Systems Security Engineering Working Group

Make security as foundational a perspective in systems design as system performance and safety.

Working Group Purpose & Mission

Mission:

This working group believes that system engineering cannot succeed without accepting core responsibility for enabling and facilitating effective system security - partly in system requirements, partly in system trade space recognition, but mainly in system thinking applied to concepts of operations and systems architecture. Sustaining system functionality in the face of intelligent determined attack requires self preservation capabilities that adapt and evolve with intelligence, proactive innovation, and strength of community equal to the adversary as a minimum. This requires full system awareness and adaptability, and system-ofsystem relationships. Security engineering alone cannot accomplish this.

SecurityFuSE

Analytic Enablers

TechOps Domain

379

Members

2007

Established

Chair

Rick Dove

Co-Chairs

Dawn Beyer

Keith Willett

Beth Wilson

Mark Winstead

Inquiries

systemssecurityengineering@incose.net

Scope

This working group will address and foster system engineering responsibilities, design concepts, processes, enabling-support, and community understanding of the roles that systems engineering must play to enable effective systems security.

Goals

  • Goal: Establish and foster the responsibility for security within Systems Engineering, with effective system security accepted and practiced as a fundamental part of system engineering.
  • Goal: Establish and foster self-sustaining cross-community involvement between systems engineers, security engineers, and system security standards.
  • Goal: Establish and foster systems engineering guidance for enabling effective systems security in the face of evolving system security needs.
  • Goal: Attract an international cadre of engaged participants to broaden the understandings and effectively deal with multinational interests and differences.
  • Customers and Stakeholders include systems engineering educators, systems engineering process and standards developers, defense systems engineering acquisition procedure developers, systems engineering leaders and managers, customers of systems that require effective security, systems engineers, and security engineers.

Outcomes

Webinars
- WG Webinar – Security Are Us, April 2014
- WG Webinar – Lockheed Martin Secure Engineering Assurance Model, June 2014
- WG Webinar – Introduction to the Systems Security Engineering WG, June 2014
- WG Webinar – Natural System Security Patterns, April 2015
- WG Webinar – What is System Security, March 2018

Products
- SEBoK maintenance – Systems Security Engineering
- Standards – Participating member of INCITS/CS1, INCOSE Approved TPP
- Standards – Review of NIST SP-800-160, INCOSE-TA-2014-001-01, 28-June-2014
- Standards – Review of NIST SP-800-160, INCOSE-TA-2014-001-02, 29-June-2016
- Standards – Review of NIST SP-800-160, INCOSE-TA-2014-001-03, 21-October-2016
- Standards – Review of NIST SP-800-160 v1 rev 1, 10-November-2021
- SE Handbook Section 3.6.4 Case Study, & Section 10.11 Systems Security Engineering, July 2015

Projects
– SE Handbook v5 Revision
– SEBoK Systems Security Engineering
– SE Requirements Framework for Security
– Security in the Future of Systems Engineering (FuSE)
– Handbook: Systems Security Engineering Body of Knowledge

INSIGHT Publications
- 2009-Q2, Theme Issue: The Interplay of Architecture, Security & SE
- 2011-Q2, Theme Issue: Systems of Systems & Self Organizing Security
- 2013-Q2, Theme Issue: The Buck Stops Here: SE’s Responsibility for System Security
- 2015-Q2, Article: Needed - Practitioner Attention to Systems Engineering Delivery of Sustainable Value
- 2016-Q2, Theme Issue: Agile Security – Joint project with Agile SE working group
- 2016-Q2, Article: Software and System Integrity Assessment
- 2016-Q2, Article: Cybersecurity & Critical Infrastructure – Are We Missing the Obvious?
- 2020-Q3, Theme Issue: Cyber Secure and Resilient Approaches with Feature-Based Product Line Engineering
- 2022-Q2, Theme Issue: Security in the Future of Systems Engineering
 
Recent (only) Papers/Panels/Tutorials
- 2015 Panelist: NSA IAS conference, panel session on security architecture with INCOSE WG Rep
- IS15 Panelist: Have We SEed our Infrastructure for Cyber-Terrorism
- IS15 Panel: SE Systems-Security Responsibility: How is this Accepted?
- IS15 Paper: Adaptive Knowledge Encoding for Agile Cybersecurity Operations
- IS15 Paper: Guidance for WG SEBoK Maintenance: With Security WG Example
- IS16 Paper:  On System Dynamics Modeling of Human-Intensive Workflow Improvement – Case Study in Cybersecurity Adaptive Knowledge Encoding
- IS17 Tutorial: Systems Security Engineering - Concepts and Overview
- IS17 Paper: Systems Security Engineering - What Every SE Needs to Know
- IS17 Paper: A Systematic Approach to Influencing System Security Standards
- IS19 Tutorial: Introduction to Systems Security Engineering
- IS20 Tutorial: Systems Security Engineering: A Loss-Driven Focus
- IS20 Paper: Architecting the Future of System Security
- IS20 Paper; Contextually Aware Agile Security in the Future of Systems Engineering
- IS20 Paper: Social Contracts for Security Orchestration in the Future of Systems Engineering
- IS21 Paper: Security in the Future of Systems Engineering (FuSE) - a Roadmap of Foundation Concepts
- IS21 Paper: Security as a Functional Requirement in the Future of Systems Engineering
- IS22 Tutorial: Systems Security Engineering: A Loss-Driven Focus
- IS22 Panel: Transdisciplinary Perspectives on Systems Engineering in and for Contested Cyber Environments
- IS23 Tutorial: Engineering Assured Trustworthy Secure Systems
- IS23 Paper: Democratizing Systems Security
- IS23 Paper: Cyber Security at the Enterprise Level 
- IS23 Roundtable: How Security Joins Performance & Safety as Foundational Systems Design Perspective

Collaborations
- CAB Security Priority
- FuSE Security Topic
- NDIA Systems Engineering Division, Systems Security Engineering Working Group
- NDIA Cyber Division
- INCOSE Resilient Systems Working Group
- INCOSE Critical Infrastructure Protection & Recovery Working Group
- INCOSE Product Line Engineering Working Group 
- INCOSE Requirements Working Group

IW24: International Workshop Focus

 

28-Jan -- A 2-hour general meeting will occur on Sunday 28-Jan: Intro to the working group, a review of current project status, proposed new projects, and general discussion.

29-Jan -- A 2-hour workshop will explore
"How might SE enable/facilitate security to be as foundational to system design as performance and safety?"
After briefly setting the context we will collectively explore three questions:
Q1: What is look and feel when practiced?
Q2: What new SE skills will be needed?
Q3: What costs and benefits will be new?

Planned Activities

  • Investigate and advance the understandings of FuSE Security Roadmap concepts.
  • Develop/refine Handbook v5 system security engineering material.
  • Develop material for Systems Security Engineering Body of Knowledge handbook

Planned Work Products

  • Papers and presentations that advance and socialize the FuSE Security Roadmap concepts
  • SE Handbook v5 system security engineering section
  • SSE Handbook Body of Knowledge
Find out more by visiting the Working Group Yammer community today!

 

Yammer is INCOSE's social media platform for members. Use your INCOSE-issued Microsoft credential to login and join the conversation. INCOSE credentials are in the form of first.last@incose.net or first.last@incose.buzz.   

 
Contact Us