Translate

сряда, 11 май 2016 г.



Systems Security Engineering 

Considerations for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems

NIST Special Publication 800-160 Second Public Draft


“This whole economic boom in cybersecurity seems largely to be a consequence of poor engineering.” ‐‐ Carl Landwehr, Communications of the ACM, February 2015

Systems Security Engineering — A Specialty Discipline

Security, like safety and other system quality properties, is an emergent property of a system. System security is the application of engineering and management principles, concepts, criteria, and techniques to optimize security within the constraints of operational effectiveness, time, and cost throughout all stages of the system life cycle. When performing appropriate analysis, the evaluation is performed holistically by tying into systems security engineering concepts and best practices and ensuring that system security has an integrated, system‐level perspective. Systems security engineering focuses on the protection of stakeholder and system assets so as to exercise control over asset loss and the associated consequences. Such protection is achieved by carrying out the specific activities and tasks in the system engineering processes with the objective of eliminating or reducing vulnerabilities and minimizing or constraining the impact of exploiting or triggering those vulnerabilities. This approach helps to reduce the susceptibility of systems to a variety of simple, complex, and hybrid threats including physical and cyber‐attacks; structural failures; natural disasters; and errors of omission and commission. This reduction is accomplished by fundamentally understanding stakeholder protection needs and subsequently employing sound security design principles and concepts throughout the systems engineering processes. These processes, if properly carried out (to include the identified systems security engineering activities and tasks), result in systems that are adequately secure relative to the asset loss consequences and associated risk based on measurable assurance and trustworthiness in the systems security performance and effectiveness. To accomplish the security objectives described above, systems security engineering, as a specialty discipline of systems engineering, provides several distinct perspectives and focus areas which set it apart from other engineering disciplines. These include the engineering of security functions; addressing the security aspects associated with the engineering of non‐security functions; and protecting the intellectual property and otherwise sensitive data, information, technologies, and methods utilized as part of the systems engineering effort.

Systems security engineering, as part of a multidisciplinary systems engineering effort: 

· Defines stakeholder security objectives, protection needs and concerns, security requirements, and associated validation methods; 
· Defines system security requirements and associated verification methods; 
· Develops security views and viewpoints of the system architecture and design; 
· Identifies and assesses vulnerabilities and susceptibility to life cycle disruptions, hazards, and threats; 
· Designs proactive and reactive protective measures encompassed within a balanced strategy to control asset loss and associated loss consequences; 
· Provides security considerations to inform systems engineering efforts with the objective to reduce errors, flaws, and weakness that may constitute security vulnerability leading to unacceptable asset loss and consequences; 
· Identifies, quantifies, and evaluates the costs and benefits of protective measures and considerations to inform analysis of alternatives, engineering trade-offs, and risk treatment12 decisions; 
· Performs system security analyses in support of decision making, risk management, and engineering trades; 
· Develops the assurance case to demonstrate that security claims for the system have been satisfied; 
· Provides evidence to support the assurance case and to substantiate the trustworthiness of the system; and 
· Leverages multiple security and other specialties to address all feasible solutions so as to deliver an adequately secure and trustworthy system.

Systems Security Engineering Framework – Why It Matters ?


Establishing problem, solution, and trustworthiness contexts as key components of a systems security engineering framework ensures that the security of a system is based on achieving a sufficiently complete understanding of the problem as defined by a set of stakeholder security objectives, security concerns, protection needs, and security requirements. This understanding is essential in order to develop effective security solutions—that is, a system that is sufficiently trustworthy and adequately secure to protect stakeholder’s assets in terms of loss and the associated consequences.

Няма коментари:

Публикуване на коментар