Cyber Security Requirements Methodology
Abstract
This report addresses the DoD/Army/SERC-sponsored, UVA-led 9 month research effort to develop a methodology for establishing cyber security requirements at the preliminary design phase of new physical systems programs. The requirements addressed include the integration of cyber attack defense and resilience solutions, as well as security-related software engineering solutions. Referred to as Cyber Security Requirements Methodology (CSRM), the developed process includes six sequential steps conducted by three teams (an operationally focused team, a cybersecurity focused team and a systems engineering team). Model-based engineering tools were utilized to support each of the steps. A trial weapon system use case was conducted to gain an initial evaluation of the methodology. The use case system, referred to as Silverfish, was hypothetical, but deemed as a reasonable representation of a possible weapon system. Results of the trial were promising and point to a number of possible paths for follow-on research including implementing the methodology on a real system and building the necessary tools to scale up the methodology to a real system.
Document Details
- Document Type
- Technical Report
- Publication Date
- Jul 26, 2018
- Accession Number
- AD1057439
Entities
People
- Barry M. Horowitz
- Bryan Carter
- Carl Elks
- Cody Fleming
- Forrest Shull
- Georgios Bakirtzis
- Nancy R. Mead
- Peter A. Beling
- Stephen Adams
- Tim Sherburne
Organizations
- Stevens Institute of Technology