Technical Report: System Security Engineering

Report Number: Technical Report SERC-2010-TR-005-1

Report Name:  Systems Security Engineering

Publication Date: August 22, 2010


Executive Summary
The US needs dramatic improvements in systems security. Current defensive strategies, based principally on strengthening system peripheries, inspections, and similar bolt-on techniques add tremendously to cost and do not respond effectively to the growing sophistication of attacks. Systems cannot be assumed to have static boundaries, static user communities, or even a static set of services. To a great extent, systems engineers are inadequately prepared to address system security requirements.

The failure of traditional systems engineering methods to address system security issues is due to the fact that these methods rely heavily on requirements gathering and modeling. In the realm of security, requirements gathering has been influenced by the fact that a variety of industries have developed system security standards. These have been presented to systems engineers as complete system security requirements, when in fact they cover only basic technology control measures. In the realm of security, engineering models are based on assumptions that a system is bounded by technology and that off-the-shelf technology control measures can be configured in combination to adequately address most security requirements. This is a false assumption.

However, simply removing these assumptions and challenging the systems engineer to put aside security standards and models and start afresh will not resolve systemic security problems. The existing standards and models came about because security is a difficult problem to address. Current standards and models have been embraced by a generation of practitioners who entered the systems security field over the past forty years because those practitioners found common solutions to diverse security problems and shared them. This work is significant and should be leveraged by integrating it with a fresh look at the mission of the systems engineer with respect to security.

This document establishes a research roadmap for System Security Engineering.