Proceedings ArticleDOI
System-of-systems security engineering
D.J. Bodeau
- pp 228-235
Reads0
Chats0
TLDR
A security engineering process is proposed for systems-of-systems that addresses such issues as how to identify and mitigate risks resulting from connectivity, how to integrate security into a target architecture, and how to address the constraints associated with legacy systems.Abstract:
There is an increasing trend to treat a collection of individual systems that support a common mission as a single entity and to perform systems engineering activities for that entity. A security engineering process is proposed for systems-of-systems. This process addresses such issues as how to identify and mitigate risks resulting from connectivity, how to integrate security into a target architecture, and how to address the constraints associated with legacy systems. >read more
Citations
More filters
Journal ArticleDOI
Integrating Software Lifecycle Process Standards with Security Engineering
TL;DR: This model provides practical guidelines for the development of secure information systems while informing stakeholders how SLPS is related to the SE activities, taking IEEE/EIA 12207 as an example of SLPS.
Journal ArticleDOI
System of systems integration and test
Roland T. Brooks,Andrew P. Sage +1 more
TL;DR: An approach to SoS integration and testing, including an evolutionary SoS overarching test process, driven by capabilities-based testing, for reducing integration risks when engineering a SoS is described.
Challenges in Security Engineering of Systems-of-Systems
TL;DR: This catalog of challenges offers a road-map of major directions for future research activities, and a set of requirements against which present and future solutions of security for SoS can be evaluated.
Book ChapterDOI
Identification of security requirements in systems of systems by functional security analysis
Andreas Fuchs,Roland Rieke +1 more
TL;DR: In this article, the authors address the security requirements elicitation step in the security engineering process for such systems of systems, which comprises the tracing down of functional dependencies over system component boundaries right onto the origin of information as a functional flow graph.
Book ChapterDOI
Using Indicators to Monitor Security Risk in Systems of Systems: How to Capture and Measure the Impact of Service Dependencies on the Security of Provided Services
TL;DR: This chapter puts forward a method for the capture and monitoring of impact of service dependencies on the security of provided services and illustrates the method in an example-driven fashion based on a case within power supply.
References
More filters
Proposed Network Security Policy for Integrated Tactical Warning and Attack Assessment System
TL;DR: This proposed ITW/AA network security policy takes into explicit account the intercomputer networking topology of the current ITW-AA network and ensures confidentiality and integrity of its information.
Proceedings ArticleDOI
Modeling constructs for describing a complex system-of-systems
D.J. Bodeau,F.N. Chase +1 more
TL;DR: The system/network modeling constructs being incorporated into Version 2.0 of the ANSSR (Analysis of Networked Systems Security Risks) prototype allow an analyst to describe a complex system-of-systems at varying levels of abstraction, to represent a variety of networking situations.
Use of the Trusted Computer System Evaluation Criteria (TCSEC) for Complex, Evolving, Multipolicy Systems.
TL;DR: In this article, the authors provide a methodology to assist the heads of DoD components to procure, certify and accredit existing, evolving, multipolicy systems against the TCSEC 4 requirements, consistent with the guidance provided in the TNI 2 and the TDI 3.
Proceedings ArticleDOI
Integration of security services into the NORAD/USSPACECOM technical infrastructure: a case study
D.J. Bodeau,V. Swarup +1 more
TL;DR: A case study of how security services and mechanisms were integrated into one specific reference model, the NORAD/USSPACECOM Technical Infrastructure (N/U TI), and issues arising from the integration of security into open systems standards are identified.