Functionally Interpreting Security.

Saved in:
Bibliographic Details
Title: Functionally Interpreting Security.
Authors: McEvilley, Michael (AUTHOR) mcevilley@mitre.org, Winstead, Mark (AUTHOR) mwinstead@mitre.org
Source: Insight (2156-485X). Jun2022, Vol. 25 Issue 2, p15-18. 4p.
Subjects: Work design, System safety, Systems engineering
Abstract: The outcomes of an exploration of what security means as an engineered function are presented, based upon principles of secure system design. The exploration was done to support an effort to formalize the syntax and semantics for the expression of security protection needs in system requirements, and to enable alignments with system safety and resilience requirements. The exploration produced a clearer interpretation of the essential aspects of security as postulated by foundational work on secure system design and was cross checked against representative classes of security requirement criteria to confirm accuracy and sufficiency of coverage of key security requirement types. The resultant perspective of what it means to be secure can be useful to inform the development of effective practices for the design of secure systems that are aligned with Future of Systems Engineering (FuSE) concepts, particularly security as a functional requirement. Further, the perspective helps to distinguish those characteristics of security (loss of "anything") that are in common, and that contrast, with safety (loss of "specific things") and resilience (loss of "capability"). [ABSTRACT FROM AUTHOR]
Copyright of Insight (2156-485X) is the property of Wiley-Blackwell and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)
Database: Engineering Source
Description
Abstract:The outcomes of an exploration of what security means as an engineered function are presented, based upon principles of secure system design. The exploration was done to support an effort to formalize the syntax and semantics for the expression of security protection needs in system requirements, and to enable alignments with system safety and resilience requirements. The exploration produced a clearer interpretation of the essential aspects of security as postulated by foundational work on secure system design and was cross checked against representative classes of security requirement criteria to confirm accuracy and sufficiency of coverage of key security requirement types. The resultant perspective of what it means to be secure can be useful to inform the development of effective practices for the design of secure systems that are aligned with Future of Systems Engineering (FuSE) concepts, particularly security as a functional requirement. Further, the perspective helps to distinguish those characteristics of security (loss of "anything") that are in common, and that contrast, with safety (loss of "specific things") and resilience (loss of "capability"). [ABSTRACT FROM AUTHOR]
ISSN:2156485X
DOI:10.1002/inst.12380