Technical Report
Systems Security Engineering

Report Number: SERC-2010-TR-005-1
Publication Date: 2010-08-22
Project:
Systems Security Engineering Roadmap
Principal Investigators:
Jennifer Bayuk
Co-Principal Investigators:
The US needs dramatic improvements in systems security. Current defensive strategies, based
principally on strengthening system peripheries, inspections, and similar bolt-on techniques add
tremendously to cost and do not respond effectively to the growing sophistication of attacks. Systems
cannot be assumed to have static boundaries, static user communities, or even a static set of services.
To a great extent, systems engineers are inadequately prepared to address system security
requirements.
The failure of traditional systems engineering methods to address system security issues is due to the
fact that these methods rely heavily on requirements gathering and modeling. In the realm of security,
requirements gathering has been influenced by the fact that a variety of industries have developed
system security standards. These have been presented to systems engineers as complete system
security requirements, when in fact they cover only basic technology control measures. In the realm of
security, engineering models are based on assumptions that a system is bounded by technology and that
off-the-shelf technology control measures can be configured in combination to adequately address most
security requirements. This is a false assumption.
However, simply removing these assumptions and challenging the systems engineer to put aside
security standards and models and start afresh will not resolve systemic security problems. The existing
standards and models came about because security is a difficult problem to address. Current standards
and models have been embraced by a generation of practitioners who entered the systems security field
over the past forty years because those practitioners found common solutions to diverse security
problems and shared them. This work is significant and should be leveraged by integrating it with a fresh
look at the mission of the systems engineer with respect to security