1 / 25

Systems Security Engineering An Updated Paradigm

Systems Security Engineering An Updated Paradigm. INCOSE Enchantment Chapter November 8, 2006 John W. Wirsbinski. Today’s Experiment. The purpose of the model is not to fit the data, but to sharpen the questions. . Outline. What is Systems Security Engineering (SSE) The Dilemma

vine
Download Presentation

Systems Security Engineering An Updated Paradigm

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Systems Security EngineeringAn Updated Paradigm INCOSE Enchantment Chapter November 8, 2006 John W. Wirsbinski

  2. Today’s Experiment The purpose of the model is not to fit the data, but to sharpen the questions.

  3. Outline • What is Systems Security Engineering (SSE) • The Dilemma • Relationship with Systems Engineering • Future Planning

  4. Emergent Technologies Resources Assets Threats Guns, Guards, & Technologies Gates The Defenders’ Dilemma… ? Emergent Design Basis Threats Including Technologies …a complex, dynamic resource allocation problem

  5. What is Security • Security is defined as freedom from danger or risk • Focus is on Malevolent dangers • Benefits for natural and accidental dangers is considered, but not primary focus

  6. What is SSE An element of system engineering that applies scientific and engineering principles to identify security vulnerabilities and minimize or contain risks associated with these vulnerabilities. It uses mathematical, physical, and related scientific disciplines, and the principles and methods of engineering design and analysis to specify, predict, and evaluate the vulnerability of the system to security threats.1 1 Handbook for Systems Security Engineering Program Management Requirements, D.o. Defense, Editor. 1995, Headquarters Air Force Systems Command, Office of the Chief of Security Police.

  7. Systems Security Engineering Management An element of program management that ensures system security tasks are completed. These tasks include developing security requirements and objectives; planning, organizing, identifying, and controlling the efforts that help achieve maximum security and survivability of the system during its life cycle; and interfacing with other program elements to make sure security functions are effectively integrated into the total system engineering effort.2 2 Handbook for Systems Security Engineering Program Management Requirements, D.o. Defense, Editor. 1995, Headquarters Air Force Systems Command, Office of the Chief of Security Police.

  8. Purpose of SSE? • Provide systems engineered solution for asset protection investments • Protect Assets • Prevent Undesirable Events • Prevent Undesirable Consequences • Mitigate Undesirable Consequences • Disaster Recovery • Facilitate Operations • Meet Regulatory Requirements

  9. SSE Applications • Apply SE to Security problem • Apply SE to integrate protection measures into non-security projects

  10. SSE Responsibilities • Threat Assessment • Consequence Assessment • Vulnerability Assessment • Systems Analysis and Design • Bridge Between SE and Security Disciplines

  11. Threat assessment • Two Types of Threat Assessment • Threat Characterization • Threat Quantification

  12. Two Types of Threat Assessment • Evaluation of a spanning set of threats relevant to an organization or asset • Evaluation of one or more specific threats

  13. Threat Characterization • Real Threat • Perceived Threat • Management Threat • Acceptable Risk • Acceptable cost • Acceptable operational impact • Examples • Design Basis Threat • Postulated Threat

  14. Characterization Continued • Capability • Skills • Equipment • Knowledge • Organizational skills

  15. Characterization Continued • Motivation • Desired End State • Tactically - mission objective • Strategic - purpose of mission • Level of commitment • Willing to die? • Willing to kill? • World view that supports committing the undesirable event • Triggering events

  16. Threat Quantification • Likelihood • Frequency

  17. Vulnerability Assessment • Characterize system vulnerabilities • Components • System • Skills needed • Equipment needed • Knowledge needed • Map vulnerabilities to management threat

  18. Consequence Assessment • Asset definition • Definition of the undesirable events • Consequence definition • Consequence rating/ranking

  19. Traditional Methods Blast Effects Performance Testing Systems Subsystem Component Red Teams Balance Defense in Depth Fault Trees New Methods Complexity Theory Agile Security Network Theory Risk Management Soft Systems Methodology System Analysis & Design

  20. The Bridge Security Engineering Enterprise Including Systems Engineering SSE

  21. PhysSec COMPUSEC/ Information Systems Security COMSEC INFoSEc OPSEC Prodsec KeySEC TSCM Counter-intelligence Psyops Insider Protection Anti-terrorism Counter-terrorism Business Continuity and Disaster Recovery Security disciplines

  22. PhysSec • Intrusion Detection • Contraband Detection • AC&D • Access Delay • Access Control • Response • Investigations

  23. Cryptography Access Control Application Security Information Security and Risk Management Legal, Regulations, Compliance and Investigations Security Architecture and Design Telecommunications and Network Security System Administration Audit and Monitoring Data Communications Malicious Code / Malware COMPUSEC/ Information Systems security

  24. Path Forward • The Goal: SSE Working Group • Possible Starting Points • Mil-Hdb-1785 • This Presentation • Next Steps • Identify Volunteers • January 2007, INCOSE IW The difference between 'involvement' and 'commitment' is like an eggs-and-ham breakfast: the chicken was 'involved' but the pig was 'committed'.

  25. Questions - Discussion ?

More Related