发布求助
文献互助 智能选刊 最新文献

Insight最新文献

筛选
英文 中文
Governance and Resilience: A Holistic Approach to Systems Security in Complex and Chaotic Environments 治理和弹性:复杂和混乱环境中系统安全的整体方法
IF 1 4区 工程技术
Insight Pub Date : 2025-07-07 DOI: 10.1002/inst.12541
Sue Caskey, Adam Williams
{"title":"Governance and Resilience: A Holistic Approach to Systems Security in Complex and Chaotic Environments","authors":"Sue Caskey,&nbsp;Adam Williams","doi":"10.1002/inst.12541","DOIUrl":"https://doi.org/10.1002/inst.12541","url":null,"abstract":"<div>\u0000 \u0000 <p>A systems governance approach emphasizes a holistic perspective that identifies and navigates the interdependencies and conflicts between security and operational needs. Governance is defined as a collection of metasystems that provide the necessary constraints and processes to support, steer, adapt, transform, and sustain a system (Keating et al. 2022). Utilizing the Cynefin framework, which distinguishes between simple, complicated, complex, and chaotic environments (Snowden and Boone 2007), the article highlights the challenges faced by nuclear power plants in predatory contexts and the importance of integrating security objectives into governance frameworks.</p>\u0000 <p>By incorporating security as a fundamental aspect of governance, the article underscores its significance for persistence, adaptation, and transformation in the face of uncertainty. Additionally, it introduces key heuristics of systems security, such as the importance of context, knowledge-based decision-making, and organization-specific sociological factors (Williams and Caskey 2024). Ultimately, this work provides valuable insights into enhancing resilient operations in complex environments by reinforcing the connection between effective governance and security in systems engineering.</p>\u0000 </div>","PeriodicalId":13956,"journal":{"name":"Insight","volume":"28 3","pages":"29-34"},"PeriodicalIF":1.0,"publicationDate":"2025-07-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144573345","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Attitudes 的态度
IF 1 4区 工程技术
Insight Pub Date : 2025-07-07 DOI: 10.1002/inst.12537
Rick Dove
{"title":"Attitudes","authors":"Rick Dove","doi":"10.1002/inst.12537","DOIUrl":"https://doi.org/10.1002/inst.12537","url":null,"abstract":"<div>\u0000 \u0000 <p>Digital controls and internet connectivity have fostered a hostile predatory environment for modern systems. Organized crime and nation state interests are naturally compelled to exploit these readily accessible opportunities for financial and political advantages. Systems engineering is being called upon to reorient its priorities accordingly. INCOSE's Future of Systems Engineering (FuSE) to realize the Systems Engineering Vision 2035 has a security-focused activity exploring what this reorientation might be. This article shares some of that thinking, exposes some issues in need of more thinking, and suggests why and how all systems engineers could and should be part of this thinking.</p>\u0000 </div>","PeriodicalId":13956,"journal":{"name":"Insight","volume":"28 3","pages":"8-10"},"PeriodicalIF":1.0,"publicationDate":"2025-07-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144573348","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Using Systems Thinking to Advance Security in the Future of Systems Engineering (FuSE), a Progress Report 使用系统思维在系统工程(FuSE)的未来推进安全,一份进展报告
IF 1 4区 工程技术
Insight Pub Date : 2025-07-07 DOI: 10.1002/inst.12538
Systems Security Working Group
{"title":"Using Systems Thinking to Advance Security in the Future of Systems Engineering (FuSE), a Progress Report","authors":"Systems Security Working Group","doi":"10.1002/inst.12538","DOIUrl":"https://doi.org/10.1002/inst.12538","url":null,"abstract":"<div>\u0000 \u0000 <p>The Security in the Future of Systems Engineering (FuSE) team has made significant progress since its launch to realize the INCOSE vision described in <i>Systems Engineering Vision 2035</i> (INCOSE 2021). The output products to date promote improved systems engineering practices to achieve security as a foundational perspective. The systems thinkers on this team have performed holistic analysis of current practices to expose existing anti-patterns and mental models that informed the transformation to future practices that can yield desired results and achieve the 2035 vision. Needs-oriented, loss-driven, capability-based analysis to define security strategies that become functional requirements promotes stakeholder alignment of the security vision and leads to effective security tactics and techniques that collectively achieve the security strategies. The result is a system that achieves functional perseverance in a hostile predatory environment. The work products completed so far and those in progress reflect our efforts to transition practices to a future where our systems are designed to achieve and sustain security as an intentional capability of the system throughout its lifecycle.</p>\u0000 </div>","PeriodicalId":13956,"journal":{"name":"Insight","volume":"28 3","pages":"11-14"},"PeriodicalIF":1.0,"publicationDate":"2025-07-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144573342","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
When Malicious Actors Control Your Subsystems: A Systems Engineering Approach to Functional Perseverance 当恶意行为者控制你的子系统:一种功能坚持的系统工程方法
IF 1 4区 工程技术
Insight Pub Date : 2025-07-07 DOI: 10.1002/inst.12545
David Hetherington, Ivan Taylor
{"title":"When Malicious Actors Control Your Subsystems: A Systems Engineering Approach to Functional Perseverance","authors":"David Hetherington,&nbsp;Ivan Taylor","doi":"10.1002/inst.12545","DOIUrl":"https://doi.org/10.1002/inst.12545","url":null,"abstract":"<div>\u0000 \u0000 <p>Security in modern engineered systems is not merely an added layer of protection but a prerequisite for system functionality. As systems engineers navigate the evolving security landscape, they must prioritize functional perseverance, the ability of a system to maintain operational integrity despite adversarial threats. This article examines a possible method for using system-theoretic process analysis (STPA) and system dynamics (SD) to enhance security-aware system engineering.</p>\u0000 <p>The approach shown is inspired by a 1982 paper called “The Byzantine Generals Problem” and is a peer-to-peer voting design that avoids single points of failure. In particular, we propose a system analysis and design approach that would allow the construction of a system capable of using peer-to-peer self-policing to detect an intruder that has already penetrated the security perimeter of the system and corrupted one or more of the subsystems. This article shows how STPA could inform the design of the peer-to-peer voting system and how SD could be used to examine the tradeoff of investments in redundancy versus the expected level of achieved resilience.</p>\u0000 </div>","PeriodicalId":13956,"journal":{"name":"Insight","volume":"28 3","pages":"53-60"},"PeriodicalIF":1.0,"publicationDate":"2025-07-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144573340","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
How Security Needs Systems Engineering 安全如何需要系统工程
IF 1 4区 工程技术
Insight Pub Date : 2025-07-07 DOI: 10.1002/inst.12543
Mark W. Winstead
{"title":"How Security Needs Systems Engineering","authors":"Mark W. Winstead","doi":"10.1002/inst.12543","DOIUrl":"https://doi.org/10.1002/inst.12543","url":null,"abstract":"<div>\u0000 \u0000 <p>Peter Neumann once noted that complex systems are not like snapping Lego pieces together, rather each piece added can transmogrify its modular interface and upset the existing structure. The effect for security can be a system weaker than its weakest link – moreover, addressing a security concern can disrupt achieving other emergent properties (e.g., safety). The article addresses these challenges by casting security as a system problem, where the security engineering must not be done stove piped from system engineering. The discussion within also addresses the role of systems thinking and the need for evidence-based assurance overseen by systems engineering.</p>\u0000 </div>","PeriodicalId":13956,"journal":{"name":"Insight","volume":"28 3","pages":"44-47"},"PeriodicalIF":1.0,"publicationDate":"2025-07-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144573347","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
AI for System Security Design: A Good Tool or a Dangerous Weapon? AI系统安全设计:好工具还是危险武器?
IF 1 4区 工程技术
Insight Pub Date : 2025-07-07 DOI: 10.1002/inst.12546
Beth Wilson
{"title":"AI for System Security Design: A Good Tool or a Dangerous Weapon?","authors":"Beth Wilson","doi":"10.1002/inst.12546","DOIUrl":"https://doi.org/10.1002/inst.12546","url":null,"abstract":"<div>\u0000 \u0000 <p>As artificial intelligence (AI) tools have become more popular, industries wrestle with their effective use in the workplace. With promises of increasing efficiency and reducing complexity, it is tempting for systems engineers to use AI tools to quickly generate security requirements and skip engagement with systems security practitioners. The proliferation of AI tools that have been trained with security controls invites misguided approaches that deliver systems that are not secure in the operational environment. AI literacy is important to understand both the benefits and the limitations of AI to use it ethically and effectively.</p>\u0000 </div>","PeriodicalId":13956,"journal":{"name":"Insight","volume":"28 3","pages":"61-65"},"PeriodicalIF":1.0,"publicationDate":"2025-07-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144573341","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Protecting Mission Critical Systems The Need for a Shift in Culture, Strategy, and Process 保护关键任务系统:文化、战略和流程转变的必要性
IF 1 4区 工程技术
Insight Pub Date : 2025-07-07 DOI: 10.1002/inst.12539
Ron Ross, Kymie Tan
{"title":"Protecting Mission Critical Systems The Need for a Shift in Culture, Strategy, and Process","authors":"Ron Ross,&nbsp;Kymie Tan","doi":"10.1002/inst.12539","DOIUrl":"https://doi.org/10.1002/inst.12539","url":null,"abstract":"<div>\u0000 \u0000 <p>In contrast to the traditional compliance-based approach to protecting space systems using the NIST Risk Management Framework (RMF), a trustworthy secure systems engineering approach as described in the NIST Special Publication 800-160 is proposed as a viable and effective alternative. This paper discusses the issues and concerns with the traditional approach to cybersecurity and how engineering-based approaches measurably improve security, allowing a greater return on investment for mission critical operational environments like those that support space missions. The paper will show that there are several facets to the cybersecurity problem that go beyond the technical to include culture, process, and policy, and explain why a change in strategy and approach is necessary to address the modern sophisticated cyber adversary operating in a world of highly complex and evolving systems. Insights from a project where a NIST SP 800-160-based engineering approach was applied to secure a space mission will be discussed. The early lessons not only illuminate the benefits of security systems engineering, but also the effect of culture, policy and process on building resilience into mission critical systems.</p>\u0000 </div>","PeriodicalId":13956,"journal":{"name":"Insight","volume":"28 3","pages":"15-22"},"PeriodicalIF":1.0,"publicationDate":"2025-07-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144573343","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Guide to Security Needs and Requirements – Making Security a Functional Requirement 保安需要和要求指南-使保安成为功能要求
IF 1 4区 工程技术
Insight Pub Date : 2025-07-07 DOI: 10.1002/inst.12540
Beth Wilson
{"title":"Guide to Security Needs and Requirements – Making Security a Functional Requirement","authors":"Beth Wilson","doi":"10.1002/inst.12540","DOIUrl":"https://doi.org/10.1002/inst.12540","url":null,"abstract":"<div>\u0000 \u0000 <p>The INCOSE Systems Security Working Group completed a 2-year project to create a Guide to Security Needs and Requirements targeting both the systems engineering practitioner and the systems security practitioner to help them collaboratively define security needs and requirements that result in a secure system in operation. Starting with a set of anti-patterns for security requirements, we identified existing tactics that have not produced secure systems in the operational environment. The team then identified an approach to perform needs-oriented, loss-driven, capability-based analysis across the systems engineering activities. The result is a set of need statements capturing the stakeholder expectations concerning security and a set of functional requirements defining what the system must do to address those needs. Defining security as a functional requirement helps us design a system that can prepare for, defend against, and recover from adversity to achieve and sustain mission success.</p>\u0000 </div>","PeriodicalId":13956,"journal":{"name":"Insight","volume":"28 3","pages":"23-28"},"PeriodicalIF":1.0,"publicationDate":"2025-07-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144573344","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Illuminating Systems Security Through Case Studies – Much More than Controls 通过案例研究照亮系统安全-远远超过控制
IF 1 4区 工程技术
Insight Pub Date : 2025-07-07 DOI: 10.1002/inst.12544
Beth Wilson
{"title":"Illuminating Systems Security Through Case Studies – Much More than Controls","authors":"Beth Wilson","doi":"10.1002/inst.12544","DOIUrl":"https://doi.org/10.1002/inst.12544","url":null,"abstract":"<div>\u0000 \u0000 <p>While systems security is a quality attribute (previously referred to as specialty engineering), learning systems security is essential for all systems engineers. Learning about system security can be a challenge especially when the focus is on security controls or admiring attack vectors. Case studies are a powerful way to see the real-world application of complex concepts. Reviewing cyber-attack case studies provides a captivating approach to examine security challenges and failures holistically using systems thinking, consider the technical concerns, business decisions, and human behaviors that made the attack possible, and explore systems security concepts from a systems engineering perspective.</p>\u0000 </div>","PeriodicalId":13956,"journal":{"name":"Insight","volume":"28 3","pages":"48-52"},"PeriodicalIF":1.0,"publicationDate":"2025-07-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144573754","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
FROM THE EDITOR-IN-CHIEF 来自总编辑
IF 1 4区 工程技术
Insight Pub Date : 2025-07-07 DOI: 10.1002/inst.12536
William Miller
{"title":"FROM THE EDITOR-IN-CHIEF","authors":"William Miller","doi":"10.1002/inst.12536","DOIUrl":"https://doi.org/10.1002/inst.12536","url":null,"abstract":"","PeriodicalId":13956,"journal":{"name":"Insight","volume":"28 3","pages":"6-7"},"PeriodicalIF":1.0,"publicationDate":"2025-07-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144573517","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信