TechRxiv
IEEE_Systems_Journal(5).pdf (1.03 MB)

Assessing Cyber-Worthiness of Complex System Capabilities using MBSE: A new rigorous engineering methodology

Download (1.03 MB)
preprint
posted on 06.06.2021, 01:19 by Stuart Fowler, Keith Joiner, Elena Sitnikova
Cyber-worthiness as it is termed in Australian Defence, or cyber-maturity more broadly, is a necessary feature of modern complex systems which are required to operate in a hostile cyber environment. To evaluate the cyber-worthiness of complex systems, an assessment methodology is required to examine a complex system’s or system-of-system’s vulnerability to and risk of cyber-attacks that can compromise such systems. This assessment methodology should address the cyber-attack surface and threat kill chains, including supply chains and supporting infrastructure. A cyber-worthiness capability assessment methodology has been developed based on model-based systems engineering concepts to analyse the cyber-worthiness of complex systems and present a risk assessment of various cyber threats to the complex system. This methodology incorporates modelling and simulation methods that provide organisations greater visibility and consistency across diverse systems, especially to drive cybersecurity controls, investment and operational decisions involving aggregated systems. In this paper, the developed methodology will be presented in detail and hypothesised outcomes will be discussed.

History

Email Address of Submitting Author

k.joiner@adfa.edu.au

ORCID of Submitting Author

0000-0001-6081-3239

Submitting Author's Institution

University of New South Wales

Submitting Author's Country

Australia

Usage metrics

Licence

Exports