This working group’s mission is
to provide Systems Engineers and Systems Engineering with effective means and methods for sustainable system functionality under advanced adversarial attack.
This working group believes that system engineering cannot succeed without accepting core responsibility for enabling and facilitating effective system security – partly in system requirements, partly in system trade space recognition, but mainly in system thinking applied to concepts of operations and systems architecture. Sustaining system functionality in the face of intelligent determined attack requires self preservation capabilities that adapt and evolve with equal intelligence, determination, and strength of community. This requires full system awareness and adaptability, and system-of-system relationships. Security engineering alone cannot accomplish this.
It is fitting for INCOSE to tackle Next Generation Security, as the issues are leading edge systems engineering issues: architecture, systems of systems, self organizing systems, security tradeoffs with human factors, systems thinking – things that are typically high level integrated-system SE issues.
Current system security strategies are inadequate and cannot be fixed by security engineers alone. The reason is evident: attack communities operate as intelligent, multi-agent, self organizing, system-of-systems – with swarm intelligence, tight learning loops, fast evolution, and dedicated intent. With few exceptions, the systems being targeted are alone, senseless and defenseless – relying on outside benevolence for protection, whether this be separate security systems, laws and penalties, or perceived probabilities of being an overlooked target.
This working group's objectives are to instill systems engineering responsibility for sustainable systems functionality in the face of intelligent, determined, and highly competent system adversaries; to facilitate the assimilation and dispatch of that responsibility; and to Instigate self-sustaining cross- community involvement between systems engineers, security engineers, and system security standards..
Participants in this working group’s projects are developing vanguard critical understandings.
- Fundamental responsibility within systems engineering accepted and integrated.
- ConOps of actionable next-generation security structures and strategies profiled.
- Next-generation-enabling security concepts established in the relevant standards bodies.
- Identification and publication of a relevant body of knowledge appropriate for the Systems Engineering Body of Knowledge (SEBoK).
- Development and maintenance of appropriate contributions to the INCOSE Systems Engineering Handbook .
- Socialization of work efforts with papers for INCOSE’s journal of Systems Engineering, papers and tutorials at the International Symposium, INSIGHT theme issues, and educational and tutorial Webinars.
- Working alliances with other organizations concerned with secure sustainable systems.
- WG Webinar – Security Are Us, April 2014
- WG Webinar – Lockheed Martin Secure Engineering Assurance Model, June 2014
- WG Webinar – Introduction to the Systems Security Engineering WG, June 2014
- WG Webinar – Natural System Security Patterns, April 2015
- SEBoK maintenance – Systems Security Engineering
- Standards – Participating member of INCITS/CS1, INCOSE Approved TPP
- Standards – Review of NIST SP-800-160, INCOSE-TA-2014-001-01, 28-June-2014
- Standards – Review of NIST SP-800-160, INCOSE-TA-2014-001-02, 29-June-2016
- Standards – Review of NIST SP-800-160, INCOSE-TA-2014-001-03, 21-October-2016
- SE Handbook Section 3.6.4 Case Study, & Section 10.11 Systems Security Engineering – July 2015
- 2009-Q2, Theme Issue: The Interplay of Architecture, Security & SE
- 2011-Q2, Theme Issue: Systems of Systems & Self Organizing Security
- 2013-Q2, Theme Issue: The Buck Stops Here: SE’s Responsibility for System Security
- 2015-Q2, Article: Needed - Practitioner Attention to Systems Engineering Delivery of Sustainable Value
- 2016-Q2, Theme Issue: Agile Security – Joint project with Agile SE working group
- 2016-Q2, Article: Software and System Integrity Assessment (Jack Ring)
- 2016-Q2, Article: Cybersecurity & Critical Infrastructure – Are We Missing The Obvious? (Ken Kepchar)
Recent (only) Papers/Panels/Tutorials
- 2015 Panelist: NSA IAS conference, panel session on security architecture with INCOSE WG Rep
- IS15 Panelist: Have We SEed our Infrastructure for Cyber-Terroris
- IS15 Panel: SE Systems-Security Responsibility: How is this Accepted?
- IS15 Paper: Adaptive Knowledge Encoding for Agile Cybersecurity Operations
- IS15 Paper: Guidance for WG SEBoK Maintenance: With Security WG Example
- IS16 Paper: On System Dynamics Modeling of Human-Intensive Workflow Improvement – Case Study in Cybersecurity Adaptive Knowledge Encoding
- IS17 Tutorial: Systems Security Engineering - Concepts and Overview
- IS17 Paper: Systems Security Engineering - What Every SE Needs to Know
- IS17 Paper: A Systematic Approach to Influencing System Security Standards
- NDIA Systems Engineering Division, Systems Security Engineering Working Group
- NDIA Cyber Division
- INCOSE Resilient Systems Working Group
- INCOSE Critical Infrastructure Protection & Recovery Working Group
This working group holds workshops every year at the two main INCOSE events: the International Workshop (usually Jan/Feb) and the International Symposium (usually Jun/Jul). All working group members receive schedule and agenda announcements, and all INCOSE members can view the event planning details on the working group web-site. Non-INCOSE members with interest may inquire at the address shown in the Leadership box.
IS18 Agenda - Systems Security Engineering WG
Thursday 12-Jul, 10:00-12:00 EDT (Washington DC Time)
Room: Latrobe - Globalmeet: https://incose.pgimeet.com/GlobalmeetFour
Telephone: 1-877-860-3058, Passcode: 959 217 0244
10:00 Intros, Agenda, News
10:15 Brief Working Group Overview (Rick Dove)
10:30 Collaboration with PLE WG (Beth Wilson)
10:45 Academic Council Collaboration (Keith Willett)
11:00 IEEE Collaboration (Keith Willett)
11:15 Standards Work Update (Ken Kepchar)
11:30 Open discussion: Projects of interest and appropriate?