Search
Full Menu and site Navigation
A better world through a systems approach

Systems Security Engineering

Mission & Objectives

This working group’s mission is to provide Systems Engineers and Systems Engineering with effective means and methods for sustainable system functionality under advanced adversarial attack.

This working group believes that system engineering cannot succeed without accepting core responsibility for enabling and facilitating effective system security – partly in system requirements, partly in system trade space recognition, but mainly in system thinking applied to concepts of operations and systems architecture. Sustaining system functionality in the face of intelligent determined attack requires self preservation capabilities that adapt and evolve with equal intelligence, determination, and strength of community. This requires full system awareness and adaptability, and system-of-system relationships. Security engineering alone cannot accomplish this.

It is fitting for INCOSE to tackle Next Generation Security, as the issues are leading edge systems engineering issues: architecture, systems of systems, self organizing systems, security tradeoffs with human factors, systems thinking  – things that are typically high level integrated-system SE issues.

Current system security strategies are inadequate and cannot be fixed by security engineers alone. The reason is evident: attack communities operate as intelligent, multi-agent, self organizing, system-of-systems – with swarm intelligence, tight learning loops, fast evolution, and dedicated intent. With few exceptions, the systems being targeted are alone, senseless and defenseless – relying on outside benevolence for protection, whether this be separate security systems, laws and penalties, or perceived probabilities of being an overlooked target.

This working group's objectives are to instill systems engineering responsibility for sustainable systems functionality in the face of intelligent, determined, and highly competent system adversaries; to facilitate the assimilation and dispatch of that responsibility; and to Instigate self-sustaining cross- community involvement between systems engineers, security engineers, and system security standards..

Participants in this working group’s projects are developing vanguard critical understandings.

Intended Outcomes

  • Fundamental responsibility within systems engineering accepted and integrated.
  • ConOps of actionable next-generation security structures and strategies profiled.
  • Next-generation-enabling security concepts established in the relevant standards bodies.
  • Identification and publication of a relevant body of knowledge appropriate for the Systems Engineering Body of Knowledge (SEBoK).
  • Development and maintenance of appropriate contributions to the INCOSE Systems Engineering Handbook .
  • Socialization of work efforts with papers for INCOSE’s journal of Systems Engineering, papers and tutorials at the International Symposium, INSIGHT theme issues, and educational and tutorial Webinars.
  • Working alliances with other organizations concerned with secure sustainable systems.

Leadership

  • Chair: Rick Dove, Paradigm Shift International, dove@parshift.com
  • Co-Chair: Beth Wilson, Retired Raytheon
  • Co-Chair: Ken Kepchar, Eagleview Associates 
  • Co-Chair: Keith Willett, US DoD

Working Group Products

Webinars
- WG Webinar – Security Are Us, April 2014
- WG Webinar – Lockheed Martin Secure Engineering Assurance Model, June 2014
- WG Webinar – Introduction to the Systems Security Engineering WG, June 2014
- WG Webinar – Natural System Security Patterns, April 2015

Products
- SEBoK maintenance – Systems Security Engineering
- Standards – Participating member of INCITS/CS1, INCOSE Approved TPP
- Standards – Review of NIST SP-800-160, INCOSE-TA-2014-001-01, 28-June-2014
- Standards – Review of NIST SP-800-160, INCOSE-TA-2014-001-02, 29-June-2016
- Standards – Review of NIST SP-800-160, INCOSE-TA-2014-001-03, 21-October-2016
- SE Handbook Section 3.6.4 Case Study, & Section 10.11 Systems Security Engineering – July 2015

Projects
– Next Handbook Revision, POC: Perri Nejib, Dawn Beyer
– SEBoK Systems Security Engineering, POC: Mat French
– SE Requirements Framework for Security, POC: Dawn Beyer, Perri Nejib
– Future of Systems Engineering Security Topic, POC: Rick Dove

INSIGHT Publications
- 2009-Q2, Theme Issue: The Interplay of Architecture, Security & SE
- 2011-Q2, Theme Issue: Systems of Systems & Self Organizing Security
- 2013-Q2, Theme Issue: The Buck Stops Here: SE’s Responsibility for System Security
- 2015-Q2, Article: Needed - Practitioner Attention to Systems Engineering Delivery of Sustainable Value
- 2016-Q2, Theme Issue: Agile Security – Joint project with Agile SE working group
- 2016-Q2, Article: Software and System Integrity Assessment
- 2016-Q2, Article: Cybersecurity & Critical Infrastructure – Are We Missing The Obvious?
 
Recent (only) Papers/Panels/Tutorials
- 2015 Panelist: NSA IAS conference, panel session on security architecture with INCOSE WG Rep
- IS15 Panelist: Have We SEed our Infrastructure for Cyber-Terroris
- IS15 Panel: SE Systems-Security Responsibility: How is this Accepted?
- IS15 Paper: Adaptive Knowledge Encoding for Agile Cybersecurity Operations
- IS15 Paper: Guidance for WG SEBoK Maintenance: With Security WG Example
- IS16 Paper:  On System Dynamics Modeling of Human-Intensive Workflow Improvement – Case Study in Cybersecurity Adaptive Knowledge Encoding
- IS17 Tutorial: Systems Security Engineering - Concepts and Overview
- IS17 Paper: Systems Security Engineering - What Every SE Needs to Know
- IS17 Paper: A Systematic Approach to Influencing System Security Standards

Collaborations
- CAB Security Priority
- FuSE Security Topic
- NDIA Systems Engineering Division, Systems Security Engineering Working Group
 - NDIA Cyber Division
 - INCOSE Resilient Systems Working Group
 - INCOSE Critical Infrastructure Protection & Recovery Working Group

Awards
INCOSE: 2013 Sustained Performance
INCOSE: 2016 Collaboration


Planned Working Sessions at the Next Events

This working group holds workshops every year at the two main INCOSE events: the International Workshop (usually Jan/Feb) and the International Symposium (usually Jun/Jul). All working group members receive schedule and agenda announcements, and all INCOSE members can view the event planning details on the working group web-site. Non-INCOSE members with interest may inquire at the address shown in the Leadership box.

Planned Presentations at the Next Annual

Systems Security Engineering WG General Workshop
Saturday 25-Jan, 10:30-17:00 PST California Time
Room: Salon H -  GlobalMeet: https://incose.pgimeet.com/INCOSE_GMSeven1
Telephone: 1-605-475-5604, Guest Passcode: 402 788 6298

10:30 – Intros, Agenda, News
11:00 – Brief WG Overview – Focus/Charter, and Project Status
11:15 – Update: Loss Driven Systems Engineering
11:30 – FuSE: Contextually Aware Agile-Security in the Future of Systems Engineering
          – FuSE: Techno-Social Contracts for Security Orchestration
          – FuSE:  Toward Architecting the Future of System Security
12:00 – Lunch
13:15 – Update: NDIA/IEEE/INCOSE SSE Symposium March 2020
          – Update: SE Division SSE Committee
          – Update: Joint project with Product Line Engineering WG
          – Update: INSIGHT 2020-Q3 Article Reviews
14:00 – Update: ABET Cyber Security Engineering
14:15 – Update: Standards Work
14:30 – Info: NIST 800-160 New Possibility, New Tutorial Material, Book Collaboration Opportunity
14:45 – Update: INCOSE SSE/SE Roles & Responsibilities Framework and Path Forward to Handbook
15:00 – Break
15:30 – Collaboration Opportunity: Social Systems WG
15:45 – Update: CAB System Security Priority
16:00 – FuSE: Adaptable Systems
16:15 – Project Kickoff – SEBoK Systems Security Engineering
16:30 – Open and Small-Group Discussions Based on Interest with Any of the Above
17:00 – Adjourn or run over with discussion

Systems Security Engineering & PLE WGs, INSIGHT Article Reviews
Monday 27-Jan, 09:00-17:00 PST California Time
Room: Salon H -  GlobalMeet: https://incose.pgimeet.com/INCOSE_GMSeven1
Telephone: 1-605-475-5604, Guest Passcode: 402 788 6298

09:00 – Agenda and Review Rules
09:30 – Security and Product Line Engineering: A Productive Marriage
10:00 Break
10:30 – Cyber Secure and Resilient Techniques for Architecture
11:00 – Engineering a Cyber Resilient Product Line
11:30 – Rule-based Verification of Cyber Resilient Systems using Feature-Based Product Line Engineering
12:00 – Lunch
13:15 – Reconvene, Review Rules
13:30 – Towards a Model-Based Approach to Systems and Cybersecurity Co-Engineering in a Product Line Context
14:00 – Security Issue Detection and Mitigation Patterns for Product Line Resource Variation
14:30 – Effective Systems Security Requirements in Product Line Engineering
15:00 – Break
15:30 – Cyber Security Engineering for Product Line Architectures
16:00 – Leveraging a System Model to Initiate Security Architecture Development for Product Lines
16:30 – Collection of Themes for Overview Article
17:00 – Adjourn