games, FIFA World Cup, and Super Bowl, as well as the strong demand for tickets and flights [33]. Understanding these rising events in depth is the only effective strategy to reduce the risk of being targeted by cyberattacks during such occasions. In advance of the arrangements for the World Cup, the Qatar government has already produced a cybersecurity framework, but previous cybersecurity practices did not overcome cyberattacks during other mega sporting events [34,35]. Therefore, this study developed a UAV-based cybersecurity framework that specifies the UAS-based cybersecurity needs to secure national key infrastructure hosting the FIFA World Cup and focuses on the Qatar Nation Vision 2030 [36]. Undoubtedly, security experts will have a better grasp of the potential dangers and will be more likely to protect themselves against them if they receive a steady flow of realistic threat intelligence before and throughout the event. Better security of UAV technology and increased resistance to targeted cyberattacks can be achieved by identifying the potential points of vulnerability and then taking the appropriate steps to resolve them. Users not paying attention to their surroundings have a reduced risk of having their personal information stolen by hackers using this method. It is also possible to decrease the possibility of assaults on a more extensive scale by keeping an eye on and exercising control over the flow of knowledge over these networks.

Challenges in UAS-Based Security at Mega Sporting Events
UAVs are the ideal complement to ground security due to their speed, size, degree of mobility, and added technological capabilities. They make it possible for security staff to monitor mega sporting events more rapidly and effectively. As a result, UAVs have a competitive edge over sensory cameras because intruders cannot swiftly move out of view. Unfortunately, UAVs can lead the mission to be aborted; many drones automatically return to their main base if communication is lost, or they might be triggered to collapse [6]. In parallel to this, attackers can also compromise the central command system of a drone in order to seize control of the UAV. UAVs are susceptible to both of these vulnerabilities in cybersecurity practices. Nevertheless, we can generally aggregate them into three main consequences that UAVs have on the human psyche: a lack of privacy, feelings of uneasiness and anxiety, and alterations in the mechanics of social interactions [37]. Regarding high-tech items in general, security is almost always an issue, and UAVs are no exception at mega sporting events. Communication between UAVs and their remote operators is frequently encrypted. In contrast, the encoded codes frequently remain the same (that is, static), which makes it an excellent and straightforward target for hijacking [6]. Therefore, there are many challenges in the implementation of UAV-based cybersecurity in SCM measures.
Meanwhile, the efficiency of a supply chain has an immediate and direct impact on organizational performance [38]. Nevertheless, the shift from a linear to a supply chain is difficult for enterprises to undertake [39]. When the challenges surrounding the supply chain are studied from a macro-viewpoint, the primary problem is the need to alter the entire SCM following the fundamental components of supply security. According to Ellen [40], there seem to be three of these components, referred to as serviced business Drones 2023, 7, 555 6 of 20 models, enablers, and reverse logistics. Bressanelli et al. [41] noted that it is unlikely that a corporation will restructure their complete SCM all at once; instead, there is a greater possibility of focusing on security issues. This viewpoint is supported by the evidence presented in the previous paragraph. The researchers attempted to identify significant challenges in the supply chain, establishing an interpretative structural model by evaluating their interactions in successfully adopting supply chain practices. Mangla et al. [42] researched the challenges in supply chain management, particularly in emerging economies.
Levering and Vos [43] concentrated on adopting and implementing procedures to attain a supply chain process. They identified the challenges and drivers of supply chain management for four distinct industries by considering the sustainable practices that were already in place. In addition, Saroha et al. [44] carried out a comprehensive literature review on recognizing SCMs' challenges. These challenges were separated into the following categories: regulatory challenges, technical challenges, skills and knowledge challenges, management challenges, social challenges, and marketing challenges. They wanted to provide an initial framework in the hope of a better understanding of SCM challenges. In particular, Pan et al. [45] mainly focused on supply chains and glanced at methods to achieve recycling by concentrating on issues such as waste management and energy needs. They categorized challenges into technological, institutional, financial, and regulatory. (Table 1) offers an overview of the SCM challenges reported in various research works. These challenges come from a variety of sources.

Unmanned Aerial Vehicle-Based Security and SCM
After conducting research into the various sensing technologies and countermeasures that are now available to defend against the use of drones, previous research on cybersecurity has been expanded upon by incorporating UAVs and drones into the cybersecurity supply chain. Previous studies have determined and assessed several potential attack scenarios involving the use of UAVs. This study's primary objective was to demonstrate the potential dangers to public safety and security posed by the improper use of unmanned aerial systems (UASs) and to suggest appropriate countermeasures and counter-UAS technologies that are both efficient and applicable in UASs to endorse aviation's resilience against cyber threats. Wang, Liu, and Song [6] also framed a model and found that UAVs are used in the supply chain deliveries of healthcare materials and products, but unfortunately, the currently available UASs are unable to provide appropriate computing and power supplies. Vision-based detection can be installed in ground-based stations, UASs, and manned aircraft [6]. UASs, on the contrary, provide substantial difficulties to society in terms of issues relating to safety, privacy, and security [37]. The occurrence of events involving drones in close proximity to cybersecurity facilities is becoming increasingly common in modern times. These occurrences are predicted to increase in frequency, difficulty, and intensity as drones grow in size and capability. Infrastructures need to have appropriate countermeasure technologies, strategies for risk management, and resiliency plans in place in order to be safeguarded from cyberattacks and ensure effective SCM [37].
Security and privacy should always be a primary priority when working with any digital technology [51]. Security is a significantly more pressing issue than usual, given the nature of UAVs and the fact that remote wireless communication can take place. The integrity and privacy of the infrastructure, networking, and information in UAVs are the primary targets of most cyberattacks that can be launched against UAV networks. There is a risk of data being intercepted between UAVs and supply chains due to operations such as keylogging and eavesdropping [52], compromising the confidentiality of the information being transmitted. These kinds of assaults happen because there are not enough stringent transmission and encryption regulations, resulting in illegal access to personal information. The data entered on a computer can be monitored through keyloggers, historically utilized for a variety of purposes, including the monitoring of children's online activities, the monitoring of sensitive information provided by employees, and the monitoring of criminals. These days, keyloggers are explicitly utilized for stealing data, either in the instance of automated teller machines, where keyboard sniffers can retrieve a user's PIN, or in unmanned aerial vehicles, the privacy of communication transferred between numerous UAVs can be breached. Keyloggers can access information directly over the Internet and are undetectable by antivirus software since they store their data in encrypted form. Eavesdropping, also known as illegal monitoring of transmission, is a procedure that can control the communication between many UAVs, as the title suggests.
Because of essential properties such as decentralization, integrity and traceability, data dependability, transparency, security and privacy, and trust may scale up the confidentiality and security of UAV-based SCM; also known as UAV-to-everything [30]. There have been a significant number of problems with data security and privacy problems, and academics from all over the world have proposed many methods to secure data from cyberattacks [30]. The solutions that have been offered protect users' privacy and data while also lowering the cost of data storage and improving the efficiency of the network. While BC ensures the safety and confidentiality of UAVs, it raises the bar for the performance of network characteristics. The protection of users' information and privacy is the primary concern in UAV-based SCM [51]. In order to address concerns regarding cost and latency, Koubaa et al.  [51] studies. The one disadvantage each of them share is that there is no trust developed among the many stakeholders because the security factor is not addressed at any point [53]. When put into practice, the management of SCM can assist in the identification of compromised UAVs on the premise of trust policies. According to research, such UAV systems are ideally suited for incorporating artificial intelligence (AI) technology to foster trust among UAVs and provide secure communication. AI technology has the capacity to carry out applications in situations where there needs to be a guarantee of confidence between the various stakeholders. In order to preserve players' trust in one another and their integrity throughout the SCM process, AI technology utilizes smart contracts (SCs) [23,37].
This study focused on knowledge, acceptability, and preparedness to occupy UAV technologies to assist decision-makers in security SCM, cybersecurity operations, and planning. The goal of this study was to begin closing the knowledge gap by identifying a UAV-based cybersecurity framework for mega sporting events. It is necessary to analyze the degree to which local populations accept and are prepared for the utilization of drones to ensure that this will not be a barrier to their efficient use in supply delivery [26,43]. In spite of this, pilot studies carried out in a variety of nations have demonstrated that local populations, when informed about the technology's application area prior to its deployment, tend to welcome the innovation with open arms [54]. For preparedness, it is important to consider not only the price and immediate performance enhancements in SCM, such as speed and adaptability, but also the preparedness of the cybersecurity SCM for mega sporting events. Therefore, this study organized a set of factors and items from the literature review to ensure a UAV-based supply chain that enhances the SCM in Qatar's mega sporting events.

Research Method
The subject of the study and the research questions determined the different research technique. The research methodology is how researchers gather, evaluate, and explain the study's data [55]. Any discipline should include a review of the systematic literature evaluation [56]. When the process is carried out correctly, with the lowest number of mistakes, the study can produce trustworthy findings and conclusions that can assist decision-makers and academic experts in taking the appropriate actions [57]. This study was conducted in two phases. In the first phase, a literature review was conducted, followed by a comprehensive assessment of the literature review information. This study aimed to thoroughly accomplish a secondary study by analyzing the SLR. The literature review did not show any appropriate UAV-based cybersecurity frameworks for mega sporting events. Therefore, an inductive approach was used to develop a UAV-based cybersecurity framework for cybersecurity-based UAVs to ensure the security of mega sporting events from a SCM perspective. The research issues were mentioned in the SLR, which were then compared to previously published studies to determine if their findings could help us to develop a UAV-based cybersecurity framework that provides a solution for mega sporting events. This study used the Scopus-indexed and Clarivative analytics databases. The synthesis process involved extracting and classifying pertinent data from chosen publications and regarding conclusions. The coder retrieved information from the chosen published articles using inclusive and exclusive criteria [58]. The variable of interest was arranged according to the overall qualities of the articles and the criteria used to assess, measure, and address the SLR's goals. Finally, clustered items from different sources were gathered and summarized into five main factors of cybersecurity-based UAVs in SCM. In the second phase, data from Qatar's IT and cybersecurity experts were gathered to validate the proposed model for the UAV supply chain. This phase followed the empirical testation of the UAV-based cybersecurity framework for mega sporting events.

Conceptualization of the Measurement Scales
An SLR was conducted in the first phase in order to organize the measurement items (Table A1). The items were selected from multiple sources and contexts, and were operationalized according to cybersecurity-based UAVs for mega sporting events from an SCM perspective. Four items were selected for the traceability of UAVs, three items for Drones 2023, 7, 555 9 of 20 security and privacy, four items for trust, five items for acceptability, and four items for the preparedness of UAVs in the security supply chain for mega sporting events. Finally, the model contained five factors: Traceability (four items), security and privacy (three items), trust (four items), acceptability (five items), and preparedness (four items) for security SCM using UAVs.

Data Collection Procedure
A survey questionnaire was developed using the measurement items identified from the SLR. The information was gathered from various IT and security companies located in Qatar. To gather the primary data, a questionnaire method was used to collect data from the IT experts who are managing security and safety practices at mega sporting events. A fivepoint Likert scale served as the basis for the development of the tool, as follows: 1 = Strongly Disagree, 2 = Disagree, 3 = Neutral, 4 = Agree, and 5 = Strongly Agree. The methodology of a research study refers to the systematic approach taken by researchers to collect and analyze data to answer the research questions or test hypotheses. In this case, the study aimed to develop and propose a new UAV-based supply chain model for companies in Qatar. The researchers used convenience sampling to select the companies included in the study. Convenience sampling is a non-probability sampling method in which the sample is selected based on ease of access or availability. The researchers accessed Qatar's online database and selected the companies that were easily accessible to them. The researchers collected data from the IT and cybersecurity experts of the selected companies. The data collection method used was a combination of surveys and interviews. The researchers developed a questionnaire administered to the experts to collect quantitative data. The questionnaire was designed to collect information on the companies' current supply chain management practices, their use of UAVs in supply chain management, and the challenges they face.
In addition to the questionnaire, the researchers conducted face-to-face interviews with IT and cybersecurity experts to collect qualitative data. The interviews were semistructured, meaning that the researchers had predetermined questions but were open to exploring other topics that arose during the interview. The interviews were audio-recorded and transcribed for analysis.
To ensure the security and privacy of the information provided by the companies, the researchers obtained a permission letter from the concerned university department. The permission letter explained the purpose of the study and the measures taken to ensure the confidentiality of the information provided. The researchers also ensured the secrecy and privacy of the information by storing the data securely and analyzing it anonymously. After data collection, the researchers analyzed the data using qualitative and quantitative methods. The quantitative data collected from the questionnaires were analyzed using descriptive and inferential statistics. Data were collected in multiple rounds. The online survey questionnaire was distributed to 712 IT experts over the Internet, resulting in a total of 476 complete responses-with a 66.85% response rate. Therefore, 476 sample data were sufficient for exploratory factor analysis (EFA) and confirmatory factor analysis (CFA) because researchers recommend a minimum sample size of 300 for EFA and 200 for CFA [59,60]. (Table 2) outlines the demographic information of the participants.

Data Analysis
The study employed two key data analysis techniques: exploratory factor analysis (EFA) and confirmatory factor analysis (CFA). Both techniques were used to analyze the data and test the validity and reliability of the factors in the conceptual model [55,56,61]. In this study, EFA was conducted using IBM SPSS software to analyze demographic information and identify key factors [62,63]. The process involved several steps, including data cleaning, ensuring the suitability of data for factor analysis, selecting the extraction method, determining the number of factors to retain, and interpreting the factor loadings [62,63], including: (1) Data reduction: It simplifies data by grouping correlated variables into smaller factors, making it easier to understand and interpret the data; (2) Identifying underlying constructs: EFA helps to reveal the latent factors or constructs that underpin the relationships among variables; (3) Construct validity: EFA provides evidence of construct validity by showing that the variables in a factor are related and measure the same underlying construct.
In addition, CFA was conducted using IBM AMOS software to test the validity and reliability of the factors identified in the EFA [64,65]. This involved specifying the factor model, estimating the model parameters, assessing the goodness-of-fit, and interpreting the results, including: (1) Model testing: CFA tests whether the observed data fit the hypothesized factor structure, which is specified by the researcher beforehand; (2) Construct validity: CFA examines the relationships among the variables and the factors, assessing convergent validity, discriminant validity, and nomological validity; (3) Reliability: CFA evaluates the reliability or internal consistency of the factors by examining the factor loadings, composite reliability, and average variance extracted.

Common Method Bias (CMB)
A test for non-response bias was carried out. Following the completion of the various steps of follow-ups, replies were obtained. When the early and late levels were examined using homogeneity of analysis of variance, the findings showed that no scores remained statistically significant. This indicates that there were no big differences between the levels of the variables [62]. The CMB was assessed with the well-known and widely utilized Harman's single-factor testing with five factors. Five factors appeared from the IBM SPSS results, and the overall factors contributed to 32.018% of the total variance, which is lower than the threshold value of 50% and indicates that the dataset was clear from common method bias [63]. Additionally, all Eigenvalues were higher than 1.00; therefore, there were no biases.

Exploratory Factor Analysis (EFA)
EFA is a well-known method that has been utilized in past studies on SCM [64]. The primary goal of EFA is to reveal the underlying pattern of many variables [65]. The Kaiser-Meyer-Olkin (KMO) and Bartlett tests consider all of the data at their disposal. A KMO value greater than 0.5 and a significant threshold for Bartlett's test less than 0.05 indicate that the data exhibit a significant correlation [64]. In Bartlett's test of sphericity, a correlation matrix that has been observed is compared to the identity matrix [66]. The KMO value was 0.860 (p < 0.05), which, as shown in (Table 3), is higher than the minimum value of 0.60 suggested by Kaiser [67]. The researchers did not make any preconceived notions regarding the links between the factors [68]; therefore, the validity and reliability of the factors should be ensured. A statistical technique known as factor analysis was employed to describe the variability of a set of observed and correlated factors in terms of a reduced number of unseen variables known as factors. A dimension reduction method was applied by following principal component analysis (PCA) in varimax rotation. The measured variables were modeled as ordered pairs of the possible factors and "error" terms; the principal component analysis could be regarded as a specific example of an errors-in-variables model [69,70]. Numerous studies have reported different values for factor-loading, but this study followed the advanced criteria that the factor loading of each item/observed indicator should be higher than 0.70 [71,72].
A series of dimension-reduction processes were applied to meet the maximum acceptable criteria for factor loading (Table 4). First, a maximum value of 0.6 was ensured, meaning that all lower values were removed automatically. Later, the researchers found that no value was lower than 0.60, so the advanced acceptable criteria of factor loading (value > 0.70) were applied, and it was found that one item of preparedness (PREP = 0.673) and one item of acceptability (ACCEPT = 0.667) had lower factor loadings than 0.70. Therefore, these two items were removed from the model. Finally, 18 items from a total of 20 items were declared valid and reliable for the confirmatory factor analysis (CFA): four items for trust, three items for security and privacy, three items for preparedness, four items for acceptability, and four items for traceability. Additionally, reliability analysis was conducted using Cronbach's alpha approach (Table 4). As a general rule of thumb, a Cronbach's alpha value of 0.70 or higher is considered good, 0.80 or higher is considered better [73,74], and 90 or higher is considered the best [70,71]. As such, this study used the threshold value of Cronbach's alpha > 0.70 [72]. Finally, traceability was found to have good reliability at 0.841, security and privacy at 0.825, trust at 0.890, acceptability at 0.753, and preparedness at 0.807.

Confirmatory Factor Analysis (CFA)
After EFA, IBM AMOS software was used to conduct CFA (Figure 2). The purpose of CFA is to determine whether or not the observed factors contribute to latent or unobserved indicators. In the vast majority of studies pertaining to the social sciences, CFA is utilized to both validate and determine the reliability of newly developed measurement scales [75]. Checking the validity of items ensures that they measure what they were designed to measure, while checking the reliability of items ensures that they do not contain any errors in the variables that they are measuring [76,77].
Studies have reported that convergent validity includes factor loadings > 0.60 and average variance extracted (AVE) > 0.5, while discriminant validity includes the Fornell-Larcker criteria [78][79][80]. Herein, CFA was employed, and it was found that the factor loading of each item was higher than 0.6, as per the suggested criteria [78][79][80]. Meanwhile, the AVE value for each factor was higher than 0.5, with traceability being 0.577, security and privacy being 0.614, trust being 0.676, acceptability being 0.538, and preparedness being 0.589. Finally, the convergent validity of the newly developed scale was demonstrated for the UAV-based SCM of security measures for mega sporting events.
The basic independent groups' model of CFA is typically utilized in estimating composite reliability. When conducting exploratory research, composite reliability values between 0.60 and 0.70 are considered acceptable; however, when conducting research at a more advanced stage, these values must be more than 0.70 [76]. Therefore, a score greater than 0.90 is not preferable, and a value of 0.95 or higher is undoubtedly not preferable [77]. Finally, this study ensured good composite reliability (CR) for each factor (Table 5).
indicators. In the vast majority of studies pertaining to the social sciences, CFA is ut to both validate and determine the reliability of newly developed measurement [75]. Checking the validity of items ensures that they measure what they were des to measure, while checking the reliability of items ensures that they do not contai errors in the variables that they are measuring [76,77]. Studies have reported that convergent validity includes factor loadings > 0.6 average variance extracted (AVE) > 0.5, while discriminant validity includes the Fo Larcker criteria [78][79][80]. Herein, CFA was employed, and it was found that the factor ing of each item was higher than 0.6, as per the suggested criteria [78][79][80]. Meanwhi AVE value for each factor was higher than 0.5, with traceability being 0.577, securit privacy being 0.614, trust being 0.676, acceptability being 0.538, and preparedness 0.589. Finally, the convergent validity of the newly developed scale was demonstrat the UAV-based SCM of security measures for mega sporting events.
The basic independent groups' model of CFA is typically utilized in estimating posite reliability. When conducting exploratory research, composite reliability valu tween 0.60 and 0.70 are considered acceptable; however, when conducting researc more advanced stage, these values must be more than 0.70 [76]. Therefore, a score g  Discriminant validity was also tested using the Fornell-Larcker criteria [81]. In a nutshell, Fornell and Larcker [82] argued that the AVE ought to be higher than the variation between the construct in question and the other constructs included in the model (i.e., the squared correlation between two constructs). In this study, it was found that each factor of the UAV-based SCM had a higher value itself than the other factors in the same column, meaning that the discriminant criteria were also met ( Table 6).

Model Fit Indices
Different values for the UAV-based supply chain model's fitness were determined. Some examples of fit indices are the comparable chi-square statistics (CMIN), the comparative fit index (CFI), the Tukey-Lewis index (TLI), and the root mean square error of approximation (RMSEA). The CFI is a confirmatory fit index, meaning values of CFI ≥ 0.95 and TLI ≥ 0.95 are the most frequently applied standards to determine whether or not a given model is a good fit [83,84]. Meanwhile, a CMIN value less than 0.03 indicates an excellent fit. According to one line of thinking, RMSEA values that fall between 0.05 and 0.08 are regarded as satisfactory, those that fall between 0.08 and 0.1 are considered marginal, and those greater than 0.1 are considered unacceptable [85]. (Table 7) meets the model fit indices, so there was good model fitness. Notes: χ 2 /df = chi-square ratio; GFI = goodness-of-fit index; CFI = comparative fit index; RMR = root mean; RMSEA = root-mean-square error approximation; NFI = normed fit; FL = factor loading.

Discussion
UAVs are now used to capture FIFA World Cup games in countries such as Qatar. The purpose of this study was to develop a UAV-based cybersecurity framework in order to ensure the SCM of security and safety measures in FIFA mega sporting events. The study was conducted in two stages, with the first stage focused on SLR and the second on developing and testing a UAV-based cybersecurity framework in FIFA mega sporting events. Using a survey questionnaire, the 66.85% response rate to the drone security survey indicates significant interest and relevance among IT professionals. The high rate may be due to the growing importance of drones in various industries and the need for robust security measures. The 33.15% non-response could be due to reasons like time constraints or lack of interest, or these individuals may not view drone security as a priority. The survey provides valuable insights into IT experts' opinions and experiences related to drone security. Understanding these perspectives is crucial for developing effective policies and practices as drone usage increases. Using this UAV-based framework, the potential benefits posed by UAVs will continue to diversify and intensify throughout the upcoming years. In this way, UAVs will frequently avoid detection due to their physical and operational qualities, which presents the community responsible for vital infrastructure with several issues [4,5]. Several studies have been conducted on using technology-based UAVs [7,8,20,21], UAV-based security supplies [4, 10,11,[15][16][17], and SCM 4.0 [1,3,5,12,18,21,24]. However, this study developed a valid and reliable UAV-based cybersecurity framework for FIFA mega sporting events. Furthermore, this study investigated the use of UAVs at mega sporting events from a supply chain perspective to explore the cybersecurity challenges at these events. A framework was proposed and developed across two stages. In the first stage, an SLR was conducted to identify the challenges and issues faced by UAVs based on the mega sports event supply chain. In the second phase, an empirical study was conducted using a survey questionnaire based on 20 of the previously identified challenges and issues from the SLR. These 20 items were categorized into five factors: Traceability, security and privacy, trust, acceptability, and preparedness. This study was conducted through statistical analysis that included EFA using IBM SPSS and CFA using IBM AMOS to ensure the validity and reliability of the newly developed framework. All five factors had good validity and reliability.
A good correlation was found among the factors of the UAV-based cybersecurity framework for mega sporting events. Traceability was found to be significantly and positively related to security and privacy (r = 0.389), trust (r = 0.380), acceptability (r = 0.468), and preparedness (r = 0.404). Security and privacy were significantly and positively related to trust (r = 0.395), acceptability (r = 0.352), and preparedness (r = 0.403). Trust was also positively and significantly related to acceptability (r = 0.373) and preparedness (r = 0.480). Finally, acceptability was positively and significantly related to preparedness (r = 0.345). This means that all five factors were significantly and positively correlated with one another, which will determine the security measures employed at mega sporting events. Such dependency also points to the complexity of managing such security systems and the importance of understanding the design and operation of FIFA mega sporting events.

Managerial Implications
The proposed framework offers some practical and managerial implications across the three stages for implementing UAVs (i.e., upstream, midstream, and downstream) of mega sporting events. They can be summarized as the flow of three stages at mega sporting events.
Upstream-According to the upstream stage, traceability plays the role of identifying weak areas that hackers/terrorists can use for attacks. Because of traceability, quality is necessary at each step of the process, and UAV navigation must have traceability in each activity that pertains to sports areas. UAVs could use such technology to trace cybersecurity threats. UAVs have undergone considerable technological advancements to their control units, sensors, and security options and have experience with significant traceable objects. Thus, UAVs have the potential to assist professional IT and security experts, such as those that must be completed consistently, to determine security needs and to maintain the traceability of a particular area. Using traceability sensors, it is possible to track drones that communicate using radio frequency, while, when using radar detection, it is possible to track drones that have been pre-programmed using GPS to travel to a specific location. The acceptability of UAV technology at mega sporting events for use in security operations is the second factor in the upstream stage, allowing users to implement it as part of the security measures. It has been estimated that delivery UAVs and users have an average acceptance rate of 62% across various industries. Acceptability is at the heart of research using a UAV-based supply chain. It is proposed that a user's perception of the danger posed by the operation of UAVs plays a role in whether or not they will accept the new technology. The results demonstrate that social and economic considerations are components of perceived risk, determining how users feel about using UAV technology as part of the security of mega sporting events. This proposal is pertinent to the present line of research examining social and economic issues regarding the use of UAVs. It implies a relationship between concerns and the adoption of UAVs, which has never been proposed.
Midstream-An analysis of the trust in using UAVs that are subsequently coupled with AI technology was performed with the assistance of a behavior-based and local scheme. Trust in a UAV-based supply chain model determines behavioral and local trust in adopting UAVs in the SCM at mega sporting events. UAVs with higher trust are considered legitimate devices and are granted permission to communicate and carry out surveillance within the network. In addition, the trust factor updates the technology and surveillance network, enabling regular analysis and monitoring of areas [86]. The goal is to establish confidence among all UAVs in the area while simultaneously monitoring the network and power levels of any adjacent UAVs to provide a more in-depth understanding of how security measures based on UAVs assist users and security managers in combating security threats and vulnerabilities caused by hackers, terrorists, and others by improving the core productivity of security practices in the UAV-based supply chain. Similarly, managers can improve their ability to predict supply through UAVs by embedding sensors into their containers, cars, and products. On the other side, the utilization of UAVs will potentially increase the traceability, security, and accuracy of transactions and collaboration between stakeholders in the supply chain.
Downstream-Preparedness is the last factor of the downstream stage, where it is necessary to implement UAVs in the supply chains of security and privacy measures. In this stage, managers and users prepare themselves to tackle the problems faced by sports organizers. This also helps managers to increase measures so that security and privacy measures are provided on time. Furthermore, managers and users ensure the safety and security of the public because they show their preparedness, skills, and capabilities with necessary security measures.

Limitations and Future Directions
This study has some limitations regarding the generalizability of adopting UAV-based cybersecurity systems at mega sporting events. First, the framework was developed and proposed with high emphasis on Qatar's recent FIFA events and other concerts and religious events, so whether and how it can be used in other contexts of supply and to maintain security practices are very important. Second, the proposed framework included five factors that are not exclusive, and other cybersecurity issues and challenges can be added in future work. This can include testing the behaviors of the public (i.e., satisfaction, awareness, and safety compliance) and the performance of security measures (i.e., sustainability performance, loyalty behaviors, and IT performance). Furthermore, future studies may use different dependent/outcome variables to check the effect of the included factors in the proposed framework. Future studies should be conducted on integrating AI and machine learning algorithms in UAVs, improving threat detection, analysis, and response capabilities, and enabling faster and more accurate real-time decision-making [87]. UAVs also become more prevalent; there is a growing need for counter-UAV systems to detect, track, and neutralize potential rogue drones that pose security threats during mega events [88].

Conclusions
The study concludes the findings that examined the UAV-based supply chain management of security measures for mega sporting events. The research utilized various statistical methods to analyze the data, ensuring the validity and reliability of the findings. The results demonstrated that no significant biases were present in the dataset, and the exploratory factor analysis supported the structure of the proposed model. The confirmatory factor analysis confirmed the convergent and discriminant validity of the measurement scale and the composite reliability of each factor. Furthermore, the model fit indices revealed that the proposed model demonstrated a satisfactory fit to the data. These findings contribute to understanding UAV-based supply chain management in the context of security for mega sporting events and provide valuable insights for future research and practical applications.

Conflicts of Interest:
The authors declare no conflict of interest.