“CTRL_S”-一个用于SESAR设计中的安全方法的安全工具

2016 11th International Conference on Availability, Reliability and Security (ARES) Pub Date : 2016-08-01 DOI:10.1109/ARES.2016.106

K. Gotz, M. Hawley, C. Machin, J. Hird

{"title":"“CTRL_S”-一个用于SESAR设计中的安全方法的安全工具","authors":"K. Gotz, M. Hawley, C. Machin, J. Hird","doi":"10.1109/ARES.2016.106","DOIUrl":null,"url":null,"abstract":"To support the approach of 'design-in security' taken by the SESAR Programme, the authors have iteratively developed a support tool, known as 'CTRL_S' that guides users through the security risk assessment process. Whilst these risks are mostly generic, based on prototype system architectures or extrapolations from current systems, the approach supports the development of security controls through to operations. Key aspects of the CTRL_S tool have been to support 'cross-sectional' analyses of risk assessments and to create a collaborative knowledge-based approach, whereby users may take advantage of prior risk assessments in building new ones. Future development of the tool is proposed, including alignment with SESAR's Enterprise Architecture modelling.","PeriodicalId":216417,"journal":{"name":"2016 11th International Conference on Availability, Reliability and Security (ARES)","volume":"16 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"'CTRL_S' - A Security Tool for SESAR's Design-In Security Approach\",\"authors\":\"K. Gotz, M. Hawley, C. Machin, J. Hird\",\"doi\":\"10.1109/ARES.2016.106\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"To support the approach of 'design-in security' taken by the SESAR Programme, the authors have iteratively developed a support tool, known as 'CTRL_S' that guides users through the security risk assessment process. Whilst these risks are mostly generic, based on prototype system architectures or extrapolations from current systems, the approach supports the development of security controls through to operations. Key aspects of the CTRL_S tool have been to support 'cross-sectional' analyses of risk assessments and to create a collaborative knowledge-based approach, whereby users may take advantage of prior risk assessments in building new ones. Future development of the tool is proposed, including alignment with SESAR's Enterprise Architecture modelling.\",\"PeriodicalId\":216417,\"journal\":{\"name\":\"2016 11th International Conference on Availability, Reliability and Security (ARES)\",\"volume\":\"16 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2016-08-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2016 11th International Conference on Availability, Reliability and Security (ARES)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ARES.2016.106\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 11th International Conference on Availability, Reliability and Security (ARES)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ARES.2016.106","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

为了支持SESAR计划采用的“设计内安全”方法，作者迭代开发了一个支持工具，称为“CTRL_S”，指导用户完成安全风险评估过程。虽然这些风险大多是通用的，基于原型系统架构或从当前系统推断，但该方法支持通过操作开发安全控制。CTRL_S工具的关键方面是支持风险评估的“横断面”分析，并创建一种基于知识的协作方法，用户可以利用先前的风险评估来构建新的风险评估。提出了该工具的未来发展，包括与SESAR的企业架构建模保持一致。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

'CTRL_S' - A Security Tool for SESAR's Design-In Security Approach

To support the approach of 'design-in security' taken by the SESAR Programme, the authors have iteratively developed a support tool, known as 'CTRL_S' that guides users through the security risk assessment process. Whilst these risks are mostly generic, based on prototype system architectures or extrapolations from current systems, the approach supports the development of security controls through to operations. Key aspects of the CTRL_S tool have been to support 'cross-sectional' analyses of risk assessments and to create a collaborative knowledge-based approach, whereby users may take advantage of prior risk assessments in building new ones. Future development of the tool is proposed, including alignment with SESAR's Enterprise Architecture modelling.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2016 11th International Conference on Availability, Reliability and Security (ARES)

自引率

0.00%

发文量