TY - GEN
T1 - A systems approach for eliciting mission-centric security requirements
AU - Carter, Bryan T.
AU - Bakirtzis, Georgios
AU - Elks, Carl R.
AU - Fleming, Cody H.
N1 - Publisher Copyright:
© 2018 IEEE.
PY - 2018/5/30
Y1 - 2018/5/30
N2 - The security of cyber-physical systems is first and foremost a safety problem, yet it is typically handled as a traditional security problem, which means that solutions are based on defending against threats and are often implemented too late. This approach neglects to take into consideration the context in which the system is intended to operate, thus system safety may be compromised. This paper presents a systems-theoretic analysis approach that combines stakeholder perspectives with a modified version of Systems-Theoretic Accident Model and Process (STAMP) that allows decision-makers to strategically enhance the safety, resilience, and security of a cyber-physical system against potential threats. This methodology allows the capture of vital mission-specific information in a model, which then allows analysts to identify and mitigate vulnerabilities in the locations most critical to mission success. We present an overview of the general approach followed by a real example using an unmanned aerial vehicle conducting a reconnaissance mission.
AB - The security of cyber-physical systems is first and foremost a safety problem, yet it is typically handled as a traditional security problem, which means that solutions are based on defending against threats and are often implemented too late. This approach neglects to take into consideration the context in which the system is intended to operate, thus system safety may be compromised. This paper presents a systems-theoretic analysis approach that combines stakeholder perspectives with a modified version of Systems-Theoretic Accident Model and Process (STAMP) that allows decision-makers to strategically enhance the safety, resilience, and security of a cyber-physical system against potential threats. This methodology allows the capture of vital mission-specific information in a model, which then allows analysts to identify and mitigate vulnerabilities in the locations most critical to mission success. We present an overview of the general approach followed by a real example using an unmanned aerial vehicle conducting a reconnaissance mission.
UR - https://www.scopus.com/pages/publications/85048864776
U2 - 10.1109/SYSCON.2018.8369539
DO - 10.1109/SYSCON.2018.8369539
M3 - Conference contribution
AN - SCOPUS:85048864776
T3 - 12th Annual IEEE International Systems Conference, SysCon 2018 - Proceedings
SP - 1
EP - 8
BT - 12th Annual IEEE International Systems Conference, SysCon 2018 - Proceedings
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 12th Annual IEEE International Systems Conference, SysCon 2018
Y2 - 24 April 2018 through 26 April 2018
ER -