论文信息 - An architectural systems engineering methodology for addressing cyber security

An architectural systems engineering methodology for addressing cyber security

This paper discusses important shortcomings of current approaches to systems security engineering. The value and limitations of perimeter security designs are examined. An architectural approach to systems security engineering is introduced as a complementary means for strengthening current approaches. Accordingly, this paper outlines a methodology to identify classes of new reusable system security solutions and an architectural framework based on reuse of the patterns of solutions. It also introduces a new methodology for security metrics intended to stimulate critical solution design tradeoff analyses as part of security design reuse considerations. Examples of problems, potential architectural solutions, and corresponding security metrics are provided. © 2011 Wiley Periodicals, Inc. Syst Eng © 2011 Wiley Periodicals, Inc.

Barry M. Horowitz | Jennifer L. Bayuk | B. Horowitz | J. Bayuk

[1] Peter Sommerlad,et al. Security Patterns: Integrating Security and Systems Engineering , 2006 .

[2] Joseph W. Weiss,et al. Protecting Industrial Control Systems from Electronic Threats , 2010 .

[3] Neil Abercrombie,et al. HOUSE OF REPRESENTATIVES of the UNITED STATES , 2008 .

[4] Tim Mather,et al. Cloud Security and Privacy - An Enterprise Perspective on Risks and Compliance , 2009, Theory in practice.

[5] William P. Mulokey. Using the U.S. Department of Defense Architecture Framework to Build Security into the Lifecycle , 2009 .

[6] John Boardman,et al. Systems Thinking: Coping with 21st Century Problems , 2008 .

[7] Kristen Baldwin. System Security Engineering: A Critical Discipline of Systems Engineering , 2009 .

[8] Marianne M. Swanson,et al. Recommended Security Controls for Federal Information Systems , 2005 .

[9] J. Menn,et al. Fatal System Error , 2010 .

[10] Wiley J. Larson,et al. Applied space systems engineering , 2009 .

[11] Dennis M. Buede,et al. The Engineering Design of Systems , 2009 .

[12] Dennis M. Buede,et al. The Engineering Design of Systems: Models and Methods , 1999 .

[13] Neil B. Harrison,et al. Pattern-Driven Architectural Partitioning: Balancing Functional and Non-functional Requirements , 2007, 2007 Second International Conference on Digital Telecommunications (ICDT'07).