SERC Researchers Work Toward Framework That Supports Engineering Resilient Systems
The 2022 National Defense Strategy calls for the Department of Defense (DoD) to increase system resilience, i.e., build systems’ capacity to withstand, fight through and recover from critical function disruption. Current DoD programs identify, measure, and track the implementation of functional requirements independently and distinctly from those related to resilience. As a result, resilience metrics and design tools are often immature or ineffective and challenge the achievement of the Department’s goals for resilience, operational resilience, cyber survivability, and cyber security.
Launched in October of 2022, Dr. Peter Beling (Virginia Tech) serves as Principal Investigator, along with Mr. Tom McDermott, Co-Principal Investigator, (Stevens Institute of Technology) on the research study entitled “Measurable Requirements for Operational Resilience”. The design of the study is to pilot “real world” application of the existing Framework for Operational Resilience in Engineering and System Test (FOREST) and related resilience approaches. Dr. Beling presented on the project at the 2022 SERC Annual Research Review, which provided members of the research team and their sponsor the opportunity to discuss the methodologies that will be applied, in the context of an existing DoD acquisition program, to develop testable requirements for operational cyber resilience.
Dr. Beling acknowledged the many avenues of attack that exist in the cyber realm, which raise the importance of asking “What outcomes are of most concern?” In response, the project aims to identify existing mechanisms within systems that can detect attacks and loss of functionality and engage in appropriate response action until full functionality is restored. The pilot application of the FOREST framework to a DoD acquisition program, Dr. Beling noted, is an opportunity “to refine thinking about measuring resiliency, have testable requirements for the topic, and the potential to contribute to the program itself.” Mr. McDermott also noted that the project includes a focus on early-stage resilience analysis and requirements development, along with the systems modeling tools that can be deployed early in the design stage.
Year 1 of the project includes establishing the research team and research infrastructure, the technical exchanges to define the baseline for the methodology and the initial exchanges with the pilot program office. The SERC research team involved has worked together on past related projects and includes Tim Sherburne and Scott Lucero (Virginia Tech) and Megan Clifford (Stevens Institute of Technology).
Year 2 of the project includes various efforts: identifying critical functionality losses that require operational resilience; decomposing and translating weaponing systems’ mission resilience requirements and performance; assessing identified systems functions using Systems-Theoretic Process Analysis – Security (STPA-Sec); defining measurable and testable metrics and implementing resilience patterns to meet resilience requirements; and assessing the robustness of resilience designs developed via Assurance Case Analysis, or similar methodology and supported by systems modeling coupled with dynamic simulations. The goal is to provide recommendations for improving engineering processes and tools, the FOREST framework and overall engineering policy and guidance.
For more information on this research, contact Dr. Peter Beling.