NIMS Information Security Threat Methodology

Abstract

This report presents a methodology for assessing information security threats to the National Airspace System (NAS) Infrastructure Management System (NIMS). Specific vulnerabilities are addressed in a companion report, Legacy NIMS Vulnerability Study (FOUO) (Abrams, 1998a). This report is a sanitized version of the MITRE consensus contained in another report, NIMS Information Security Threats, (FOUO) (Abrams, 1998b). This sanitized version is made available so that a wider audience may evaluate the applicability of the methodology to their systems. Sanitation has been accomplished by removing the entries in most tables. Some tables have also been deleted. It is anticipated that the MITRE consensus will be used as a point of departure by an FAA working group to arrive at an official FAA consensus. The relative ability of commercial off-the-shelf (COTS) products in general to counter the threats is identified as an indication of the residual risk in NIMS, which will be built predominantly with COTS products. A comprehensive NIMS risk analysis has not been performed as part of this study.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Aug 01, 1998
Accession Number
AD1108091

Entities

People

  • Marshall D. Abrams

Organizations

  • MITRE Corporation

Tags

DTIC Thesaurus Topics

  • Application Software
  • Commerce
  • Communication Systems
  • Computers
  • Countermeasures
  • Cybersecurity
  • Denial Of Service Attack
  • Department Of Defense
  • Detection
  • Engineering
  • Information Security
  • Information Systems
  • Information Warfare
  • Infrastructure
  • National Security
  • Personnel Management
  • President (United States)
  • Risk
  • Risk Analysis
  • Risk Management
  • Security
  • Threat Evaluation
  • Threats
  • Vulnerability

Readers

  • Software Engineering
  • Software Engineering.
  • Strategic Security Studies

Technology Areas

  • Space