Defining Testable Systems Security Requirements for an Autonomous Space Vehicle.

Autor: Mailloux, Logan O., Mills, Robert F., Span, Martin "Trae"
Předmět:
Zdroj: ITEA Journal of Test & Evaluation; Dec2020, Vol. 41 Issue 4, p247-257, 11p
Abstrakt: This work addresses the elusive problem of defining testable security requirements for complex systems and was inspired by the critical need to thoroughly understand and assess the security of complex cyber-physical systems. This article demonstrates a systematic and repeatable approach for developing stakeholder-driven systems security requirements through a tailored version of System-Theoretic Process Analysis for Security (STPA-Sec) using a notional autonomous space vehicle designed to resupply the international space station. Notably, this work aligns with industry best practices and standards in the elicitation, definition, and analysis of empirically based systems security requirements in alignment with the recently published National Institute of Standards and Technology Special Publication 800 160. Lastly, we seek to advance the science of security by presenting an integrated approach to safety, security, and resiliency which focuses on stakeholder needs--rather than cyber vulnerabilities--to perform data-driven cybersecurity evaluations for complex systems. [ABSTRACT FROM AUTHOR]
Databáze: Supplemental Index