Date Published: March 2018
Comments Due: May 18, 2018 (public comment period is CLOSED)
Email Questions to: sec-cert@nist.gov
Planning Note (3/22/2018):
Please submit comments to sec-cert@nist.gov using the Comment Template by May 18, 2018.
Author(s)
Ron Ross (NIST), Richard Graubart (MITRE), Deborah Bodeau (MITRE), Rosalie McQuaid (MITRE)
Announcement
This is the initial public draft of NIST's newest guideline that provides a flexible systems engineering-based framework to help organizations address the Advanced Persistent Threat (APT). Draft NIST Special Publication 800-160 Volume 2, Systems Security Engineering: Cyber Resiliency Considerations for the Engineering of Trustworthy Secure Systems, is the first in a series of specialty publications developed to support NIST Special Publication 800-160 Volume 1, the flagship Systems Security Engineering guideline. Volume 2 addresses cyber resiliency considerations for two important, yet distinct communities of interest:
- Organizations conducting new development of IT component products, systems, and services; and
- Organizations with legacy systems (installed base) currently carrying out day-to-day missions and business functions.
The United States continues to have complete dependence on information technology deployed in critical infrastructure systems and applications in both the public and private sectors. From the electric grid to voting systems to “Internet of Things” consumer products, the nation remains highly vulnerable to sophisticated, well-resourced cyber-attacks from hostile nation-state actors, criminal and terrorist groups, and rogue individuals. Certain types of advanced threats have the capability to breach our critical systems, establish a presence within those systems (often undetected), and inflict immediate and long-term damage to the economic and national security interests of the Nation.
For the Nation to survive and flourish in the 21st century where hostile actors in cyberspace are assumed and information technology will continue to dominate every aspect of our lives, we must develop trustworthy, secure IT components, services, and systems that are cyber resilient. Cyber resilient systems are those systems that have required security safeguards “built in” as a foundational part of the system architecture and design; and moreover, display a high level of resiliency which means the systems can withstand an attack, and continue to operate even in a degraded or debilitated state --carrying out mission-essential functions.
Both communities (the systems engineers and enterprise security and risk management professionals) can apply the guidance and cyber resiliency considerations to help ensure that the component products, systems, and services that they need, plan to provide, or have already deployed, can survive when confronted by the APT. The guidance can also be used to guide and inform any investment decisions regarding cyber resiliency.
This publication is intended to be used in conjunction with NIST Special Publication 800-160 Volume 1, Systems Security Engineering: Considerations for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems. It can be viewed as a handbook for achieving the identified cyber resiliency outcomes of a systems engineering perspective on system life cycle processes, leaving it to the experience and expertise of the engineering organization to determine what is correct for its purpose. Organizations can select, adapt, and use some or all of the cyber resiliency constructs (goals, objectives, techniques, approaches, and design principles) described in this publication and apply them to the technical, operational, and threat environments for which systems need to be engineered. The system life cycle processes and cyber resiliency constructs can be used for new systems, system upgrades, or systems that are being repurposed; can be employed at any stage of the system life cycle; and can take advantage of any system and/or software development methodology including, for example, waterfall, spiral, or agile. The processes and associated cyber resiliency constructs can also be applied recursively, iteratively, concurrently, sequentially, or in parallel and to any system regardless of its size, complexity, purpose, scope, environment of operation, or special nature. The full extent of the application of the content in this publication is informed by stakeholder capability, cyber resiliency needs, and concerns with attention to considerations of cost, schedule, and performance. The tailorable nature of the engineering activities and tasks and the system life cycle processes ensure that the systems resulting from the application of the security and cyber resiliency design principles have the level of trustworthiness deemed sufficient to protect stakeholders from suffering unacceptable losses of their assets and the associated consequences. Such trustworthiness is made possible by the rigorous application of those security and cyber resiliency design principles, constructs, and concepts within a disciplined and structured set of processes that provides the necessary evidence and transparency to support risk-informed decision making and trades.
This publication is intended to be used in conjunction with NIST Special Publication 800-160 Volume 1, Systems Security Engineering: Considerations for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems. It can be viewed as a handbook for achieving the identified cyber...
See full abstract
This publication is intended to be used in conjunction with NIST Special Publication 800-160 Volume 1,
Systems Security Engineering: Considerations for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems. It can be viewed as a handbook for achieving the identified cyber resiliency outcomes of a systems engineering perspective on system life cycle processes, leaving it to the experience and expertise of the engineering organization to determine what is correct for its purpose. Organizations can select, adapt, and use some or all of the cyber resiliency constructs (goals, objectives, techniques, approaches, and design principles) described in this publication and apply them to the technical, operational, and threat environments for which systems need to be engineered. The system life cycle processes and cyber resiliency constructs can be used for new systems, system upgrades, or systems that are being repurposed; can be employed at any stage of the system life cycle; and can take advantage of any system and/or software development methodology including, for example, waterfall, spiral, or agile. The processes and associated cyber resiliency constructs can also be applied recursively, iteratively, concurrently, sequentially, or in parallel and to any system regardless of its size, complexity, purpose, scope, environment of operation, or special nature. The full extent of the application of the content in this publication is informed by stakeholder capability, cyber resiliency needs, and concerns with attention to considerations of cost, schedule, and performance. The tailorable nature of the engineering activities and tasks and the system life cycle processes ensure that the systems resulting from the application of the security and cyber resiliency design principles have the level of trustworthiness deemed sufficient to protect stakeholders from suffering unacceptable losses of their assets and the associated consequences. Such trustworthiness is made possible by the rigorous application of those security and cyber resiliency design principles, constructs, and concepts within a disciplined and structured set of processes that provides the necessary evidence and transparency to support risk-informed decision making and trades.
Hide full abstract
Keywords
cyber resiliency design principles; cyber resiliency engineering framework; cyber resiliency goals; cyber resiliency objectives; risk management strategy; system life cycle; systems security engineering; trustworthy; controls; cyber resiliency; advanced persistent threat; cyber resiliency approaches
Control Families
None selected