Biblio

Filters: Author is Mills, R. F.  [Clear All Filters]
2020-11-16
Mailloux, L. O., Span, M., Mills, R. F., Young, W..  2019.  A Top Down Approach for Eliciting Systems Security Requirements for a Notional Autonomous Space System. 2019 IEEE International Systems Conference (SysCon). :1–7.
Today's highly interconnected and technology reliant environment places great emphasis on the need for secure cyber-physical systems. This work addresses this need by detailing a top down systems security requirements analysis approach for understanding and eliciting security requirements for a notional space system. More specifically, the System-Theoretic Process Analysis approach for Security (STPA-Sec) is used to understand and elicit systems security requirements during the conceptual stage of development. This work employs STPA-Sec in a notional space system to detail the development of functional-level security requirements, design-level engineering considerations, and architectural-level security specifications early in the system life cycle when the solution trade-space is largest rather than merely examining components and adding protections during system operation, maintenance, or sustainment. Lastly, this approach employs a holistic viewpoint which aligns with the systems and software engineering processes as detailed in ISO/IEC/IEEE 152SS and NIST SP SOO-160 Volume 1. This work seeks to advance the science of systems security by providing insight into a viable systems security requirements analysis approach which results in traceable security, safety, and resiliency requirements that can be designed-for, built-to, and verified with confidence.
2018-02-02
Willis, J. M., Mills, R. F., Mailloux, L. O., Graham, S. R..  2017.  Considerations for secure and resilient satellite architectures. 2017 International Conference on Cyber Conflict (CyCon U.S.). :16–22.

Traditionally, the focus of security and ensuring confidentiality, integrity, and availability of data in spacecraft systems has been on the ground segment and the uplink/downlink components. Although these are the most obvious attack vectors, potential security risks against the satellite's platform is also a serious concern. This paper discusses a notional satellite architecture and explores security vulnerabilities using a systems-level approach. Viewing attacks through this paradigm highlights several potential attack vectors that conventional satellite security approaches fail to consider. If left undetected, these could yield physical effects limiting the satellite's mission or performance. The approach presented aids in risk analysis and gives insight into architectural design considerations which improve the system's overall resiliency.