INCOSE Enchantment: Building a Scientific Foundation for Security: Multilayer Network Model Insights for System Security Engineering
Building a Scientific Foundation for Security: Multilayer Network Model Insights for System Security Engineering
Speaker: Sue Caskey
Date: Wednesday, 11 September 2024
Time: 4:45 PM - 6:00 PM Mountain Time
Venue: Online via ZOOM
Registration: Zoom link is provided in the meeting invitation; contact the POC to request the meeting invitation.
Abstract:
To help incorporate security into INCOSE’s Systems Engineering Vision 2035, the INCOSE systems security engineering working group endorses a paradigmatic shift to reframe systems security in terms of being trustworthy, loss-driven, and capabilities-based. Similar research out of Organization A has explored cutting-edge approaches to systems security for national security applications. Taken together, these efforts both highlight to need for—and a path toward—a scientific foundation for security. Leveraging underlying tenets of systems theory, observed security heuristics, and the concepts emerging from INCOSE’s SSE working helps triangulate a set of “first principles” as part of a scientific foundation for security consistent with the (often ignored) interactions between physical security designs, cyber security architectures, and personnel security programs. These first principles, in turn, are the basis for a set of derived systems security performance axioms that support current INCOSE SSE working efforts. The logic and designability benefits of this approach is demonstrated with a multilayer network model-based approach for systems security. The structure of this scientific foundation for security offers additional, innovative opportunities to achieve desired levels of trustworthiness, creative mechanisms to meet needs, innovative loss-driven approaches, and enhanced capabilities—all aimed to at producing more efficient and effective systems security solutions against current and emerging threats, uncertainties, and complexities.
Bio:
Sue Caskey is a distinguished member of the technical staff, research and systems analyst at Sandia National Laboratories. One of the founding members of Sandia's Global Chemical and Biological Security program, she has over 25 years of international security expertise and has supported work in more than 30 countries. Sue is currently the lead for analytical projects on global threat prioritization and risk assessment across the entire chemical, biological, radiological, and nuclear (CBRN) domain—including dual-use equipment. In direct support of U.S. DoS, DOE, and DOD cooperative threat reduction efforts, this work involves developing unique models and tools to characterize current and emerging global threats. Sue is also working on various technical threat reduction efforts with the Organisation for the Prohibition of Chemical Weapons and the World Health Organization. As part of her activities at Sandia National Laboratories, Sue has created an ad hoc working group to better support global analysis and data management, focusing on cross-domain global threats. For domestic and international partners, Sue conducts agent-based analysis, safety, and security assessments. In this domain, she has designed and tested the implementation of engineering controls, physical security systems, cyber security systems, and personal reliability programs at facilities around the globe. She has also designed and implemented network-based, disease surveillance systems for humans and animals; and designed and developed the model and software for the BioRAM and Chem SAM tools—both recommended by the U.S. DHS and Centers for Disease Control and the World Health Organization. With B.A. degrees in Biology and Computer Science from the University of New Mexico and an M.E. in Systems Engineering from Old Dominion University (ODU), Sue is currently working toward her Ph.D. in Systems Engineering (from ODU) with a specific interest in complex systems, risk, and decision analysis. As part of her academic interests, she has also become active in IEEE and INCOSE and continues to be a member of the Society of Risk Analysis.