Systems Security Engineering Fact Sheet

The MITRE Corporation

Systems Security Engineering

The MITRE Corporation is using Systems Security Engineering (SSE) to ensure the U.S. Air Force fields and sustains resilient capabilities that provide mission assurance against evolving threats.

SSE uses scientific and engineering principles to deliver assured system-level protection via a single, full-system/full life cycle view of system security.

The Challenge Requirements DMS* Cyber attacks, and our ability to effectively deal with them, impact Cryptography Program our nation’s infrastructure, military Software Protection Assurance capabilities, and commercial and military industry partners. Cyber Anti- HW Supply Chain Risk Tamper technology is thoroughly embed- Assurance Management ded into everything we engineer,

including both business and weap- Sustainment Other Information ons systems. The historical ways Assurance in which we acquire, operate, and *Diminishing Manufacturing Sources sustain our systems must change Typical security engineering approach: “As Is” because, given time, sophisticated and persistent attackers will get in.

Holistic, integrated, program protection

The Solution Systems Security Engineering (SSE) New thinking in the applica- tions of systems engineering is Systems Security Engineering Engineering (SSE) Instructions for required in the face of evolving CPI Identiﬁcation Engineering threats. MITRE is working with Instructions for SSE Integrated our sponsors to address these Technical Process challenges in a holistic manner (SITP) Anti-Tamper that allows the maximum pro- Critical Components tections and assurance for the CS/RMF right cost, and enables informed . . . security risk management Executable across the entire systems life cycle decisions. SSE integrates system-level protection or security into Cybersecurity postures need acquisition systems engineering: “To Be” to evolve from the “as is” typical security engineering tactics—where elements are not well integrated and there is no foundation for resiliency—to the “to be” approach, which enacts a cultural change from compliance to risk-based acceptance. The MITRE Corporation is a not-for-profit organization chartered to work in the public interest. We apply our skills in systems engineering, research and development, and information technology to help the government address issues of critical national importance.

The Results

Systems Security Engineering identifies means to proactively address attempts to deny, dis- rupt, disable, or otherwise interfere with the achievement of mission objectives. It relates the mission view to the identified operational protection capability needs allowing informed trade space analysis to be made.

The key to success is in differentiating system security as the system protection capability that must be purposefully engineered to provide the system property of “being secure” while: • Determining the mission- and system-driven needed protections; • Capturing those protection needs in first-order system requirements; • Integrating system-security architecture design into broader system architecture design activities, trades, and risk treatment decisions; and • Ascertaining system assurance, and translating it to mission assurance in a way that allows planning, operations, and sustainment organizations to “plan resiliency into” the conduct of missions and to positively react with “resiliency in mind” as they execute the mission.

MITRE’s efforts have assisted in increasing our sponsor’s cost-effective application of security, and in reconstituting SSE as an integral aspect of systems engineering. In addition, MITRE has developed a set of SSE engineering instructions to implement these best prac- tices in a holistic manner.

For more information

To learn more about Systems Security Engineering at MITRE, contact Danny Holtzman, Director of Air Force Cyber Integration, 781-271-2086 ([email protected]).

The MITRE Corporation www.mitre.org