Page 44 - 2025 INCOSE_01-23-2020
P. 44
Cyber Security — Securing the System
FR OM
Systems, personal and national security are increasingly being compromised due to the digitally intercon-
nected nature of our infrastructure. Engineers are hard pressed to keep up with the evolving nature and
increasing sophistication of the threats to our cyber-physical systems. Cyber-security is often dealt with
only as an afterthought or not addressed at all.
TO
Systems engineering routinely incorporates requirements to enhance systems and information security and
resiliency to cyber threats early and is able to verify the cyber defense capabilities over the full system life
cycle, based on an increasing body of strategies, tools and methods. Cyber security is a fundamental system
attribute that systems engineers understand and incorporate into designs using the following strategies:
• Continuous threat and system behavior • Supply-chain diligence
monitoring • Certification and accreditation standards
• Management of access rights and privileges • Formal methods for identification of
• Use of testbeds for assessing new threats in vulnerabilities
fielded systems
C Y BER THREA T S
Addressing security concerns in modern systems and systems of systems requires understanding the boundary of
the system and analyzing what portions of that boundary need to be protected. This protection comes at a price,
often with systems engineering needing to trade performance for security. In context of the air travel system of
systems, physical and cyber security is traded for passenger convenience and cost.
Understanding and characterizing threats, the system boundary, and trades among key performance parameters
and security, is critical for achieving the right balance of security and overall capability.
Ticketing System Access Ground and Traffic Control Arrivals
DEPARTURES
36 • The Future State Copyright 2014 International Council on Systems Engineering
