WRT-1033: Transitioning Mission Aware Concepts and Methods to Evaluate Cost/Risk Decisions for Security
Report Number: SERC-2021-TR-016
Publication Date: 2021-10-10
Project: Transitioning Mission Aware Concepts and Methods to Evaluate Cost/Risk Decisions for Security
Dr. Peter Beling
Thomas McDermott Jr.
Dr. Cody Fleming
Dr. Barry Horowitz
Cyber resilience is the ability to anticipate, withstand, recover from, and adapt to adverse conditions, stresses, attacks, or compromises on systems that use or are enabled by cyber resources (National Institute of Standards and Technology). This research focuses on standardization of methods to specify and design cyber resilience into cyber physical systems as a component of systems security engineering. Although focused on cybersecurity, the research draws heavily from and is congruent with disciplines and methods from safety engineering and fault tolerant computing. A resilient system anticipates, withstands, recovers from, and adapts to any abnormal or unanticipated behavior.
In this work, we emphasize the concept of loss‐driven engineering. A loss‐driven approach tends to integrate or harmonize traditionally separate disciplines like security, safety, reliability, assurance, and risk management around systemic losses and definition of loss scenarios to drive system specification, design, and performance. The majority of current security practices assess vulnerability and risk, which is appropriate but is also difficult to analyze in the early stages of system development when vulnerabilities cannot be allocated to specific subsystems or components. Core to this research, which is called “Mission Aware,” is a meta‐model and associated requirements and architecture analysis process targeted to decomposition of loss scenarios into testable resilience features in a system design. The Mission Aware approach has been developed over a number of related research tasks and is available for use as a standard methodology in the systems engineering community. This research task addressed convergence of loss‐driven and vulnerability‐driven analysis processes at the earliest stages of system definition ‐ Mission Engineering ‐ as a means to better specify emerging systems. A major outcome of this research was to gain recognition of this need for convergence and demonstrate standard approaches through outreach, integration with other defense department cyber resilience strategies, and development of educational materials. A significant transition result of this work is an effort to adopt the methods and the demonstration model into emerging Defense Acquisition University (DAU) cyber resilience curriculum.