Fandom

The IT Law Wiki

Systems security engineering

32,296pages on
this wiki
Add New Page
Talk0 Share

Definition Edit

Systems security engineering is

a specialty engineering field strongly related to systems engineering. It applies scientific, engineering, and information assurance principles to deliver trustworthy systems that satisfy stakeholder requirements within their established risk tolerance.[1]

Overview Edit

Systems security engineering focuses on the protection of stakeholder and system assets so as to exercise control over asset loss and the associated consequences. Such protection is achieved by carrying out the specific activities and tasks in the system life cycle processes with the objective of eliminating or reducing vulnerabilities and minimizing or constraining the impact of exploiting or triggering those vulnerabilities. The ability to minimize or constrain impact includes continued delivery of partial or full secure system function at some level of acceptable performance. This approach helps to reduce the susceptibility of systems to a variety of simple, complex, and hybrid threats including physical and cyber-attacks; structural failures; natural disasters; and errors of omission and commission. This reduction is accomplished by fundamentally understanding stakeholder protection needs and subsequently employing sound security design principles and concepts throughout the system life cycle processes. These life cycle processes, if properly carried out (to include the identified systems security engineering activities and tasks), result in systems that are adequately secure relative to the asset loss consequences and associated risk based on measurable assurance and trustworthiness in the systems security performance and effectiveness.

To accomplish the security objectives described above, systems security engineering, as a specialty discipline of systems engineering, provides several distinct perspectives and focus areas which set it apart from other engineering disciplines. These include the engineering of security functions; addressing the security aspects associated with the engineering of non-security functions; and protecting the intellectual property and otherwise sensitive data, information, technologies, and methods utilized as part of the systems engineering effort.

References Edit

  1. NIST Special Publication 800-160, at B-15.

Source Edit

Ad blocker interference detected!


Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.

Also on Fandom

Random Wiki