NIST announces the release of Special Publication 800-160, Systems Security Engineering: Considerations for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems.
Engineering-based approaches to solutions are essential to managing the growing complexity and interconnectedness of today’s systems—as exemplified by cyber-physical systems, systems-of-systems, and the Internet of Things. Managing the complexity of today’s systems and being able to claim that those systems are trustworthy and secure means that first and foremost, there must be a level of confidence in the feasibility and correctness of the concept, philosophy, and design, regarding the ability of a system to function securely as intended. Failure to address the complexity issue in this manner will continue to leave the Nation susceptible to the consequences of an increasingly pervasive set of disruptions, hazards, and threats with potential for causing serious, severe, or even catastrophic consequences. NIST Special Publication 800-160 attempts to bring greater clarity to the difficult and challenging problems associated with a systems-oriented viewpoint on realizing trustworthy secure systems—and does so through the considerations set forth in a set of standards-based systems engineering processes applied throughout the system life cycle.