An Architectural Systems Engineering

Methodology for Addressing Cyber Security

Jennifer L. Bayuk1 and Barry M. Horowitz2, *

更多

1Stevens Institute of Technology, Hoboken, NJ 07030

2University of Virginia, Charlottesville, VA 22901

ARCHITECTURAL SE METHODOLOGY FOR ADDRESSING CYBER SECURITY

Received 20 May 2010; Revised 15 September 2010; Accepted 29 October 2010, after one or more revisions

Published online 16 February 2011 in Wiley Online Library (wileyonlinelibrary.com).

DOI 10.1002/sys.20182

ABSTRACT

This paper discusses important shortcomings of current approaches to systems security engineering. The

value and limitations of perimeter security designs are examined. An architectural approach to systems

security engineering is introduced as a complementary means for strengthening current approaches.

Accordingly, this paper outlines a methodology to identify classes of new reusable system security

solutions and an architectural framework based on reuse of the patterns of solutions. It also introduces a

new methodology for security metrics intended to stimulate critical solution design tradeoff analyses as

part of security design reuse considerations. Examples of problems, potential architectural solutions, and

corresponding security metrics are provided. © 2011 Wiley Periodicals, Inc. Syst Eng 14: 294–304, 2011

Key words: cybersecurity; security architecture; security metrics; systems security

收起