Systems Security Engineering

Systems Security Engineering Working Group

Make security as foundational a perspective in systems design as system performance and safety.

Working Group Purpose & Mission

Mission:

This working group believes that system engineering cannot succeed without accepting core responsibility for enabling and facilitating effective system security - partly in system requirements, partly in system trade space recognition, but mainly in system thinking applied to concepts of operations and systems architecture. Sustaining system functionality in the face of intelligent determined attack requires self preservation capabilities that adapt and evolve with intelligence, proactive innovation, and strength of community equal to the adversary as a minimum. This requires full system awareness and adaptability, and system-of-system relationships. Security engineering alone cannot accomplish this.

Analytic Enablers

TechOps Domain

379

Members

2007

Established

Chair

Rick Dove

Co-Chairs

Dawn Beyer

Keith Willett

Beth Wilson

Mark Winstead

Inquiries

[email protected]

Scope

This working group will address and foster system engineering responsibilities, design concepts, processes, enabling-support, and community understanding of the roles that systems engineering must play to enable effective systems security.

Goals

Goal: Establish and foster the responsibility for security within Systems Engineering, with effective system security accepted and practiced as a fundamental part of system engineering.
Goal: Establish and foster self-sustaining cross-community involvement between systems engineers, security engineers, and system security standards.
Goal: Establish and foster systems engineering guidance for enabling effective systems security in the face of evolving system security needs.
Goal: Attract an international cadre of engaged participants to broaden the understandings and effectively deal with multinational interests and differences.
Customers and Stakeholders include systems engineering educators, systems engineering process and standards developers, defense systems engineering acquisition procedure developers, systems engineering leaders and managers, customers of systems that require effective security, systems engineers, and security engineers.

Outcomes

Webinars
- WG Webinar – Security Are Us, April 2014
- WG Webinar – Lockheed Martin Secure Engineering Assurance Model, June 2014
- WG Webinar – Introduction to the Systems Security Engineering WG, June 2014
- WG Webinar – Natural System Security Patterns, April 2015
- WG Webinar – What is System Security, March 2018

Products
- SEBoK maintenance – Systems Security Engineering
- Standards – Participating member of INCITS/CS1, INCOSE Approved TPP
- Standards – Review of NIST SP-800-160, INCOSE-TA-2014-001-01, 28-June-2014
- Standards – Review of NIST SP-800-160, INCOSE-TA-2014-001-02, 29-June-2016
- Standards – Review of NIST SP-800-160, INCOSE-TA-2014-001-03, 21-October-2016
- Standards – Review of NIST SP-800-160 v1 rev 1, 10-November-2021
- SE Handbook Section 3.6.4 Case Study, & Section 10.11 Systems Security Engineering, July 2015

Projects
– SE Handbook v5 Revision
– SEBoK Systems Security Engineering
– SE Requirements Framework for Security
– Security in the Future of Systems Engineering (FuSE)
– Handbook: Systems Security Engineering Body of Knowledge

INSIGHT Publications
- 2009-Q2, Theme Issue: The Interplay of Architecture, Security & SE
- 2011-Q2, Theme Issue: Systems of Systems & Self Organizing Security
- 2013-Q2, Theme Issue: The Buck Stops Here: SE’s Responsibility for System Security
- 2015-Q2, Article: Needed - Practitioner Attention to Systems Engineering Delivery of Sustainable Value
- 2016-Q2, Theme Issue: Agile Security – Joint project with Agile SE working group
- 2016-Q2, Article: Software and System Integrity Assessment
- 2016-Q2, Article: Cybersecurity & Critical Infrastructure – Are We Missing the Obvious?
- 2020-Q3, Theme Issue: Cyber Secure and Resilient Approaches with Feature-Based Product Line Engineering
- 2022-Q2, Theme Issue: Security in the Future of Systems Engineering

Recent (only) Papers/Panels/Tutorials
- 2015 Panelist: NSA IAS conference, panel session on security architecture with INCOSE WG Rep
- IS15 Panelist: Have We SEed our Infrastructure for Cyber-Terrorism
- IS15 Panel: SE Systems-Security Responsibility: How is this Accepted?
- IS15 Paper: Adaptive Knowledge Encoding for Agile Cybersecurity Operations
- IS15 Paper: Guidance for WG SEBoK Maintenance: With Security WG Example
- IS16 Paper: On System Dynamics Modeling of Human-Intensive Workflow Improvement – Case Study in Cybersecurity Adaptive Knowledge Encoding
- IS17 Tutorial: Systems Security Engineering - Concepts and Overview
- IS17 Paper: Systems Security Engineering - What Every SE Needs to Know
- IS17 Paper: A Systematic Approach to Influencing System Security Standards
- IS19 Tutorial: Introduction to Systems Security Engineering
- IS20 Tutorial: Systems Security Engineering: A Loss-Driven Focus
- IS20 Paper: Architecting the Future of System Security
- IS20 Paper; Contextually Aware Agile Security in the Future of Systems Engineering
- IS20 Paper: Social Contracts for Security Orchestration in the Future of Systems Engineering
- IS21 Paper: Security in the Future of Systems Engineering (FuSE) - a Roadmap of Foundation Concepts
- IS21 Paper: Security as a Functional Requirement in the Future of Systems Engineering
- IS22 Tutorial: Systems Security Engineering: A Loss-Driven Focus
- IS22 Panel: Transdisciplinary Perspectives on Systems Engineering in and for Contested Cyber Environments
- IS23 Tutorial: Engineering Assured Trustworthy Secure Systems
- IS23 Paper: Democratizing Systems Security
- IS23 Paper: Cyber Security at the Enterprise Level
- IS23 Roundtable: How Security Joins Performance & Safety as Foundational Systems Design Perspective
- IS24 Tutorial: Security as a Foundational Perspective in Systems Engineering
- IS24 Paper: A Model for Cybersecurity Education through Challenge Events
- IS24 Paper: Building a Scientific Foundation for Security: Multilayer Network Model Insights for System Security Engineering
- IS24 Paper: Enabling FuSE Security Objectives through Cyber Survivability Methods
- IS24 Paper: Long Term Trends in Security Threats and an Approach for Integrating Them into System Architecture and Design
- IS24 Paper: Modeling Cybersecurity Operations to Improve Resilience

Collaborations
- CAB Security Priority
- FuSE Security Topic
- NDIA Systems Engineering Division, Systems Security Engineering Working Group
- NDIA Cyber Division
- INCOSE Resilient Systems Working Group
- INCOSE Critical Infrastructure Protection & Recovery Working Group
- INCOSE Product Line Engineering Working Group
- INCOSE Requirements Working Group

2024: Mid-Year Workshop Focus

25-July -- -- A 2-hour virtual (Zoom) general meeting 3:00-5:00pm will occur on Thursday 25-Jul: Intro to the working group, a review of current project status, proposed new projects, mini-workshop, and general discussion.

Planned Activities

Investigate and advance the understandings of FuSE Security Roadmap concepts.
Develop/refine Handbook v5 system security engineering material.
Develop material for Systems Security Engineering Body of Knowledge handbook

Planned Work Products

Papers and presentations that advance and socialize the FuSE Security Roadmap concepts
SE Handbook v5 system security engineering section
SSE Handbook Body of Knowledge

Find out more by visiting the Working Group Yammer community today!

Yammer is INCOSE's social media platform for members. Use your INCOSE-issued Microsoft credential to login and join the conversation. INCOSE credentials are in the form of [email protected] or [email protected].