Evolutionary Systems Design: Recognizing Changes in Security and Survivability Risks
• Technical Note
Publisher
Software Engineering Institute
CMU/SEI Report Number
CMU/SEI-2006-TN-027DOI (Digital Object Identifier)
10.1184/R1/6573623.v1Topic or Tag
Abstract
A fundamental truth of system design is that, in the absence of countermeasures, a system's security and survivability will degrade over time. Changes in the environment or usage of a system, or changes to the elements that compose the system, often introduce new or elevated threats that the system was not designed to handle and is ill-prepared to defend itself against. The first step in evolving to meet new threats to your system's security and survivability is to recognize the need to modify your system, that is, to recognize changes in security and survivability risks that trigger the need to enter the evolution phase of the system development life cycle.
It is essential that significant risk management resources be devoted to the ongoing evolution of any mission-critical system. The successful evolutionary design of a secure and survivable system is dependent on the continual monitoring of the system and its environment to detect changes that may affect the risk management assumptions on which the system's security and survivability are founded.
Cite This Technical Note
Lipson, H. (2006, September 1). Evolutionary Systems Design: Recognizing Changes in Security and Survivability Risks. (Technical Note CMU/SEI-2006-TN-027). Retrieved December 22, 2024, from https://doi.org/10.1184/R1/6573623.v1.
@techreport{lipson_2006,
author={Lipson, Howard},
title={Evolutionary Systems Design: Recognizing Changes in Security and Survivability Risks},
month={{Sep},
year={{2006},
number={{CMU/SEI-2006-TN-027},
howpublished={Carnegie Mellon University, Software Engineering Institute's Digital Library},
url={https://doi.org/10.1184/R1/6573623.v1},
note={Accessed: 2024-Dec-22}
}
Lipson, Howard. "Evolutionary Systems Design: Recognizing Changes in Security and Survivability Risks." (CMU/SEI-2006-TN-027). Carnegie Mellon University, Software Engineering Institute's Digital Library. Software Engineering Institute, September 1, 2006. https://doi.org/10.1184/R1/6573623.v1.
H. Lipson, "Evolutionary Systems Design: Recognizing Changes in Security and Survivability Risks," Carnegie Mellon University, Software Engineering Institute's Digital Library. Software Engineering Institute, Technical Note CMU/SEI-2006-TN-027, 1-Sep-2006 [Online]. Available: https://doi.org/10.1184/R1/6573623.v1. [Accessed: 22-Dec-2024].
Lipson, Howard. "Evolutionary Systems Design: Recognizing Changes in Security and Survivability Risks." (Technical Note CMU/SEI-2006-TN-027). Carnegie Mellon University, Software Engineering Institute's Digital Library, Software Engineering Institute, 1 Sep. 2006. https://doi.org/10.1184/R1/6573623.v1. Accessed 22 Dec. 2024.
Lipson, Howard. Evolutionary Systems Design: Recognizing Changes in Security and Survivability Risks. CMU/SEI-2006-TN-027. Software Engineering Institute. 2006. https://doi.org/10.1184/R1/6573623.v1