Addressing Challenges in the Acquisition of Secure Software Systems With Open Architectures

Abstract

We seek to articulate and address a number of emerging challenges in continuously assuring the security of open architecture (OA) software systems throughout the system acquisition life-cycle. It is now clear that future system must resist coordinated international attacks on vulnerable software-intensive systems that are of high value, and control complex systems. But current approaches to system security are most often piecemeal with little or no support for guiding what system security requirements must address across different system processing elements and data levels, and how those can be manifest during the design building, and deployment of OA software systems. We present a framework that organizes OA system security elements and mechanisms in forms that can be aligned with different stages of acquisition spanning system design, building, and run-time deployment, as well as system evolution. We provide a case study to show our scheme and how it can be applied to common enterprise systems.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Apr 30, 2012
Accession Number
ADA563274

Entities

People

  • Thomas Alspaugh
  • Walt Scacchi

Organizations

  • University of California, Irvine

Tags

Communities of Interest

  • C4I
  • Cyber
  • Energy and Power Technologies
  • Engineered Resilient Systems
  • Ground and Sea Platforms

DTIC Thesaurus Topics

  • Acquisition
  • Case Studies
  • Complex Systems
  • Computer Program Reliability
  • Computer Programming
  • Computer Programs
  • Computers
  • Electronic Mail
  • Information Systems
  • Intellectual Property
  • Mobile Devices
  • Network Protocols
  • Operating Systems
  • Personal Information Managers
  • Software Development
  • Web Browsers
  • Word Processors

Fields of Study

  • Computer science
  • Engineering

Readers

  • Defense Acquisition Program Management
  • Software Engineering.