Linked Knowledge Nuggets: arrow_forward "Fo(u)rces of Cybersecurity Engineering"
personAuthor: Timo Karasch,
Florian Schmitt
Cybersecurity Goals, Controls, Requirements and Threats are important forces for cybersecurity engineering. It is nearly impossible to separate them in a timely manner. In fact, they influence each other during definition.
This webinar gives a simple example of the interaction of these four forces and addresses the consistency to existing standards in Cybersecurity (ISO 21434 and Automotive SPICE for Cybersecurity). It shows a possible approach for implementation in your organization.
school
Webinar recording and slides
# PROCESS PURPOSE
The purpose is to derive cybersecurity goals and to ensure traceability between the cybersecurity (Risk = The combination of the probability of occurrence and the consequences of a given future undesirable event.) assessment and the cybersecurity goals.
# PROCESS OUTCOMES
O1
Threats are analyzed and cybersecurity (Risk = The combination of the probability of occurrence and the consequences of a given future undesirable event.) evaluated
O2
Cybersecurity (Risk = The combination of the probability of occurrence and the consequences of a given future undesirable event.) treatment options are determined
O3
Cybersecurity goals are defined for (Risk = The combination of the probability of occurrence and the consequences of a given future undesirable event.) reduction and avoidance
O4
Traceability is established between the cybersecurity goals and the threat scenarios
# BASE PRACTICES
BP1
Analyze threats and evaluate cybersecurity risks. (
O1 )
Analyze threats to determine attack paths that are relevant for the (Project = Endeavor with defined start and finish dates undertaken to create a product or service in accordance with specified resources and requirements.). Evaluate relevant threat scenarios for their impact, severity and likelihood for respective (Project = Endeavor with defined start and finish dates undertaken to create a product or service in accordance with specified resources and requirements.) life cycle phases and stakeholders. Note 1: Analysis may be for relevance to financial, safety, privacy, and operational terms.
For each cybersecurity (Risk = The combination of the probability of occurrence and the consequences of a given future undesirable event.) define the selected treatment option to reduce, avoid, accept or transfer (share) the (Risk = The combination of the probability of occurrence and the consequences of a given future undesirable event.). Note 2: Accepted and transferred (shared) (Risk = The combination of the probability of occurrence and the consequences of a given future undesirable event.) can define cybersecurity claims that may require rationale and justification. Note 3: (Risk = The combination of the probability of occurrence and the consequences of a given future undesirable event.) may be handled individually or as a set of (Risk = The combination of the probability of occurrence and the consequences of a given future undesirable event.).
BP3
Derive and align cybersecurity goals for risk reduction and avoidance. (
O3 )
Derive cybersecurity goals for threat scenarios that were chosen for reduction and avoidance and align possible conflicts with established cybersecurity goals.
BP4
Establish traceability between the cybersecurity goals and the threat scenarios. (
O4 )
Note 4: Traceability supports consistency and facilitates impact analyses.
Linked Knowledge Nuggets: arrow_forward "The true benefit of traceability
"
personAuthor: Process Fellows
Sometimes the creation of traceability is seen as an additional expense, the benefits are not recognized.
Traceability should be set up at the same time as the derived elements are created. Both work products are open in front of us and the creation of the trace often only takes a few moments.
In the aftermath, the effort increases noticeably and the risk of gaps is high.
If the traceability is complete and consistent, the discovery of dependencies is unbeatably fast and reliable compared to searching for dependencies at a later stage, when there may also be time pressure.
It also enables proof of complete coverage of the derived elements and allows the complete consistency check.
# OUTPUT INFORMATION ITEMS
13-51
Consistency Evidence (
O4 )
Demonstrates bidirectional traceability between artifacts or information in artifacts, throughout all phases of the life cycle, by e.g.,
tool links
hyperlinks
editorial references
naming conventions
Evidence that the content of the referenced or mapped information coheres semantically along the traceability chain, e.g., by
performing pair working or group work
performing by peers, e.g., spot checks
maintaining revision histories in documents
providing change commenting (via e.g., meta-information) of database or repository entries
Note: This evidence can be accompanied by e.g., Definition of Done (DoD) approaches.
Used by these processes:
CSGE Cybersecurity Goal Elicitation
SWIV Software Integration and Verification
SYIV System Integration and Verification
17-51
Cybersecurity goals (
O3 )
Describe a property of an asset, that is necessary toprotect cybersecurity
Associated to one or more threat scenarios
Used by these processes:
CSGE Cybersecurity Goal Elicitation
14-51
Cybersecurity scenario register (
O1 )
Identifies:
damage scenarios
ID
title
description
impact category:
safety
financial
operational
privacy
quality
Threat scenarios
ID
asset concerned
security property:
confidentiality
integrity
availability
Attack feasibility (high/medium/low/very low)
Used by these processes:
CSGE Cybersecurity Goal Elicitation
13-20
Risk action request (
O2 )
Date of initiation
Scope
Subject
Request originator
(Risk = The combination of the probability of occurrence and the consequences of a given future undesirable event.) management process context:
this section may be provided once, and then referenced in subsequent action requests if no changes have occurred
process scope
stakeholder perspective
(Risk = The combination of the probability of occurrence and the consequences of a given future undesirable event.) categories
(Risk = The combination of the probability of occurrence and the consequences of a given future undesirable event.) thresholds
(Project = Endeavor with defined start and finish dates undertaken to create a product or service in accordance with specified resources and requirements.) objectives
(Project = Endeavor with defined start and finish dates undertaken to create a product or service in accordance with specified resources and requirements.) assumptions
(Project = Endeavor with defined start and finish dates undertaken to create a product or service in accordance with specified resources and requirements.) constraints
(Risk = The combination of the probability of occurrence and the consequences of a given future undesirable event.):
this section may cover one (Risk = The combination of the probability of occurrence and the consequences of a given future undesirable event.) or many, as the user chooses
where all the information above applies to the whole set of (Risk = The combination of the probability of occurrence and the consequences of a given future undesirable event.), one action request may suffice
where the information varies, each request may cover the (Risk = The combination of the probability of occurrence and the consequences of a given future undesirable event.) or (Risk = The combination of the probability of occurrence and the consequences of a given future undesirable event.) that share common information
(Risk = The combination of the probability of occurrence and the consequences of a given future undesirable event.) description(s)
(Risk = The combination of the probability of occurrence and the consequences of a given future undesirable event.) probability
(Risk = The combination of the probability of occurrence and the consequences of a given future undesirable event.) consequences
expected timing of (Risk = The combination of the probability of occurrence and the consequences of a given future undesirable event.)
(Risk = The combination of the probability of occurrence and the consequences of a given future undesirable event.) treatment alternatives:
treatment option selected- avoid/reduce/transfer
alternative descriptions
recommended alternative(s)
justifications
(Risk = The combination of the probability of occurrence and the consequences of a given future undesirable event.) action request disposition:
each request should be annotated as to whether it is accepted, rejected, or modified, and the rationale provided for whichever decision is taken
Used by these processes:
CSGE Cybersecurity Goal Elicitation
15-08
Risk analysis (
O1, O2 )
Identifies the (Risk = The combination of the probability of occurrence and the consequences of a given future undesirable event.) analyzed
ID
Impact scenario (e.g., damage scenario)
Records the results of the analysis:
potential ways to mitigate the (Risk = The combination of the probability of occurrence and the consequences of a given future undesirable event.)
selected (Risk = The combination of the probability of occurrence and the consequences of a given future undesirable event.) treatment option (e.g., (Risk = The combination of the probability of occurrence and the consequences of a given future undesirable event.) acceptance as cybersecurity claim or (Risk = The combination of the probability of occurrence and the consequences of a given future undesirable event.) reduction)
assumptions made
probability of occurrence (e.g., attack feasibility)
(Risk = The combination of the probability of occurrence and the consequences of a given future undesirable event.) value
constraints
Used by these processes:
CSGE Cybersecurity Goal Elicitation
POPM Potential Project Management
08-55
Risk measure (
O2, O3 )
Identifies
the (Risk = The combination of the probability of occurrence and the consequences of a given future undesirable event.) to be mitigated, avoided, or shared (transferred)
the activities to mitigate, avoid, or share (transfer) the (Risk = The combination of the probability of occurrence and the consequences of a given future undesirable event.)
the originator of the (Measure = An activity to achieve a certain intent.)
criteria for successful implementation
criteria for cancellation of activities
frequency of monitoring
(Risk = The combination of the probability of occurrence and the consequences of a given future undesirable event.) treatment alternatives:
CSGE
Cybersecurity Goal Elicitation
