Accession Number:

AD1057439

Title:

Cyber Security Requirements Methodology

Descriptive Note:

Technical Report

Corporate Author:

Stevens Institute of Technology Hoboken United States

Report Date:

2018-07-26

Pagination or Media Count:

46.0

Abstract:

This report addresses the DoDArmySERC-sponsored, UVA-led 9 month research effort to develop a methodology for establishing cyber security requirements at the preliminary design phase of new physical systems programs. The requirements addressed include the integration of cyber attack defense and resilience solutions, as well as security-related software engineering solutions. Referred to as Cyber Security Requirements Methodology CSRM, the developed process includes six sequential steps conducted by three teams an operationally focused team, a cybersecurity focused team and a systems engineering team. Model-based engineering tools were utilized to support each of the steps. A trial weapon system use case was conducted to gain an initial evaluation of the methodology. The use case system, referred to as Silverfish, was hypothetical, but deemed as a reasonable representation of a possible weapon system. Results of the trial were promising and point to a number of possible paths for follow-on research including implementing the methodology on a real system and building the necessary tools to scale up the methodology to a real system.

Subject Categories:

  • Computer Programming and Software
  • Computer Systems Management and Standards

Distribution Statement:

APPROVED FOR PUBLIC RELEASE