A Methodology for Cybercraft Requirement Definition and Initial System Design

Abstract

The United States Air Force and Department of Defense networks and information systems are under attack from a variety of actors. Current network defense systems are reactive in nature and unable to prevent determined adversaries from successfully infiltrating these information systems. The realization of these facts led the Air Force Research Lab begin work on a next-generation network defense system called Cybercraft. The Cybercraft vision is a trusted, autonomous system which will perform network defense tasks. In this paper, software engineering and threat analysis are used to create a set of initial requirements and system models for Cybercraft. This paper presents a methodology based on traditional software requirements, elicitation processes, and attack and defense trees to generate system requirements. Once requirements have been defined, they are used to create system use cases and a system domain model. This iterative process can be used to define the system in enough detail that software or system prototypes can be developed. The contribution of this paper is a set of initial requirements, use cases, and domain models which could be used in Cybercraft development. Ultimately, it is a generic methodology which could be used to determine requirements for any security system and how to apply those requirements to begin high-level system design.

Document Details

Document Type

Technical Report

Publication Date

Jun 01, 2008

Accession Number

ADA488221

Entities

Tags