A security engineering process for systems of systems using security patterns

Jose Fran. Ruiz, Carsten Rudolph, Antonio Mana, Marcos Arjona

Research output: Chapter in Book/Report/Conference proceedingConference PaperResearch

5 Citations (Scopus)

Abstract

The creation of secure systems of systems is a complex process. A large variety of security expertise and knowledge specific for application domains is required. This is even more important if systems of systems span different application domains. Then, security threats specific to different application-domains need to be considered. One example is integrated systems for industrial production processes that interface office domains with supply chain management systems as well as a production environment. Such integrated systems of systems can perform very efficient and economic processes. However, due to the many and different domain-specific security requirements and threats security engineering needs to support requirements specification and architecture design very early in the development process in order to ensure resilience and safety of the complete system. Working with different domains implies that properties and its functionalities are specific and the engineering process used for modeling and designing the complete system has to be able to work in this context, covering all the possibilities and allowing the use of trusted solutions that are compatible with the ones of different domains. We present in this paper a security engineering process for creating secure systems of systems that cover the necessities presented above by using a series of security artifacts that contain the domain-specific security information (in terms of security properties) and provide security solutions in the form of security patterns. These patterns contain the definition of the software/hardware elements used for providing the required solution and the information of related patterns for different domains, which provides a very helpful functionality for creating a system of systems.
Original languageEnglish
Title of host publicationProceedings - 8th Annual IEEE International Systems Conference, SysCon 2014
Subtitle of host publicationMarch 31 - April 3, 2014 Ottawa, ON, Canada
EditorsSidney Givigi, Alain Beaulieu
Place of PublicationPiscataway NJ USA
PublisherIEEE, Institute of Electrical and Electronics Engineers
Pages8-11
Number of pages4
ISBN (Print)9781479920877
DOIs
Publication statusPublished - 2014
Externally publishedYes
EventIEEE Systems Conference - Ottawa, Canada
Duration: 1 Jan 2014 → …

Conference

ConferenceIEEE Systems Conference
CountryCanada
CityOttawa
Period1/01/14 → …

Cite this