Assessing Security Risk and Requirements for Systems of Systems

A System of Systems (SoS) is a term used to describe independent systems converging for a purpose that could only be carried out through this interdependent collaboration. Many examples of SoSs exist, but the term has become a source of confusion across domains. Moreover, there are few illustrative SoS examples demonstrating their initial classification and structure. While there are many approaches for engineering of systems, less exist for SoS engineering. More specifically, there is a research gap towards approaches addressing SoS security risk assessment for engineering and operational needs, with a need for tool-support to assist modelling and visualising security risk and requirements in an interconnected SoS. From this, security requirements can provide a systematic means to identify constraints and related risks of the SoS, mitigated by human-user and system requirements. This work investigates specific challenges and current approaches for SoS security and risk, and aims to identify the alignment of SoS factors and concepts suitable for eliciting, analysing, validating risks with use of a tool-support for assessing security risk in the SoS context

Assessing System of Systems Security Risk and Requirements with OASoSIS

When independent systems come together as a System of Systems (SoS) to achieve a new purpose, dealing with requirements conflicts across systems becomes a challenge. Moreover, assessing and modelling security risk for independent systems and the SoS as a whole is challenged by a gap in related research and approaches within the SoSs domain. In this paper, we present an approach for bridging SoS and Requirements Engineering by identifying aligning SoSs concepts to assess and model security risk and requirements. We introduce our OASoSIS approach modifying OCTAVE Allegro for SoSs using CAIRIS (Computer Aided Integration of Requirements and Information Security) with a medical evacuation (MEDEVAC) SoS exemplar for Security Requirements Engineering tool-support. Index Terms—System of Systems, Security, Risk, Human Factors, Requirements Engineering, CAIRIS

Assessing system of systems information security risk with OASoSIS.

The term System of Systems (SoS) is used to describe the coming together of independent systems, collaborating to achieve a new or higher purpose. However, the SoS concept is often misunderstood within operational environments, providing challenges towards the secure design and operation of SoSs. Limitations in existing literature indicates a need for discovery towards identifying a combination of concepts, models, and techniques suitable for assessing SoS security risk and related human factor concerns for SoS Requirements Engineering. In this article, we present OASoSIS, representing an information security risk assessment and modelling process to assist risk-based decision making in SoS Requirements Engineering. A characterisation process is introduced to capture the SoS context, supporting a SoS security risk assessment process that extends OCTAVE Allegro towards a SoS context. Resulting risk data provides a focused means to assess and model the SoS information security risk and related human factors, integrating tool-support using CAIRIS. A medical evacuation SoS case study scenario was used to test, illustrate, and validate the alignment of concepts, models, and techniques for assessing SoS information security risks with OASoSIS, where findings provide a positive basis for future work

A Risk-Based Optimization Framework for Security Systems Upgrades at Airports

Airports are fast-growing dynamic infrastructure assets. For example, the Canadian airport industry is growing by 5% annually and generates about $8 billion yearly. Since the 9/11 tragedy, airport security has been of paramount importance both in Canada and worldwide. Consequently, in 2002, in the wake of the attacks, the International Civil Aviation Organization (ICAO) put into force revised aviation security standards and recommended practices, and began a Universal Security Audit Program (USAP), in order to insure the worldwide safeguarding of civil aviation in general, and of airports in particular, against unlawful interference. To improve aviation security at both the national level and for individual airport, airport authorities in North America have initiated extensive programs to help quantify, detect, deter, and mitigate security risk. At the research level, a number of studies have examined scenarios involving threats to airports, the factors that contribute to airport vulnerability, and decision support systems for security management. However, more work is still required in the area of developing decision support tools that can assist airport officials in meeting the challenges associated with decision about upgrades; determining the status of their security systems and efficiently allocating financial resources to improve them to the level required. To help airport authorities make cost-effective decisions about airport security upgrades, this research has developed a risk-based optimization framework. The framework assists airport officials in quantitatively assessing the status of threats to their airports, the vulnerability to their security systems, and the consequences of security breaches. A key element of this framework is a new quantitative security metric ; the aim of which is to assist airport authorities self-assess the condition of their security systems, and to produce security risk indices that decision makers can use as prioritizing criteria and constraints when meeting decisions about security upgrades. These indices have been utilized to formulate an automated decision support system for upgrading security systems in airports. Because they represent one of the most important security systems in an airport, the research focuses on passenger and cabin baggage screening systems. Based on an analysis of the related threats, vulnerabilities and consequences throughout the flow of passengers, cabin baggage, and checked-in luggage, the proposed framework incorporates an optimization model for determining the most cost-effective countermeasures that can minimize security risks. For this purpose, the framework first calculates the level of possible improvement in security using a new risk metric. Among the important features of the framework is the fact that it allows airport officials to perform multiple “what-if” scenarios, to consider the limitations of security upgrade budgets, and to incorporate airport-specific requirements. Based on the received positive feedback from two actual airports, the framework can be extended to include other facets of security in airports, and to form a comprehensive asset management system for upgrading security at both single and multiple airports. From a broader perspective, this research contributes to the improvement of security in a major transportation sector that has an enormous impact on economic growth and on the welfare of regional, national and international societies

Risk evaluation: A cost-oriented approach

This method provides a structured and cost-oriented way to determine risks associated with loss and destruction of industrial security interests consisting of material assets and human resources. Loss and destruction are assumed to be adversary perpetrated, high-impact events in which the health and safety of people or high-value property is at risk. This concept provides a process for: (1) assessing effectiveness of all integrated protection system, which includes facility operations, safety, emergency and security systems, and (2) a qualitative prioritization scheme to determine the level of consequence relative to cost and subsequent risk. The method allows managers the flexibility to establish asset protection appropriate to programmatic requirements and priorities and to decide if funding is appropriate. The evaluation objectives are to: (1) provide for a systematic, qualitative tabletop process to estimate the potential for an undesirable event and its impact; and (2) identify ineffective protection and cost-effective solutions

Toward a risk-based approach to the assessment of the surety of information systems

Traditional approaches to the assessment of information systems have treated system security, system reliability, data integrity, and application functionality as separate disciplines. However, each areas requirements and solutions have a profound impact on the successful implementation of the other areas. A better approach is to assess the ``surety`` of an information system, which is defined as ensuring the ``correct`` operation of an information system by incorporating appropriate levels of safety, functionality, confidentiality, availability, and integrity. Information surety examines the combined impact of design alternatives on all of these areas. We propose a modelling approach that combines aspects of fault trees and influence diagrams for assessing information surety requirements under a risk assessment framework. This approach allows tradeoffs to be based on quantitative importance measures such as risk reduction while maintaining the modelling flexibility of the influence diagram paradigm. This paper presents an overview of the modelling method and a sample application problem

Enterprise information security policy assessment - an extended framework for metrics development utilising the goal-question-metric approach

Effective enterprise information security policy management requires review and assessment activities to ensure information security policies are aligned with business goals and objectives. As security policy management involves the elements of policy development process and the security policy as output, the context for security policy assessment requires goal-based metrics for these two elements. However, the current security management assessment methods only provide checklist types of assessment that are predefined by industry best practices and do not allow for developing specific goal-based metrics. Utilizing theories drawn from literature, this paper proposes the Enterprise Information Security Policy Assessment approach that expands on the Goal-Question-Metric (GQM) approach. The proposed assessment approach is then applied in a case scenario example to illustrate a practical application. It is shown that the proposed framework addresses the requirement for developing assessment metrics and allows for the concurrent undertaking of process-based and product-based assessment. Recommendations for further research activities include the conduct of empirical research to validate the propositions and the practical application of the proposed assessment approach in case studies to provide opportunities to introduce further enhancements to the approach

Indicators and methods for assessing the quality of logistic activity processes

Purpose: This article is aimed at identifying and evaluating the quality and safety indicators of processes in the logistics system and solving the problems of product control in the goods’ distribution process. Design/Methodology/Approach: In order to assess the risks and quality of control methods in the goods’ distribution processes, studies were carried out in the process of grain supply, on which the risk assessment was tested using the fault tree using a qualitative approach with a deductive logic, which allowed to identify events at the lower levels of the system. To evaluate the results when comparing various methods of monitoring the characteristics of products in the product distribution process certain statistical tools were used. The evaluation with comparative tests is required in order to determine the way of measuring products in the goods distribution logistics system. The study uses the methods of formalization, analysis, measurement, experimental and comparison. Findings: The considered risk assessment method and the given example allow us to recommend its use for the product distribution processes for various purposes. A technique is proposed for comparing various control methods based on statistical tools that can be recommended for various goods’ distribution operations. Practical implications: The results of the study can be applied in practice to improve the quality of goods’ distribution processes and reduce risks in the various supply chains. Originality/value: The main contribution of this study is to shift the emphasis on the assessment of processes in goods’ distribution to the positions of a risk-based approach and the use of various statistical tools in logistics’ activities.peer-reviewe